Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jZlYUipcBw8eYhJmt8iBEeMIHTI.roa
File: jZlYUipcBw8eYhJmt8iBEeMIHTI.roa (raw, json)
Hash identifier: rKMm3ypC2fEHJz3gccTFFVRQOVwR7RzZTyN1PbZbMmo=
Subject key identifier: 8D:99:58:52:2A:5C:07:0F:1E:62:12:66:B7:C8:81:11:E3:08:1D:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185BA0DC156AA1C8E88DF6CC7DCAD97ED0A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jZlYUipcBw8eYhJmt8iBEeMIHTI.roa
Signing time: Mon 16 Jan 2023 10:09:01 +0000
ROA not before: Mon 16 Jan 2023 10:09:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 193.124.226.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
194.87.226.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
212.192.16.0/21 maxlen: 24
194.87.61.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:0d:c1:56:aa:1c:8e:88:df:6c:c7:dc:ad:97:ed:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 16 10:09:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d9958522a5c070f1e621266b7c88111e3081d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8d:4f:94:f5:72:82:b4:25:06:3c:46:c5:6e:
1e:12:5c:df:ab:31:af:57:b7:f7:61:f7:86:99:fb:
e6:24:f0:4f:15:97:38:9e:65:ee:76:49:54:1d:10:
e8:8e:fe:a6:e1:65:ad:51:7c:98:80:0d:78:ba:c7:
fa:c6:c2:42:2d:89:e6:26:27:25:5e:19:11:1c:29:
27:87:d4:6a:8f:8f:8d:fe:66:2a:31:56:f0:26:93:
4f:a2:b5:40:e0:e9:14:7f:0a:ae:ca:15:d5:cc:ba:
b9:4f:cd:3b:fb:f1:07:27:34:4b:05:7d:bf:cb:a7:
81:de:56:82:1b:a9:28:66:72:93:d2:55:a0:06:ba:
a8:09:71:a9:74:01:6c:24:0f:a8:ca:f7:67:90:d9:
9f:2d:73:10:fc:f2:1a:35:db:32:ac:98:bb:73:00:
d6:f2:70:30:b2:be:3e:90:17:8d:94:d3:99:5a:5a:
80:b4:52:c6:58:ee:e3:5b:19:b7:cb:73:e5:20:79:
e3:80:17:1a:c8:41:79:ca:69:76:f2:7b:be:95:b9:
ce:dc:1c:a5:0d:9f:a5:bb:53:e9:dc:14:b7:13:0d:
4c:e1:6d:4b:22:7d:53:29:6d:a1:63:01:18:6f:70:
36:29:b5:ca:ff:5a:89:0f:0e:d4:d7:60:06:2f:2d:
67:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:99:58:52:2A:5C:07:0F:1E:62:12:66:B7:C8:81:11:E3:08:1D:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jZlYUipcBw8eYhJmt8iBEeMIHTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.49.0/24
193.124.224.0-193.124.226.255
194.87.41.0/24
194.87.61.0/24
194.87.192.0/22
194.87.226.0/24
194.135.46.0/24
195.133.22.0/24
212.192.16.0/21
Signature Algorithm: sha256WithRSAEncryption
42:d2:b2:1d:55:9b:12:18:d3:54:c3:01:15:3b:fc:34:04:c5:
73:d4:2d:0c:43:23:b0:38:1d:6b:c4:83:41:38:a7:5c:96:cf:
a3:73:0d:04:50:58:8f:c2:c7:56:64:ea:c3:6c:1d:7c:68:15:
be:8d:6f:c8:7a:16:d3:0b:fd:ef:b9:c3:5b:47:73:63:dc:74:
50:d2:37:0d:b6:59:c2:21:2a:cd:b4:34:8f:e4:c6:55:7c:c6:
3b:ba:2a:26:1f:f6:c8:99:51:ad:95:53:a3:88:54:c0:b9:02:
be:fd:85:4a:e0:ad:25:a2:6e:5f:49:78:78:5f:90:6a:be:41:
e7:fc:47:f9:41:94:72:88:a1:6d:1e:9c:c7:3c:24:49:8d:f4:
b9:6e:35:71:70:c9:4c:aa:ee:e0:fc:bc:c1:4e:c8:b8:26:12:
ad:dd:17:57:00:97:7c:f8:14:ed:b3:c0:3c:bd:47:65:05:bd:
77:79:81:3a:f1:f9:2d:0c:4c:12:07:62:88:33:c6:4a:6d:2f:
b5:b7:9a:bf:49:af:f6:61:2d:ad:45:a8:ac:92:ec:ac:da:5f:
3f:c0:54:69:9d:fa:54:7b:a3:25:9a:4a:65:f8:36:a4:da:1b:
49:10:93:86:0e:c0:44:d4:72:6f:93:76:95:ad:80:7e:0e:0e:
ed:07:b3:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYW6DcFWqhyOiN9sx9ytl+0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MTAwOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk5NTg1MjJhNWMwNzBmMWU2MjEyNjZiN2M4ODExMWUzMDgxZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI1PlPVygrQlBjxGxW4eElzfqzGv
V7f3YfeGmfvmJPBPFZc4nmXudklUHRDojv6m4WWtUXyYgA14usf6xsJCLYnmJicl
XhkRHCknh9Rqj4+N/mYqMVbwJpNPorVA4OkUfwquyhXVzLq5T807+/EHJzRLBX2/
y6eB3laCG6koZnKT0lWgBrqoCXGpdAFsJA+oyvdnkNmfLXMQ/PIaNdsyrJi7cwDW
8nAwsr4+kBeNlNOZWlqAtFLGWO7jWxm3y3PlIHnjgBcayEF5yml28nu+lbnO3Byl
DZ+lu1Pp3BS3Ew1M4W1LIn1TKW2hYwEYb3A2KbXK/1qJDw7U12AGLy1nJwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFI2ZWFIqXAcPHmISZrfIgRHjCB0yMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvalpsWVVpcGNCdzhlWWhKbXQ4aUJFZU1JSFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAwXwxMAwD
BAXBfOADBADBfOIDBADCVykDBADCVz0DBALCV8ADBADCV+IDBADChy4DBADDhRYD
BAPUwBAwDQYJKoZIhvcNAQELBQADggEBAELSsh1VmxIY01TDARU7/DQExXPULQxD
I7A4HWvEg0E4p1yWz6NzDQRQWI/Cx1Zk6sNsHXxoFb6Nb8h6FtML/e+5w1tHc2Pc
dFDSNw22WcIhKs20NI/kxlV8xju6KiYf9siZUa2VU6OIVMC5Ar79hUrgrSWibl9J
eHhfkGq+Qef8R/lBlHKIoW0enMc8JEmN9LluNXFwyUyq7uD8vMFOyLgmEq3dF1cA
l3z4FO2zwDy9R2UFvXd5gTrx+S0MTBIHYogzxkptL7W3mr9Jr/ZhLa1FqKyS7Kza
Xz/AVGmd+lR7oyWaSmX4NqTaG0kQk4YOwETUcm+TdpWtgH4ODu0Hs9w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:04 2023 by rpki-client on console-ams.rpki-client.org