Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aDbPnSRbKp01ma0iDSWiqXrMaGE.roa
File: aDbPnSRbKp01ma0iDSWiqXrMaGE.roa (raw, json)
Hash identifier: iPT2VsVwCwcpqUNqiQzWptq3aZLM9JhsgNVZg+EFmC8=
Subject key identifier: 68:36:CF:9D:24:5B:2A:9D:35:99:AD:22:0D:25:A2:A9:7A:CC:68:61
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185E9566F84E86AB94CE98DCCB6F7AA16F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aDbPnSRbKp01ma0iDSWiqXrMaGE.roa
Signing time: Wed 25 Jan 2023 14:30:33 +0000
ROA not before: Wed 25 Jan 2023 14:30:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:56:6f:84:e8:6a:b9:4c:e9:8d:cc:b6:f7:aa:16:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 25 14:30:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6836cf9d245b2a9d3599ad220d25a2a97acc6861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ea:f6:66:e4:75:9f:9e:9f:6a:10:3c:e4:46:
0b:ed:30:33:ae:c1:b0:70:8e:71:6b:5f:fc:09:2a:
13:ad:64:61:86:23:10:88:61:28:87:1f:da:5e:9c:
d8:d4:71:cb:4d:25:f2:f6:06:e4:4c:cf:ca:3c:07:
94:75:20:06:08:94:5b:65:fc:07:e3:67:de:f2:b9:
d1:02:70:69:7c:48:77:f1:67:c2:b8:37:ef:75:19:
fd:01:e6:90:9b:77:13:a7:9c:f2:5a:5f:0e:05:0c:
38:18:04:5d:36:b7:93:9d:9a:cf:29:7b:92:86:bc:
90:4a:dd:5b:ef:27:5a:c1:80:96:25:20:ab:f4:62:
f0:c3:f2:b4:81:8a:4b:ce:1c:90:7c:bc:2a:8b:bd:
51:5a:b1:32:3d:72:ee:cb:ef:3a:84:95:22:14:7a:
19:a2:49:f5:5d:10:1a:02:7c:ea:eb:89:88:0b:de:
4e:df:14:d5:6b:30:51:d5:f1:8a:18:04:23:db:92:
07:a8:84:14:e4:ae:2c:6d:07:7b:71:28:56:22:64:
9c:df:17:ab:59:ef:d0:27:f4:41:fd:a2:36:4b:0d:
48:7f:22:21:b8:b6:2a:e8:1d:c0:22:61:19:55:b6:
16:7e:cb:bb:89:bb:0b:57:28:b5:56:ca:50:72:1a:
f2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:36:CF:9D:24:5B:2A:9D:35:99:AD:22:0D:25:A2:A9:7A:CC:68:61
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aDbPnSRbKp01ma0iDSWiqXrMaGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
192.124.190.0/24
193.124.6.0/24
193.124.8.0/24
193.124.80.0/24
193.124.133.0/24
193.124.202.0/23
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.3.0/24
194.87.6.0/23
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.165.0/24
194.87.171.0/24
194.87.176.0/24
194.87.190.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.226.0/24
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0-195.133.195.255
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:6b:04:4f:08:03:ef:7e:fa:cb:38:8f:47:9c:41:58:35:94:
7c:78:bf:bd:04:5f:13:8c:21:f7:ab:be:7e:35:33:56:f8:54:
a1:79:32:48:e0:2a:a6:ab:24:d9:3d:1e:23:b9:09:9b:a9:89:
26:4c:7e:0b:d9:db:c3:36:2d:65:e1:95:13:08:99:0d:3d:53:
ab:ed:c6:30:0b:ae:54:09:c9:b0:c1:7b:1f:da:da:45:27:6c:
fa:ab:b8:c7:9c:1f:26:e4:6a:b7:93:22:6c:d1:ab:66:95:e2:
18:00:7a:c9:14:d3:41:eb:af:25:5a:7e:15:96:05:fd:cf:b3:
31:1e:4c:1d:1f:4c:d5:04:8a:ed:2b:2d:8b:35:f8:f5:a0:c4:
ad:15:a1:5b:99:e1:54:95:37:30:6d:41:de:61:a3:9f:20:dc:
43:04:56:58:22:5f:45:0c:52:f0:67:86:4a:6c:d2:ed:2b:ca:
70:52:25:74:be:3d:0b:b8:05:f9:10:c0:51:ac:2a:64:8e:3b:
f2:12:70:cd:83:fd:35:73:23:b1:ef:03:31:68:57:8c:aa:cd:
a9:1f:cb:65:28:9c:28:f3:d7:57:a7:3d:ed:ac:d2:8e:83:1c:
4f:7d:cd:30:be:a5:93:8c:57:c3:77:ed:d4:5b:65:d6:9f:18:
08:46:eb:32
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYXpVm+E6Gq5TOmNzLb3qhbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI1MTQzMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM2Y2Y5ZDI0NWIyYTlkMzU5OWFkMjIwZDI1YTJhOTdhY2M2ODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+r2ZuR1n56fahA85EYL7TAzrsGw
cI5xa1/8CSoTrWRhhiMQiGEohx/aXpzY1HHLTSXy9gbkTM/KPAeUdSAGCJRbZfwH
42fe8rnRAnBpfEh38WfCuDfvdRn9AeaQm3cTp5zyWl8OBQw4GARdNreTnZrPKXuS
hryQSt1b7ydawYCWJSCr9GLww/K0gYpLzhyQfLwqi71RWrEyPXLuy+86hJUiFHoZ
okn1XRAaAnzq64mIC95O3xTVazBR1fGKGAQj25IHqIQU5K4sbQd7cShWImSc3xer
We/QJ/RB/aI2Sw1IfyIhuLYq6B3AImEZVbYWfsu7ibsLVyi1VspQchrylwIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFGg2z50kWyqdNZmtIg0loql6zGhhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYURiUG5TUmJLcDAxbWEwaURTV2lxWHJNYUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIB
ZgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8BgMEAMF8CAMEAMF8
UAMEAMF8hQMEAcF8ygMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwlcDAwQBwlcGMAwDBADCVwsDBADCVwwDBADCVxADBADCVxYDBALCVxgD
BADCVzgDBADCV0wDBAHCV1IDBADCV2gwDAMEAcJXcgMEAMJXdAMEAMJXdgMEAMJX
ewMEAMJXfgMEAMJXiAMEAcJXigMEAMJXlQMEAMJXpQMEAMJXqwMEAMJXsAMEAMJX
vgMEAcJXxgMEAMJXygMEAcJX0AMEAcJX3gMEAMJX4gMEAMJX6QMEAMM6MjAMAwQC
wzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VeMAwDBADDhcEDBALDhcADBAHUwAAD
BAHUwNADBADUwQADBADUwQwDBADUwQ4wDQYJKoZIhvcNAQELBQADggEBACprBE8I
A+9++ss4j0ecQVg1lHx4v70EXxOMIfervn41M1b4VKF5MkjgKqarJNk9HiO5CZup
iSZMfgvZ28M2LWXhlRMImQ09U6vtxjALrlQJybDBex/a2kUnbPqruMecHybkareT
ImzRq2aV4hgAeskU00HrryVafhWWBf3PszEeTB0fTNUEiu0rLYs1+PWgxK0VoVuZ
4VSVNzBtQd5ho58g3EMEVlgiX0UMUvBnhkps0u0rynBSJXS+PQu4BfkQwFGsKmSO
O/IScM2D/TVzI7HvAzFoV4yqzakfy2UonCjz11enPe2s0o6DHE99zTC+pZOMV8N3
7dRbZdafGAhG6zI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org