Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jo0DBtaCW8wLgunbWjrXQw8mYh4.roa
File: jo0DBtaCW8wLgunbWjrXQw8mYh4.roa (raw, json)
Hash identifier: /Ug+lv0ET8X3FEG4hHPnpGW3hAEVjTwJQQUim6/OOCY=
Subject key identifier: 8E:8D:03:06:D6:82:5B:CC:0B:82:E9:DB:5A:3A:D7:43:0F:26:62:1E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CAB2290D7B077907A58B0E8D7F0DB42E2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jo0DBtaCW8wLgunbWjrXQw8mYh4.roa
Signing time: Wed 27 Dec 2023 11:56:58 +0000
ROA not before: Wed 27 Dec 2023 11:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:22:90:d7:b0:77:90:7a:58:b0:e8:d7:f0:db:42:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 27 11:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e8d0306d6825bcc0b82e9db5a3ad7430f26621e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c7:47:ce:07:b6:11:e9:d3:32:7a:04:33:36:
57:33:7a:9a:20:03:3a:12:cf:55:2d:4a:bd:c4:0d:
ee:75:ee:7d:51:4d:85:c3:96:0a:12:5a:91:51:da:
1a:0e:58:cc:64:93:bf:6c:89:d7:5d:75:40:ca:6f:
fc:cb:3d:c2:4d:3d:31:88:36:97:bd:23:b6:ca:32:
fb:4f:07:93:36:e6:b5:fe:48:7b:e9:bc:f2:41:4a:
21:2e:c5:54:c2:2b:41:8a:cf:c1:c0:56:4b:42:9e:
e4:ed:c4:62:b2:43:60:4c:34:52:5a:a5:e4:b0:98:
69:a0:ad:f6:5d:41:ef:ea:60:9e:dc:d0:14:53:56:
9a:d0:51:9d:97:bb:9c:9e:28:42:57:83:26:b1:8b:
63:0c:57:4f:f4:07:f1:39:66:d2:20:81:dc:2d:38:
f8:5e:a0:8f:a6:1d:f2:59:dd:48:03:19:a9:06:93:
72:ce:85:a4:59:58:b3:47:02:ea:26:ad:64:2d:e7:
8d:9f:39:8d:1d:8d:6b:e4:db:7a:bd:cf:33:f9:ac:
27:54:b4:1c:0e:73:f4:27:8c:c1:85:86:fb:57:39:
6e:db:f8:e7:97:af:f0:86:49:fa:1f:c4:9e:05:13:
96:73:27:0c:95:23:44:cb:b0:d5:12:db:28:a8:4e:
7d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8D:03:06:D6:82:5B:CC:0B:82:E9:DB:5A:3A:D7:43:0F:26:62:1E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jo0DBtaCW8wLgunbWjrXQw8mYh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.76.0/24
194.87.172.0/24
194.87.231.0/24
195.133.15.0/24
195.133.81.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3a:91:6c:90:47:0d:a0:bb:db:a6:67:73:bc:b4:f2:4d:84:
e7:32:55:e2:f2:73:42:f4:a1:b0:d1:0a:b1:5c:80:8b:02:43:
91:d7:27:b6:60:fd:e4:db:24:e0:bd:a1:dc:f8:62:59:55:f7:
76:61:6c:1a:02:46:28:1a:f6:45:ac:50:81:e1:b3:2a:96:17:
5b:51:8c:55:6b:8a:30:29:a3:16:cd:78:33:d8:ac:6c:3f:45:
cc:0a:4d:32:68:5e:9d:cf:4b:56:54:8e:ba:c0:25:37:d6:c6:
a0:1c:00:da:d1:d7:87:75:7c:b5:55:a3:94:ea:93:e2:56:92:
44:86:54:c8:ef:8d:73:62:14:66:50:28:07:e0:7b:8f:07:ac:
fe:90:68:f5:1c:a5:3e:73:e9:53:f4:6d:d7:dd:d6:21:17:1f:
cd:37:2f:1e:f7:48:c2:00:09:cd:6f:9a:60:4f:30:0c:e8:65:
09:aa:2c:c0:1b:fa:bc:40:ad:d2:33:46:0b:62:f7:de:fd:30:
c7:48:d9:43:c8:bd:62:d3:5f:2b:11:95:4c:8d:be:35:fa:ba:
1b:b4:0e:1b:ce:10:1f:7a:cf:b1:4e:36:05:10:cd:ab:66:47:
74:d3:1a:12:75:64:d5:9d:55:ea:a3:53:0f:ce:d7:0b:91:62:
a3:9d:fd:67
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYyrIpDXsHeQeliw6Nfw20LiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI3MTE1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThkMDMwNmQ2ODI1YmNjMGI4MmU5ZGI1YTNhZDc0MzBmMjY2MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsdHzge2EenTMnoEMzZXM3qaIAM6
Es9VLUq9xA3ude59UU2Fw5YKElqRUdoaDljMZJO/bInXXXVAym/8yz3CTT0xiDaX
vSO2yjL7TweTNua1/kh76bzyQUohLsVUwitBis/BwFZLQp7k7cRiskNgTDRSWqXk
sJhpoK32XUHv6mCe3NAUU1aa0FGdl7ucnihCV4MmsYtjDFdP9AfxOWbSIIHcLTj4
XqCPph3yWd1IAxmpBpNyzoWkWVizRwLqJq1kLeeNnzmNHY1r5Nt6vc8z+awnVLQc
DnP0J4zBhYb7Vzlu2/jnl6/whkn6H8SeBROWcycMlSNEy7DVEtsoqE59nwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI6NAwbWglvMC4Lp21o610MPJmIeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvam8wREJ0YUNXOHdMZ3VuYldqclhRdzhtWWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXzKAwQA
wldMAwQAwlesAwQAwlfnAwQAw4UPAwQAw4VRAwQA1MENMA0GCSqGSIb3DQEBCwUA
A4IBAQAfOpFskEcNoLvbpmdzvLTyTYTnMlXi8nNC9KGw0QqxXICLAkOR1ye2YP3k
2yTgvaHc+GJZVfd2YWwaAkYoGvZFrFCB4bMqlhdbUYxVa4owKaMWzXgz2KxsP0XM
Ck0yaF6dz0tWVI66wCU31sagHADa0deHdXy1VaOU6pPiVpJEhlTI741zYhRmUCgH
4HuPB6z+kGj1HKU+c+lT9G3X3dYhFx/NNy8e90jCAAnNb5pgTzAM6GUJqizAG/q8
QK3SM0YLYvfe/TDHSNlDyL1i018rEZVMjb41+robtA4bzhAfes+xTjYFEM2rZkd0
0xoSdWTVnVXqo1MPztcLkWKjnf1n
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:21 2024 by rpki-client on console-fra.rpki-client.org