Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_z-Z5fDPCJ0D72udpKS8oljQDCA.roa
File: _z-Z5fDPCJ0D72udpKS8oljQDCA.roa (raw, json)
Hash identifier: wAD3mYeNuMVv5Z6CAkTKbCr+NNZoZapbkt5rT6enehg=
Subject key identifier: FF:3F:99:E5:F0:CF:08:9D:03:EF:6B:9D:A4:A4:BC:A2:58:D0:0C:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A7FF6FDF5E48D01DB81BF9C80D1A1EF7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_z-Z5fDPCJ0D72udpKS8oljQDCA.roa
Signing time: Fri 03 Mar 2023 15:03:00 +0000
ROA not before: Fri 03 Mar 2023 15:03:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:ff:6f:df:5e:48:d0:1d:b8:1b:f9:c8:0d:1a:1e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 3 15:03:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff3f99e5f0cf089d03ef6b9da4a4bca258d00c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:0b:b6:f8:7c:5a:e9:e5:78:7a:22:bb:ca:
10:f9:b1:91:4c:b1:6e:c7:76:21:86:85:91:9d:4d:
2a:d3:40:d3:05:5a:e1:c9:0f:a3:75:c6:55:ce:cf:
3d:46:b5:20:68:87:d5:01:81:b2:fa:37:28:e0:34:
3f:6c:2a:66:57:39:7a:05:43:d9:00:94:ab:60:fd:
31:3a:ae:01:b3:a1:c8:e8:33:b9:b3:b6:e1:48:4a:
6a:7d:bd:a0:73:f3:f8:92:ec:d8:6a:0c:40:db:2f:
3a:42:6e:d5:53:de:45:2b:82:5a:a2:71:e0:8c:4a:
f3:c8:46:0f:ee:8e:f6:be:5f:36:5d:75:14:f6:87:
3f:be:17:bf:9e:e0:43:11:bf:1c:79:f7:a2:4a:70:
bc:25:65:85:92:80:81:af:e2:42:ea:a9:0d:9f:9b:
e9:4b:7d:92:e2:f9:9f:be:fa:d5:c0:09:b0:1b:67:
47:b7:4a:e6:5e:7a:12:a9:ff:aa:b9:f1:15:ab:7a:
9c:7e:34:9d:c0:45:5c:50:78:21:b7:88:9b:27:96:
16:83:f0:e4:88:18:cf:8a:e1:c9:ac:b9:14:15:95:
cf:2d:f8:a7:1b:4b:be:14:d8:3a:fa:0f:92:25:22:
ae:d9:49:9f:a1:a8:73:9d:dd:2f:d3:b9:2f:3f:01:
72:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3F:99:E5:F0:CF:08:9D:03:EF:6B:9D:A4:A4:BC:A2:58:D0:0C:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_z-Z5fDPCJ0D72udpKS8oljQDCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.41.0/24
193.124.47.0/24
193.124.205.0/24
194.58.43.0/24
194.58.46.0/24
194.58.155.0/24
194.87.30.0/24
194.87.64.0/24
194.87.108.0/24
194.87.161.0/24
194.87.163.0/24
194.87.207.0/24
195.133.12.0/24
212.192.7.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
34:99:c1:c1:5d:d7:9c:96:88:bb:cf:62:1d:56:c7:6f:e8:ca:
57:e8:dd:49:09:ab:08:70:6b:0a:25:1d:f6:3e:3c:3b:93:00:
ef:f3:cd:93:c5:f7:54:76:e5:7d:d4:91:c6:12:c4:14:df:56:
fd:4c:74:20:4c:9f:c3:57:04:78:7e:e4:56:94:7b:58:81:8e:
1b:53:5d:fa:2c:8e:9e:6e:d8:d5:95:cd:5f:19:2c:30:44:4a:
65:f4:15:40:a2:24:d5:46:37:a7:be:76:43:c5:d0:df:fa:05:
e9:08:aa:0a:c9:c2:51:41:f7:da:f6:c5:e4:5b:98:a0:b9:84:
88:3c:c9:7a:ac:74:c8:86:1c:87:56:eb:36:8c:84:6f:9b:a2:
ae:b1:52:f6:49:fc:7a:51:94:10:90:7b:49:f7:b0:82:7a:b7:
b0:47:49:de:3f:f1:16:0c:cf:ee:42:76:1f:c0:b2:11:60:29:
c6:54:3d:62:d2:66:c8:7e:12:da:36:7b:7c:91:a7:00:dd:f9:
65:4e:5d:d0:18:14:8b:55:84:2b:a3:ac:a9:60:d1:2d:bc:f5:
f8:2f:a0:af:0a:ee:12:65:6c:6c:32:2c:a0:ed:f0:a3:9b:6e:
82:61:db:90:4a:ab:d1:66:0b:f7:1f:02:ac:e8:b4:f0:b7:c9:
2b:cf:b7:0a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYan/2/fXkjQHbgb+cgNGh73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAzMTUwMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNmOTllNWYwY2YwODlkMDNlZjZiOWRhNGE0YmNhMjU4ZDAwYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2gLtvh8WunleHoiu8oQ+bGRTLFu
x3YhhoWRnU0q00DTBVrhyQ+jdcZVzs89RrUgaIfVAYGy+jco4DQ/bCpmVzl6BUPZ
AJSrYP0xOq4Bs6HI6DO5s7bhSEpqfb2gc/P4kuzYagxA2y86Qm7VU95FK4JaonHg
jErzyEYP7o72vl82XXUU9oc/vhe/nuBDEb8cefeiSnC8JWWFkoCBr+JC6qkNn5vp
S32S4vmfvvrVwAmwG2dHt0rmXnoSqf+qufEVq3qcfjSdwEVcUHght4ibJ5YWg/Dk
iBjPiuHJrLkUFZXPLfinG0u+FNg6+g+SJSKu2Umfoahznd0v07kvPwFyuwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFP8/meXwzwidA+9rnaSkvKJY0AwgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX3otWjVmRFBDSjBENzJ1ZHBLUzhvbGpRRENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAwXwSAwQA
wXwpAwQAwXwvAwQAwXzNAwQAwjorAwQAwjouAwQAwjqbAwQAwlceAwQAwldAAwQA
wldsAwQAwlehAwQAwlejAwQAwlfPAwQAw4UMAwQA1MAHAwQA1MAeMA0GCSqGSIb3
DQEBCwUAA4IBAQA0mcHBXdecloi7z2IdVsdv6MpX6N1JCasIcGsKJR32Pjw7kwDv
882TxfdUduV91JHGEsQU31b9THQgTJ/DVwR4fuRWlHtYgY4bU136LI6ebtjVlc1f
GSwwREpl9BVAoiTVRjenvnZDxdDf+gXpCKoKycJRQffa9sXkW5iguYSIPMl6rHTI
hhyHVus2jIRvm6KusVL2Sfx6UZQQkHtJ97CCerewR0neP/EWDM/uQnYfwLIRYCnG
VD1i0mbIfhLaNnt8kacA3fllTl3QGBSLVYQro6ypYNEtvPX4L6CvCu4SZWxsMiyg
7fCjm26CYduQSqvRZgv3HwKs6LTwt8krz7cK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org