Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aG8MP1TmXyxvJ6nYqrxia43jmK8.roa
File: aG8MP1TmXyxvJ6nYqrxia43jmK8.roa (raw, json)
Hash identifier: wQyxRYsoRZnc2ysRrSFcUR2asavGcWkTfKFO6lOOXL0=
Subject key identifier: 68:6F:0C:3F:54:E6:5F:2C:6F:27:A9:D8:AA:BC:62:6B:8D:E3:98:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01868906462E6223DFE6813F4A44D1D6B096
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aG8MP1TmXyxvJ6nYqrxia43jmK8.roa
Signing time: Sat 25 Feb 2023 14:42:15 +0000
ROA not before: Sat 25 Feb 2023 14:42:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 09:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:06:46:2e:62:23:df:e6:81:3f:4a:44:d1:d6:b0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 25 14:42:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686f0c3f54e65f2c6f27a9d8aabc626b8de398af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f6:da:41:a6:b6:10:06:4f:af:48:46:7d:cf:
ae:ee:b0:33:7b:87:d3:c1:fa:d6:c4:ec:01:a6:a8:
2b:f1:a8:97:b4:05:93:02:dc:25:00:79:47:f7:1e:
52:38:b7:a0:7a:41:d5:93:fc:54:e6:2d:7c:2d:69:
82:b3:eb:f2:10:13:b8:aa:dd:7c:5f:c8:d7:e9:d8:
15:52:80:2e:42:5b:e0:8a:c8:af:56:e3:b1:b0:88:
55:69:5e:cc:41:91:d0:8d:9f:a4:78:e0:2d:39:8b:
db:63:6f:f7:d7:9d:9e:90:59:bf:0c:b5:46:b2:52:
00:37:c6:d7:fd:ec:34:62:4b:52:98:36:a5:67:83:
76:7d:b9:b3:a5:71:74:35:ba:e4:3f:ce:b9:74:9d:
b9:10:ea:1f:63:a7:26:87:47:40:73:54:f4:e6:eb:
2b:fa:b7:c2:88:ad:5b:23:ce:5d:79:f6:7f:bb:da:
d9:74:83:74:c2:07:64:74:39:91:dc:b8:86:ae:57:
05:e0:76:e6:a5:ac:d4:d0:44:94:a3:25:dc:dc:3e:
12:3e:bf:95:4a:dd:14:dc:44:df:4b:37:20:86:f0:
16:2d:9d:f4:58:65:b4:56:2e:9f:27:93:44:03:43:
a8:19:07:bb:d2:c9:f9:a9:88:05:31:56:06:3b:07:
ae:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6F:0C:3F:54:E6:5F:2C:6F:27:A9:D8:AA:BC:62:6B:8D:E3:98:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aG8MP1TmXyxvJ6nYqrxia43jmK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
192.124.182.0/23
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.6.0/24
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.94.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.11.0-212.193.12.255
Signature Algorithm: sha256WithRSAEncryption
82:ce:93:1b:7e:2e:32:12:f8:40:18:bd:32:66:5d:c0:98:db:
f6:ab:7b:6c:c9:0e:c4:4c:9d:1f:e6:59:fa:f9:94:7e:f6:41:
9b:9e:df:cd:fb:cb:28:e9:90:fb:bd:8f:7f:25:99:1a:3a:24:
bd:ef:2c:b2:3f:16:22:06:89:29:3b:a6:3a:54:98:6f:ef:c6:
aa:58:a9:5e:c4:cb:23:59:36:7d:c5:c4:5f:bf:c3:e6:98:96:
6d:a5:e5:93:b2:b4:e4:98:6c:34:49:63:c1:1a:2a:50:da:a8:
cf:97:ee:95:98:86:9e:24:33:26:2a:6f:ce:b5:40:42:ce:ac:
77:20:27:b5:0f:35:44:08:ca:58:78:4c:f7:69:52:69:e7:2c:
e8:08:4c:b7:dd:5d:c2:21:09:44:63:87:0d:4c:9e:d7:4c:69:
52:3b:6e:fa:03:ea:26:77:c1:f4:cb:00:3b:48:dd:9b:1e:8f:
03:c5:d0:62:e3:e9:ed:36:39:f0:6b:2c:f0:07:6b:3d:90:dc:
40:da:ef:bf:90:b9:00:5c:a5:da:42:14:59:ac:80:78:84:37:
b4:b7:df:43:f2:7e:bd:94:bf:2c:ac:7f:81:d6:43:64:d3:b9:
3c:1b:a8:68:dd:00:c5:cf:96:fc:5c:35:73:d9:ad:26:04:ca:
24:d7:33:8d
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYaJBkYuYiPf5oE/SkTR1rCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI1MTQ0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZmMGMzZjU0ZTY1ZjJjNmYyN2E5ZDhhYWJjNjI2YjhkZTM5OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/baQaa2EAZPr0hGfc+u7rAze4fT
wfrWxOwBpqgr8aiXtAWTAtwlAHlH9x5SOLegekHVk/xU5i18LWmCs+vyEBO4qt18
X8jX6dgVUoAuQlvgisivVuOxsIhVaV7MQZHQjZ+keOAtOYvbY2/3152ekFm/DLVG
slIAN8bX/ew0YktSmDalZ4N2fbmzpXF0NbrkP865dJ25EOofY6cmh0dAc1T05usr
+rfCiK1bI85defZ/u9rZdIN0wgdkdDmR3LiGrlcF4HbmpazU0ESUoyXc3D4SPr+V
St0U3ETfSzcghvAWLZ30WGW0Vi6fJ5NEA0OoGQe70sn5qYgFMVYGOweumwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFGhvDD9U5l8sbyep2Kq8YmuN45ivMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYUc4TVAxVG1YeXh2SjZuWXFyeGlhNDNqbUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
wHysAwQBwHy2AwQAwXwIAwQAwXyFAwQAwXzLAwQAwjoqMAwDBADCOi0DBATCOiAD
BADCVwYDBADCVxYDBADCVxsDBADCV1IwDAMEAcJXcgMEAMJXdAMEAMJXdgMEAMJX
ewMEAMJXfgMEAMJXiAMEAcJXigMEAMJXpQMEAMJXqwMEAMJXxgMEAcJX0AMEAcJX
3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4U3AwQAw4VeAwQAw4XBAwQA
w4XDAwQB1MAAAwQB1MDQAwQA1MDTAwQA1MEAMAwDBADUwQsDBADUwQwwDQYJKoZI
hvcNAQELBQADggEBAILOkxt+LjIS+EAYvTJmXcCY2/are2zJDsRMnR/mWfr5lH72
QZue3837yyjpkPu9j38lmRo6JL3vLLI/FiIGiSk7pjpUmG/vxqpYqV7EyyNZNn3F
xF+/w+aYlm2l5ZOytOSYbDRJY8EaKlDaqM+X7pWYhp4kMyYqb861QELOrHcgJ7UP
NUQIylh4TPdpUmnnLOgITLfdXcIhCURjhw1MntdMaVI7bvoD6iZ3wfTLADtI3Zse
jwPF0GLj6e02OfBrLPAHaz2Q3EDa77+QuQBcpdpCFFmsgHiEN7S330Pyfr2Uvyys
f4HWQ2TTuTwbqGjdAMXPlvxcNXPZrSYEyiTXM40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org