Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZydJE241kqEv2jbOgXHUd0kPW7o.roa
File: ZydJE241kqEv2jbOgXHUd0kPW7o.roa (raw, json)
Hash identifier: IBExMfmYYXk3wuwwTD5Cv8djJ4pCKYHHIxNyzqkvsNo=
Subject key identifier: 67:27:49:13:6E:35:92:A1:2F:DA:36:CE:81:71:D4:77:49:0F:5B:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CD8D7C4D6FE513DF3EB8EC77F6C73DBAC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZydJE241kqEv2jbOgXHUd0kPW7o.roa
Signing time: Fri 05 Jan 2024 08:57:48 +0000
ROA not before: Fri 05 Jan 2024 08:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 212.193.12.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:d7:c4:d6:fe:51:3d:f3:eb:8e:c7:7f:6c:73:db:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 5 08:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=672749136e3592a12fda36ce8171d477490f5bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fb:1e:68:13:a7:65:0c:2b:82:a6:4f:90:37:
e3:44:7e:56:eb:6c:61:26:5b:a9:a5:1f:ba:c0:87:
f4:27:e7:ce:5a:63:36:c1:59:7a:12:15:8e:9c:ee:
33:1d:fe:9d:b8:04:37:4b:16:f0:c0:cb:34:f4:19:
c5:86:ff:36:9a:c3:d4:5e:6a:3a:fe:62:4a:20:53:
57:7f:6d:71:95:78:e4:91:53:c7:99:23:13:2c:6c:
38:9e:06:8a:9d:00:c2:17:cc:81:91:fd:55:9f:d8:
f8:20:e7:54:8c:36:c6:26:1e:1c:04:c7:80:49:0e:
23:24:d1:ed:d8:43:84:4b:d9:c0:e1:64:3e:5f:14:
a1:97:60:e1:ac:af:63:55:2e:53:29:4f:99:a5:34:
59:53:e1:56:4a:44:e2:20:c0:e0:1f:99:11:86:d0:
b5:f1:f1:cc:e0:fc:b4:ee:94:0c:c3:7e:5d:59:80:
ac:1a:13:fe:65:65:ca:c4:2c:41:8e:8d:2e:b5:5c:
2a:3a:68:09:64:59:e3:74:6b:1c:71:90:94:a7:63:
15:3f:7d:f6:1a:db:bb:ea:4b:9a:6f:f5:06:a1:78:
1c:5d:cb:f7:6a:3c:cd:8b:f1:19:5e:9f:66:69:f6:
f6:80:e7:30:bb:48:5f:77:49:b9:4e:d3:50:08:de:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:27:49:13:6E:35:92:A1:2F:DA:36:CE:81:71:D4:77:49:0F:5B:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZydJE241kqEv2jbOgXHUd0kPW7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
193.124.47.0/24
193.124.95.0/24
194.58.66.0/24
194.87.26.0/24
194.87.128.0/24
194.87.170.0/24
194.87.224.0/24
194.87.229.0/24
194.135.33.0/24
195.58.54.0/24
195.58.63.0/24
195.133.25.0/24
195.133.27.0/24
195.133.84.0/24
212.192.1.0/24
212.192.214.0/24
212.192.222.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
14:90:94:b9:c7:f2:76:6b:bb:42:ed:c8:0a:ea:8b:09:80:3e:
35:8c:14:66:6b:a9:63:b9:11:f0:63:85:6b:2e:77:cb:7a:13:
8d:0a:2b:0e:4c:72:18:cc:a0:ae:e1:aa:67:b7:2a:10:93:74:
b5:72:6e:94:4f:12:0d:25:8f:75:09:c1:c9:21:3d:87:12:63:
51:78:3f:77:ce:d7:d5:4e:c6:63:19:c2:28:01:a7:27:7a:30:
94:85:27:e1:e7:c9:10:b2:03:cc:eb:68:73:0a:57:0e:01:93:
78:09:73:21:d4:29:75:a9:a1:74:63:32:63:e5:13:c2:74:4e:
59:f9:e9:9a:31:39:1c:9c:9d:cf:63:fc:72:dd:d1:78:20:1f:
d4:39:0c:ba:00:54:90:e3:b5:c2:7c:2d:9e:97:1c:c3:83:f5:
75:01:96:a2:e5:20:5a:03:4b:d0:46:0d:e1:70:be:31:7b:dc:
c4:e0:10:81:c8:51:52:b2:f9:93:d6:78:06:91:14:1b:ff:76:
2a:7b:46:71:33:5a:ba:2e:e5:78:a5:0b:3d:a5:d5:20:b5:0d:
79:b2:01:bd:08:ae:5a:8a:d4:3a:ef:d2:c0:74:f0:07:46:2d:
fe:d2:5a:20:96:c7:ad:1a:a2:e7:bc:ba:b7:a9:92:34:e1:0b:
fd:8d:a3:09
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYzY18TW/lE98+uOx39sc9usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA1MDg1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI3NDkxMzZlMzU5MmExMmZkYTM2Y2U4MTcxZDQ3NzQ5MGY1YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/seaBOnZQwrgqZPkDfjRH5W62xh
JluppR+6wIf0J+fOWmM2wVl6EhWOnO4zHf6duAQ3SxbwwMs09BnFhv82msPUXmo6
/mJKIFNXf21xlXjkkVPHmSMTLGw4ngaKnQDCF8yBkf1Vn9j4IOdUjDbGJh4cBMeA
SQ4jJNHt2EOES9nA4WQ+XxShl2DhrK9jVS5TKU+ZpTRZU+FWSkTiIMDgH5kRhtC1
8fHM4Py07pQMw35dWYCsGhP+ZWXKxCxBjo0utVwqOmgJZFnjdGsccZCUp2MVP332
Gtu76kuab/UGoXgcXcv3ajzNi/EZXp9mafb2gOcwu0hfd0m5TtNQCN7xRwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGcnSRNuNZKhL9o2zoFx1HdJD1u6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWnlkSkUyNDFrcUV2MmpiT2dYSFVkMGtQVzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAD5M4wME
AMF8LwMEAMF8XwMEAMI6QgMEAMJXGgMEAMJXgAMEAMJXqgMEAMJX4AMEAMJX5QME
AMKHIQMEAMM6NgMEAMM6PwMEAMOFGQMEAMOFGwMEAMOFVAMEANTAAQMEANTA1gME
ANTA3gMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEAFJCUucfydmu7Qu3ICuqLCYA+
NYwUZmupY7kR8GOFay53y3oTjQorDkxyGMygruGqZ7cqEJN0tXJulE8SDSWPdQnB
ySE9hxJjUXg/d87X1U7GYxnCKAGnJ3owlIUn4efJELIDzOtocwpXDgGTeAlzIdQp
damhdGMyY+UTwnROWfnpmjE5HJydz2P8ct3ReCAf1DkMugBUkOO1wnwtnpccw4P1
dQGWouUgWgNL0EYN4XC+MXvcxOAQgchRUrL5k9Z4BpEUG/92KntGcTNaui7leKUL
PaXVILUNebIBvQiuWorUOu/SwHTwB0Yt/tJaIJbHrRqi57y6t6mSNOEL/Y2jCQ==
-----END CERTIFICATE-----
Generated at Fri Jan 5 14:17:37 2024 by rpki-client on console-ams.rpki-client.org