Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dD1sUPUuchizkMBZ52d0-1Lcx6Y.roa
File: dD1sUPUuchizkMBZ52d0-1Lcx6Y.roa (raw, json)
Hash identifier: zptqSymzcX+QhDxCT94mlTH2KE/h/QWkcgqyQBa51pA=
Subject key identifier: 74:3D:6C:50:F5:2E:72:18:B3:90:C0:59:E7:67:74:FB:52:DC:C7:A6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018794A916C52B445C03F93DA512BEF84219
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dD1sUPUuchizkMBZ52d0-1Lcx6Y.roa
Signing time: Tue 18 Apr 2023 13:58:41 +0000
ROA not before: Tue 18 Apr 2023 13:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:a9:16:c5:2b:44:5c:03:f9:3d:a5:12:be:f8:42:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 18 13:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=743d6c50f52e7218b390c059e76774fb52dcc7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5e:70:de:da:a9:a2:88:d9:4b:83:ee:fb:b8:
2c:bd:52:1c:32:d3:53:eb:a2:49:cd:bc:9c:67:2c:
e4:fb:32:bb:a9:d6:0c:b1:89:d4:e6:97:d2:1c:74:
a4:f4:15:8e:cd:16:3b:0b:5e:de:12:c4:fd:fc:e5:
cd:c5:34:1d:f7:88:be:5f:ff:cd:71:7b:00:f2:d0:
3b:34:24:d3:9d:b9:ed:c2:f9:99:fe:1e:d3:82:1a:
97:53:0f:01:19:f7:79:d4:90:7a:c4:a3:a7:ce:ef:
7c:c8:45:9a:ba:83:ad:c2:ef:19:b8:61:9f:42:4e:
f9:52:92:4d:73:e6:3c:72:4b:40:90:72:e2:18:3a:
d9:13:30:d2:d3:7a:ce:8a:13:91:f8:e9:e0:12:06:
9f:3f:0f:ba:31:e8:5d:86:91:5e:1f:5c:ec:b7:b8:
b1:1e:67:39:04:f8:51:1a:e2:69:8b:6d:82:07:73:
e3:be:b9:0f:8c:bf:40:ea:ac:21:97:13:70:01:aa:
55:6f:3f:4d:78:9b:76:d0:7e:4b:5d:12:96:38:b4:
5f:55:48:b6:c2:07:56:7b:bc:cc:79:d6:4a:48:65:
73:63:35:9c:0f:22:9c:a9:66:29:a7:42:5f:7f:be:
2c:f1:8b:ec:0d:6b:bb:79:57:08:ed:e2:a1:5e:f5:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3D:6C:50:F5:2E:72:18:B3:90:C0:59:E7:67:74:FB:52:DC:C7:A6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dD1sUPUuchizkMBZ52d0-1Lcx6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.82.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
195.58.50.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:58:b7:c8:6f:42:b5:4b:13:ac:50:c7:d0:be:00:11:7b:5c:
3b:75:ea:1c:da:30:5e:66:c7:11:e4:68:b2:8a:53:a4:47:98:
d6:89:20:96:a4:31:28:8b:14:7b:1f:33:93:b7:8b:7a:7e:85:
0e:20:b3:01:54:a8:d4:bd:10:92:db:96:a3:c6:56:5a:d2:f8:
20:41:b1:30:a9:96:de:6c:c1:77:28:f4:7e:4f:12:4b:23:bc:
a3:3a:f1:d6:f6:1a:9c:d8:e9:4f:71:67:19:83:6c:3b:59:bc:
d3:46:2c:35:1d:03:60:dd:2b:2c:d6:51:76:d0:cc:a6:4c:7b:
2d:8d:91:3b:d6:6e:74:70:53:1b:25:78:9a:b8:03:ef:ae:2a:
61:af:9e:ab:e6:5e:92:7d:c1:52:30:0e:68:a9:bc:cb:33:5c:
a7:0a:81:d3:c9:3c:b4:b0:03:58:5c:b4:8e:96:39:b9:5d:25:
d2:86:39:c5:7f:83:cd:59:98:c0:73:85:76:7c:e6:0a:61:5d:
d2:d9:81:b8:f9:0a:59:d6:0f:ec:56:56:c8:a1:f7:0e:42:1f:
41:29:45:fb:fa:30:25:e4:ff:fe:39:3b:92:f0:f7:ba:4a:19:
af:61:48:c7:d6:52:b8:f8:dd:6c:af:3d:08:57:89:a6:93:03:
10:3d:dd:b4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeUqRbFK0RcA/k9pRK++EIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDE4MTM1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNkNmM1MGY1MmU3MjE4YjM5MGMwNTllNzY3NzRmYjUyZGNjN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV5w3tqpoojZS4Pu+7gsvVIcMtNT
66JJzbycZyzk+zK7qdYMsYnU5pfSHHSk9BWOzRY7C17eEsT9/OXNxTQd94i+X//N
cXsA8tA7NCTTnbntwvmZ/h7TghqXUw8BGfd51JB6xKOnzu98yEWauoOtwu8ZuGGf
Qk75UpJNc+Y8cktAkHLiGDrZEzDS03rOihOR+OngEgafPw+6MehdhpFeH1zst7ix
Hmc5BPhRGuJpi22CB3PjvrkPjL9A6qwhlxNwAapVbz9NeJt20H5LXRKWOLRfVUi2
wgdWe7zMedZKSGVzYzWcDyKcqWYpp0Jff74s8YvsDWu7eVcI7eKhXvVpFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHQ9bFD1LnIYs5DAWedndPtS3MemMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZEQxc1VQVXVjaGl6a01CWjUyZDAtMUxjeDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwhAwQA
wlcjAwQAwlc+AwQAwldSAwQAwle/AwQAwlfbAwQAwlf8AwQAwzoyAwQAw4VLMA0G
CSqGSIb3DQEBCwUAA4IBAQAaWLfIb0K1SxOsUMfQvgARe1w7deoc2jBeZscR5Giy
ilOkR5jWiSCWpDEoixR7HzOTt4t6foUOILMBVKjUvRCS25ajxlZa0vggQbEwqZbe
bMF3KPR+TxJLI7yjOvHW9hqc2OlPcWcZg2w7WbzTRiw1HQNg3Sss1lF20MymTHst
jZE71m50cFMbJXiauAPvriphr56r5l6SfcFSMA5oqbzLM1ynCoHTyTy0sANYXLSO
ljm5XSXShjnFf4PNWZjAc4V2fOYKYV3S2YG4+QpZ1g/sVlbIofcOQh9BKUX7+jAl
5P/+OTuS8Pe6ShmvYUjH1lK4+N1srz0IV4mmkwMQPd20
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:08 2023 by rpki-client on console-fra.rpki-client.org