Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bZvh0004AJE8a1CZWEZ_wKNEwnw.roa
File: bZvh0004AJE8a1CZWEZ_wKNEwnw.roa (raw, json)
Hash identifier: xTZR85OHDoYNTcDq60/MKWPRaoUs4OiMoGOHLCWL9Xk=
Subject key identifier: 6D:9B:E1:D3:4D:38:00:91:3C:6B:50:99:58:46:7F:C0:A3:44:C2:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A60141AA00E4C7A26846C096DEF4F8E28
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bZvh0004AJE8a1CZWEZ_wKNEwnw.roa
Signing time: Mon 04 Sep 2023 12:04:04 +0000
ROA not before: Mon 04 Sep 2023 12:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.25.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:14:1a:a0:0e:4c:7a:26:84:6c:09:6d:ef:4f:8e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d9be1d34d3800913c6b509958467fc0a344c27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4a:48:75:3f:d9:51:73:66:bf:d0:ba:c7:ee:
5b:ea:0e:c2:10:22:db:4c:bf:1d:38:2f:fb:49:11:
78:89:6b:42:3c:77:5c:c5:7e:fd:9e:56:58:a4:86:
e6:10:44:c5:d7:27:c8:e8:38:e7:49:60:04:db:d9:
17:a7:e7:fa:b3:7b:32:cf:b1:b3:14:14:da:02:fa:
40:2b:81:7b:0c:5d:4e:44:16:d4:e6:f0:d0:eb:b1:
2d:fa:7b:d4:2e:bf:1c:f6:dd:c8:94:ae:a9:29:1e:
90:0f:af:67:d9:c3:1f:71:41:82:23:37:bf:78:8e:
b3:55:d5:0c:25:af:a0:e7:d2:6c:9d:c2:0e:1c:42:
85:40:1b:95:29:39:53:37:96:3f:07:53:f7:45:b3:
5e:2b:68:b8:96:d2:78:b9:38:f7:a3:54:85:81:32:
8e:ec:26:05:57:13:c2:15:b3:f1:49:de:6b:3d:d6:
4c:28:3e:bb:3d:02:5d:9c:a8:cb:59:53:a2:19:24:
94:a3:77:62:78:e6:5a:01:39:27:7e:4a:fe:f0:c7:
45:06:2a:af:6f:17:87:91:77:a9:43:45:63:1e:6f:
93:da:2c:f4:53:a5:32:85:36:27:e7:ed:e5:07:c3:
59:5c:77:bb:c1:0d:de:61:4c:48:31:f0:46:0e:28:
52:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9B:E1:D3:4D:38:00:91:3C:6B:50:99:58:46:7F:C0:A3:44:C2:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bZvh0004AJE8a1CZWEZ_wKNEwnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.87.25.0/24
194.87.51.0/24
194.87.54.0/23
195.58.35.0/24
195.58.38.0/24
195.133.14.0/24
Signature Algorithm: sha256WithRSAEncryption
21:43:4c:5a:45:31:bc:69:5b:af:f3:e7:4e:f4:90:90:3e:58:
ea:a7:a3:72:20:45:fd:07:1c:c8:64:a0:ca:6a:c0:0e:ac:98:
cf:6b:de:1b:7c:98:55:67:c3:37:fe:15:5a:a4:ed:1b:ce:77:
3d:4a:a9:be:7d:4d:5c:5a:54:09:51:56:f5:1a:20:81:83:de:
34:ea:50:10:a8:0c:21:9c:4b:ac:e8:d7:e3:74:64:75:7e:b5:
26:53:1b:a5:e6:d7:7d:75:d3:e4:3f:dc:24:60:e6:ff:4a:8e:
4f:12:37:62:4e:57:fe:8f:9f:63:7a:c5:45:05:39:73:fd:08:
bb:7c:ac:77:8e:cb:7f:44:19:98:f4:ee:35:9e:07:26:d4:08:
11:3a:5b:36:e5:93:a5:b2:82:45:45:9b:67:f2:48:6c:b4:ca:
b5:1d:0a:c1:3a:e7:62:0e:6e:64:47:bd:9b:fb:43:f7:d1:91:
27:b7:fb:8d:86:4b:63:49:1a:a4:d8:24:dd:b8:e0:91:0b:8d:
f5:e7:70:b2:2c:78:c8:23:36:36:0f:f9:65:e0:4b:13:b7:bc:
ba:6c:4f:6a:48:d1:ce:f5:12:0e:d6:f9:97:9b:e1:4b:b7:f6:
06:65:92:79:12:cc:41:84:cd:ef:f8:01:af:6e:6e:87:71:2c:
54:b4:66:dd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpgFBqgDkx6JoRsCW3vT44oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDliZTFkMzRkMzgwMDkxM2M2YjUwOTk1ODQ2N2ZjMGEzNDRjMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkpIdT/ZUXNmv9C6x+5b6g7CECLb
TL8dOC/7SRF4iWtCPHdcxX79nlZYpIbmEETF1yfI6DjnSWAE29kXp+f6s3syz7Gz
FBTaAvpAK4F7DF1ORBbU5vDQ67Et+nvULr8c9t3IlK6pKR6QD69n2cMfcUGCIze/
eI6zVdUMJa+g59JsncIOHEKFQBuVKTlTN5Y/B1P3RbNeK2i4ltJ4uTj3o1SFgTKO
7CYFVxPCFbPxSd5rPdZMKD67PQJdnKjLWVOiGSSUo3dieOZaATknfkr+8MdFBiqv
bxeHkXepQ0VjHm+T2iz0U6UyhTYn5+3lB8NZXHe7wQ3eYUxIMfBGDihSBwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG2b4dNNOACRPGtQmVhGf8CjRMJ8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYlp2aDAwMDRBSkU4YTFDWldFWl93S05Fd253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwjosAwQA
wlcZAwQAwlczAwQBwlc2AwQAwzojAwQAwzomAwQAw4UOMA0GCSqGSIb3DQEBCwUA
A4IBAQAhQ0xaRTG8aVuv8+dO9JCQPljqp6NyIEX9BxzIZKDKasAOrJjPa94bfJhV
Z8M3/hVapO0bznc9Sqm+fU1cWlQJUVb1GiCBg9406lAQqAwhnEus6NfjdGR1frUm
Uxul5td9ddPkP9wkYOb/So5PEjdiTlf+j59jesVFBTlz/Qi7fKx3jst/RBmY9O41
ngcm1AgROls25ZOlsoJFRZtn8khstMq1HQrBOudiDm5kR72b+0P30ZEnt/uNhktj
SRqk2CTduOCRC43153CyLHjIIzY2D/ll4EsTt7y6bE9qSNHO9RIO1vmXm+FLt/YG
ZZJ5EsxBhM3v+AGvbm6HcSxUtGbd
-----END CERTIFICATE-----
Generated at Thu Sep 7 11:39:42 2023 by rpki-client on console-ams.rpki-client.org