Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZaXkO3FN0NvrUNOcTzFhQhWIc-g.roa
File: ZaXkO3FN0NvrUNOcTzFhQhWIc-g.roa (raw, json)
Hash identifier: 2sroR8oXssNJsjYWkVgfZpQ3KD3d1bzZvBXdHqVjz5c=
Subject key identifier: 65:A5:E4:3B:71:4D:D0:DB:EB:50:D3:9C:4F:31:61:42:15:88:73:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185B496515BCF90023158F242CB79EA869C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZaXkO3FN0NvrUNOcTzFhQhWIc-g.roa
Signing time: Sun 15 Jan 2023 08:40:28 +0000
ROA not before: Sun 15 Jan 2023 08:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b4:96:51:5b:cf:90:02:31:58:f2:42:cb:79:ea:86:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 15 08:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65a5e43b714dd0dbeb50d39c4f316142158873e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:02:fe:10:cc:30:f2:9f:0f:48:35:c2:63:
ec:41:2b:d4:de:8a:c5:39:7a:3c:cb:95:61:8b:bb:
a9:11:a3:7a:81:2b:61:c6:03:b5:cc:ec:b9:9f:16:
6a:65:ca:a4:61:b8:08:c3:67:c2:8f:b0:49:3d:2f:
0d:18:72:37:a0:40:a5:14:a5:61:ed:f3:45:53:bc:
34:a3:1b:40:57:4f:42:34:5d:ca:6e:c0:e4:69:ba:
4a:b7:69:dd:a9:10:31:3e:72:f8:3a:93:92:7f:3c:
76:f4:9f:89:9b:78:56:35:66:c4:f1:1c:35:07:46:
28:cd:cc:6f:7e:54:45:d4:01:ab:48:05:7e:81:21:
4b:7a:88:b9:a3:d9:c5:d2:c9:aa:35:9a:2a:ea:c5:
18:a7:39:26:f3:42:20:30:54:68:14:57:df:48:8b:
81:8e:b1:47:0a:55:7b:43:59:81:b5:ac:67:74:8e:
8e:fe:cf:0b:9e:64:b9:01:1c:9e:32:02:b1:79:1f:
76:a1:2a:3a:3a:e2:c2:85:f6:b4:55:b2:96:87:c5:
db:a6:85:5b:cb:80:42:da:5f:52:b8:e0:fc:b1:97:
cd:0d:b7:10:4c:96:4f:78:0a:34:2e:7d:2a:c9:1b:
eb:de:e4:b8:42:9c:93:45:1d:fd:8b:db:64:2d:e1:
3d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A5:E4:3B:71:4D:D0:DB:EB:50:D3:9C:4F:31:61:42:15:88:73:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZaXkO3FN0NvrUNOcTzFhQhWIc-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
193.124.9.0/24
193.124.44.0/24
193.124.201.0/24
194.87.1.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.178.0/23
194.87.182.0/24
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.56.0/24
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
195.133.195.0/24
212.192.10.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4e:4b:c6:86:17:2e:3b:0d:a6:a4:34:49:f8:58:4b:6a:fa:
4b:f1:99:a8:f5:87:8c:4f:8b:26:c7:2e:33:12:4a:02:e9:b8:
02:81:65:be:2c:77:b2:bc:30:a3:e9:73:a9:cf:a2:e6:ba:8a:
5d:16:fe:74:5d:be:77:a9:c9:dd:49:4b:b1:50:95:7d:0e:0e:
89:48:c9:86:83:46:b7:28:d1:24:ce:e2:a7:dd:d1:6c:d9:c3:
68:8e:fa:d7:6d:90:5d:34:87:a2:a3:f1:54:18:b7:33:d6:8f:
67:a3:27:6a:f1:b4:2e:f8:c9:8d:1f:ab:85:c7:2f:eb:4c:f7:
9a:41:8e:43:7c:e7:1f:d2:8f:c5:42:4e:87:28:a4:1f:34:f9:
af:f3:b1:c6:4b:90:1a:f3:7b:a0:16:bb:c0:29:0c:06:42:d4:
41:b0:8d:38:f2:ce:71:6e:21:79:5f:8b:d4:18:bb:ce:7e:55:
50:3a:cd:04:bf:79:42:60:a6:7a:6d:15:7a:4f:ed:6e:74:3c:
88:e5:b7:07:f0:7e:df:ab:c4:c2:b9:13:40:e7:ed:b8:41:d4:
68:11:59:30:30:71:cb:c7:b4:0e:fc:d6:b9:31:a1:f3:03:05:
24:bb:be:85:ca:f3:74:20:86:04:68:81:e1:29:76:fa:1c:58:
59:d4:f7:b0
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYW0llFbz5ACMVjyQst56oacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE1MDg0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE1ZTQzYjcxNGRkMGRiZWI1MGQzOWM0ZjMxNjE0MjE1ODg3M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuwC/hDMMPKfD0g1wmPsQSvU3orF
OXo8y5Vhi7upEaN6gSthxgO1zOy5nxZqZcqkYbgIw2fCj7BJPS8NGHI3oEClFKVh
7fNFU7w0oxtAV09CNF3KbsDkabpKt2ndqRAxPnL4OpOSfzx29J+Jm3hWNWbE8Rw1
B0YozcxvflRF1AGrSAV+gSFLeoi5o9nF0smqNZoq6sUYpzkm80IgMFRoFFffSIuB
jrFHClV7Q1mBtaxndI6O/s8LnmS5ARyeMgKxeR92oSo6OuLChfa0VbKWh8XbpoVb
y4BC2l9SuOD8sZfNDbcQTJZPeAo0Ln0qyRvr3uS4QpyTRR39i9tkLeE9WwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFGWl5DtxTdDb61DTnE8xYUIViHPoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWmFYa08zRk4wTnZyVU5PY1R6RmhRaFdJYy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBADB
fAMDBADBfAkDBADBfCwDBADBfMkDBADCVwEDBADCVyoDBADCV0kDBAHCV4IDBADC
V6YDBADCV6gDBADCV6wDBAHCV7IDBADCV7YDBADCV7sDBADChxIDBADChxcwDAME
AMM6IwMEAMM6JAMEAMM6MgMEAMM6OAMEAMOFAAMEAMOFHgMEAMOFIwMEAMOFwwME
ANTACgMEANTAHzANBgkqhkiG9w0BAQsFAAOCAQEAXk5LxoYXLjsNpqQ0SfhYS2r6
S/GZqPWHjE+LJscuMxJKAum4AoFlvix3srwwo+lzqc+i5rqKXRb+dF2+d6nJ3UlL
sVCVfQ4OiUjJhoNGtyjRJM7ip93RbNnDaI76122QXTSHoqPxVBi3M9aPZ6MnavG0
LvjJjR+rhccv60z3mkGOQ3znH9KPxUJOhyikHzT5r/OxxkuQGvN7oBa7wCkMBkLU
QbCNOPLOcW4heV+L1Bi7zn5VUDrNBL95QmCmem0Vek/tbnQ8iOW3B/B+36vEwrkT
QOftuEHUaBFZMDBxy8e0DvzWuTGh8wMFJLu+hcrzdCCGBGiB4Sl2+hxYWdT3sA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org