Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRlzqo3-ioPqVh7Ix7yklYMlNSc.roa
File: aRlzqo3-ioPqVh7Ix7yklYMlNSc.roa (raw, json)
Hash identifier: OziYoh/w2kgvpBAeldBFvmZJJcl6S1VA9MhKiMuqznQ=
Subject key identifier: 69:19:73:AA:8D:FE:8A:83:EA:56:1E:C8:C7:BC:A4:95:83:25:35:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018747A1BC7A608D887B63EF9386D1A6FC2C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRlzqo3-ioPqVh7Ix7yklYMlNSc.roa
Signing time: Mon 03 Apr 2023 14:59:54 +0000
ROA not before: Mon 03 Apr 2023 14:59:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:a1:bc:7a:60:8d:88:7b:63:ef:93:86:d1:a6:fc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 3 14:59:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=691973aa8dfe8a83ea561ec8c7bca49583253527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:66:5a:5d:50:0c:c3:40:2f:57:f8:01:02:bd:
fd:c1:43:36:39:f2:95:f7:71:b4:86:72:1e:85:47:
8f:c0:90:3d:96:2b:36:90:64:81:74:4a:f9:36:84:
e6:b2:39:ab:6f:dd:f7:10:b3:61:7f:17:d3:e8:c0:
6f:0e:af:cf:0f:87:ef:65:92:fb:87:43:dd:80:25:
f2:09:b5:9d:c6:ad:a7:65:1d:aa:c9:2f:a4:82:7a:
22:1f:14:f3:47:c1:fc:81:13:25:1c:f7:0a:ad:3f:
d7:92:f2:09:ab:3b:03:c0:62:ed:80:2b:fa:18:3a:
a0:5c:ce:6e:27:75:b5:79:ec:56:54:3f:98:85:55:
04:20:c6:26:51:af:33:df:6b:2e:1c:84:70:d4:f9:
b7:b1:45:ff:b3:78:1d:41:1b:ff:79:ce:4c:06:94:
02:cd:00:55:91:ee:9c:bb:38:c0:ea:48:69:f1:d3:
dc:de:dc:13:9b:a1:5d:df:b0:e2:69:90:27:73:4a:
42:b3:0d:08:bf:53:1c:ce:5d:9e:5e:f5:8b:15:27:
12:38:86:55:74:50:30:a2:0e:87:9a:24:72:11:74:
54:a0:ad:04:52:44:6c:4b:e4:0b:98:93:5c:c3:bb:
34:57:87:32:42:1e:1f:db:90:af:59:59:af:d7:6d:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:19:73:AA:8D:FE:8A:83:EA:56:1E:C8:C7:BC:A4:95:83:25:35:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRlzqo3-ioPqVh7Ix7yklYMlNSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.82.0/24
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.50.0/24
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
79:25:6b:d5:ea:d5:ec:21:6f:98:63:28:1e:f0:21:a5:54:96:
b4:0f:25:19:6c:13:29:35:e0:27:53:81:2c:0b:11:72:2c:1b:
63:25:c0:79:87:3e:80:33:b1:bd:10:69:6c:2a:98:23:67:9f:
5c:8c:ef:8c:b6:79:5c:1f:43:f8:3e:7c:f2:b1:ed:7c:dc:21:
bf:11:f8:2c:6b:5e:7c:b6:dd:b9:6b:c8:5c:63:a1:fc:0b:21:
1c:1d:d1:01:4c:51:c9:9f:e1:a8:7a:07:86:56:a3:96:65:6c:
8d:a1:e1:bd:61:1e:6b:c9:b5:89:47:33:b0:56:9a:d7:d3:c0:
5c:b3:ce:9e:87:bd:05:81:02:2c:a4:e2:4a:1f:43:a5:0a:d8:
6d:ee:9c:2b:ad:2b:c3:44:58:2c:cb:00:1e:fe:26:79:fa:62:
b5:5b:7b:00:5e:a8:60:a0:d6:49:8a:fc:83:f1:b3:61:d7:2e:
27:7f:82:96:36:32:c2:05:a6:b7:53:be:e8:a2:84:08:e0:e4:
3c:37:aa:d1:f6:39:57:05:0c:cb:17:bb:c1:10:03:3f:c0:09:
df:21:60:e1:fc:90:a2:11:ba:a0:33:c0:68:4c:16:84:61:a9:
c5:8c:97:74:dd:de:a1:6f:5c:2a:18:f9:b7:08:c8:9b:ef:81:
e2:4b:36:8b
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYdHobx6YI2Ie2Pvk4bRpvwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDAzMTQ1OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTE5NzNhYThkZmU4YTgzZWE1NjFlYzhjN2JjYTQ5NTgzMjUzNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWZaXVAMw0AvV/gBAr39wUM2OfKV
93G0hnIehUePwJA9lis2kGSBdEr5NoTmsjmrb933ELNhfxfT6MBvDq/PD4fvZZL7
h0PdgCXyCbWdxq2nZR2qyS+kgnoiHxTzR8H8gRMlHPcKrT/XkvIJqzsDwGLtgCv6
GDqgXM5uJ3W1eexWVD+YhVUEIMYmUa8z32suHIRw1Pm3sUX/s3gdQRv/ec5MBpQC
zQBVke6cuzjA6khp8dPc3twTm6Fd37DiaZAnc0pCsw0Iv1Mczl2eXvWLFScSOIZV
dFAwog6HmiRyEXRUoK0EUkRsS+QLmJNcw7s0V4cyQh4f25CvWVmv123HFQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFGkZc6qN/oqD6lYeyMe8pJWDJTUnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYVJsenFvMy1pb1BxVmg3SXg3eWtsWU1sTlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBADB
fMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXGwMEAMJXUgMEAMJXdgMEAMJXiAME
AMJXpQMEAMJXqwMEAMJXxgMEAcJX0AMEAcJX3gMEAMM6MgMEA8M6OAMEAMOFNwME
AMOFwwMEAdTAAAMEAdTA0AMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOCAQEA
eSVr1erV7CFvmGMoHvAhpVSWtA8lGWwTKTXgJ1OBLAsRciwbYyXAeYc+gDOxvRBp
bCqYI2efXIzvjLZ5XB9D+D588rHtfNwhvxH4LGtefLbduWvIXGOh/AshHB3RAUxR
yZ/hqHoHhlajlmVsjaHhvWEea8m1iUczsFaa19PAXLPOnoe9BYECLKTiSh9DpQrY
be6cK60rw0RYLMsAHv4mefpitVt7AF6oYKDWSYr8g/GzYdcuJ3+CljYywgWmt1O+
6KKECODkPDeq0fY5VwUMyxe7wRADP8AJ3yFg4fyQohG6oDPAaEwWhGGpxYyXdN3e
oW9cKhj5twjIm++B4ks2iw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org