Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Y8t-fRR0FicbfWeHLbUXNmKYEQ.roa
File: _Y8t-fRR0FicbfWeHLbUXNmKYEQ.roa (raw, json)
Hash identifier: KtRpeE/4muCmuGfkhQa8O5/6b1b0Y1PPSBU+v3AFPSU=
Subject key identifier: FD:8F:2D:F9:F4:51:D0:58:9C:6D:F5:9E:1C:B6:D4:5C:D9:8A:60:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187426BD0C800018A5332FC03E55CEAF9B3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Y8t-fRR0FicbfWeHLbUXNmKYEQ.roa
Signing time: Sun 02 Apr 2023 14:42:54 +0000
ROA not before: Sun 02 Apr 2023 14:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:6b:d0:c8:00:01:8a:53:32:fc:03:e5:5c:ea:f9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 2 14:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd8f2df9f451d0589c6df59e1cb6d45cd98a6044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bc:1c:d2:41:cd:45:44:a7:7f:e5:88:64:66:
1c:ca:22:05:ba:ef:b8:17:ee:e6:dc:43:7e:ae:be:
cb:82:8b:38:53:0b:43:2d:5b:52:c8:8f:f4:2e:d6:
9c:02:4a:a6:28:4f:71:71:8d:2d:f9:3f:c4:d8:d1:
9a:90:55:2c:26:ec:83:5d:df:fb:aa:56:23:4d:db:
df:4e:03:cd:62:73:56:61:4a:11:1e:c6:d9:78:24:
48:8c:e6:59:15:80:31:e0:bc:36:d6:3f:8b:fb:74:
a9:b8:5e:83:84:b1:42:95:73:fc:7c:76:37:ea:3f:
b1:00:44:74:37:ff:b3:ef:03:e1:ed:d1:01:8a:03:
94:6f:2c:6d:7a:47:ee:06:47:91:ea:2e:b5:29:85:
ce:c0:39:38:76:a5:67:b1:aa:04:38:63:3d:f2:5f:
ba:88:c7:9d:b9:1b:ca:d3:51:28:41:38:90:da:79:
72:3c:cd:24:e8:0f:35:74:df:c2:1b:fb:a1:17:40:
76:99:35:c7:0f:5e:33:2d:e7:bc:fc:57:c1:24:00:
a2:be:86:71:51:7f:4f:78:e4:bb:4b:37:a1:cf:31:
d9:2a:dc:19:d1:1c:4b:72:f0:fd:c6:38:bf:b2:09:
ca:db:ac:c8:53:9a:bf:13:99:4d:ad:5a:f5:a7:06:
47:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8F:2D:F9:F4:51:D0:58:9C:6D:F5:9E:1C:B6:D4:5C:D9:8A:60:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_Y8t-fRR0FicbfWeHLbUXNmKYEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.82.0/24
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.50.0/24
195.58.56.0/21
195.133.40.0/22
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:91:c4:ff:6b:5d:b2:5a:85:e2:e2:7b:2a:96:28:64:06:6a:
2d:9e:73:1f:75:df:cc:06:8c:78:4a:0f:76:05:f9:f1:2d:a6:
1e:d8:4d:16:54:3d:1d:41:4f:cc:f0:d3:8c:ed:02:76:b7:fa:
cb:b9:ad:88:91:27:3b:46:74:a4:97:3b:bd:c7:e5:9a:81:5e:
dd:95:85:ef:04:9a:e8:ad:6f:fb:ef:85:68:50:e3:13:19:aa:
ac:2e:82:0f:1e:1f:a1:16:83:c3:02:0d:6f:85:fc:a4:af:d2:
f4:1e:4e:95:c5:af:c9:cc:9c:58:69:65:e7:3c:99:44:33:3e:
f0:e1:65:78:09:b1:2a:5d:e4:49:92:fe:fa:23:cd:ce:62:f9:
98:be:81:9d:57:f7:35:66:a2:3d:7e:59:a0:e1:98:18:47:b9:
c7:92:bf:6e:f7:c9:55:4a:bf:1f:a4:a2:3a:19:1b:72:d2:b2:
6a:61:d5:cf:17:9e:ab:ce:c2:3d:0b:89:27:bd:40:39:8d:c8:
9f:41:ab:dd:e9:a9:d1:3c:fa:d0:c1:77:ea:7c:5e:ec:66:5d:
67:f6:88:bf:62:b3:d9:e0:28:b7:35:99:60:6d:7d:bf:58:16:
31:a0:e7:58:a2:1a:b8:05:56:41:2d:de:33:92:e3:ba:44:b8:
94:d3:ca:c0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYdCa9DIAAGKUzL8A+Vc6vmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDAyMTQ0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhmMmRmOWY0NTFkMDU4OWM2ZGY1OWUxY2I2ZDQ1Y2Q5OGE2MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLwc0kHNRUSnf+WIZGYcyiIFuu+4
F+7m3EN+rr7Lgos4UwtDLVtSyI/0LtacAkqmKE9xcY0t+T/E2NGakFUsJuyDXd/7
qlYjTdvfTgPNYnNWYUoRHsbZeCRIjOZZFYAx4Lw21j+L+3SpuF6DhLFClXP8fHY3
6j+xAER0N/+z7wPh7dEBigOUbyxtekfuBkeR6i61KYXOwDk4dqVnsaoEOGM98l+6
iMeduRvK01EoQTiQ2nlyPM0k6A81dN/CG/uhF0B2mTXHD14zLee8/FfBJACivoZx
UX9PeOS7SzehzzHZKtwZ0RxLcvD9xji/sgnK26zIU5q/E5lNrVr1pwZHvwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFP2PLfn0UdBYnG31nhy21FzZimBEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX1k4dC1mUlIwRmljYmZXZUhMYlVYTm1LWUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBADB
fIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXGwMEAMJXUgMEAMJXdgME
AMJXiAMEAMJXpQMEAMJXqwMEAMJXxgMEAcJX0AMEAcJX3gMEAMM6MgMEA8M6OAME
AsOFKAMEAMOFNwMEAMOFwwMEAdTAAAMEAdTA0AMEANTBAAMEANTBDDANBgkqhkiG
9w0BAQsFAAOCAQEAa5HE/2tdslqF4uJ7KpYoZAZqLZ5zH3XfzAaMeEoPdgX58S2m
HthNFlQ9HUFPzPDTjO0Cdrf6y7mtiJEnO0Z0pJc7vcflmoFe3ZWF7wSa6K1v+++F
aFDjExmqrC6CDx4foRaDwwINb4X8pK/S9B5OlcWvycycWGll5zyZRDM+8OFleAmx
Kl3kSZL++iPNzmL5mL6BnVf3NWaiPX5ZoOGYGEe5x5K/bvfJVUq/H6SiOhkbctKy
amHVzxeeq87CPQuJJ71AOY3In0Gr3emp0Tz60MF36nxe7GZdZ/aIv2Kz2eAotzWZ
YG19v1gWMaDnWKIauAVWQS3eM5LjukS4lNPKwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org