Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa
File: k93B-31RelPvoEiZZzvcElPatC8.roa (raw, json)
Hash identifier: il/UEUDhxQkLVHhMyr06h9ARUujbTnOjzfhSjpUEKPc=
Subject key identifier: 93:DD:C1:FB:7D:51:7A:53:EF:A0:48:99:67:3B:DC:12:53:DA:B4:2F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A9864B0C5B651429B7C1C893EC4DC74C3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa
Signing time: Fri 15 Sep 2023 10:30:50 +0000
ROA not before: Fri 15 Sep 2023 10:30:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 62.76.230.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
212.192.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:64:b0:c5:b6:51:42:9b:7c:1c:89:3e:c4:dc:74:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 15 10:30:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93ddc1fb7d517a53efa04899673bdc1253dab42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3d:fe:9f:0d:6d:1b:65:ff:c8:db:48:ea:69:
a6:43:37:de:95:61:66:7e:15:97:f7:45:d2:c5:7f:
44:5d:b7:94:26:9f:19:09:7d:2e:5c:a3:df:c9:d8:
8d:29:48:5c:bc:39:9a:e5:e7:c1:94:25:71:32:36:
7c:b5:12:5c:ea:37:76:40:d3:b4:24:9e:04:32:0b:
0a:6c:9e:07:8e:13:f9:64:13:0a:99:ec:de:29:4e:
da:51:f6:bd:3e:ac:79:08:71:ea:0d:52:63:d1:d3:
81:3b:5e:ac:f4:3f:ac:ac:91:3a:91:6f:15:21:bd:
93:69:bb:ea:4f:ae:a4:ee:84:5b:fb:c1:3e:15:42:
a3:ab:b6:ca:21:a1:ed:bc:48:1b:6b:da:c5:7f:70:
f1:54:df:71:cd:12:0b:70:fa:83:70:93:f9:60:c6:
9d:71:cf:24:25:2e:aa:3e:04:c1:84:ed:da:b0:69:
20:07:98:35:48:90:14:ae:57:60:45:f5:8e:c0:22:
c6:7f:33:e7:db:ad:99:e0:1f:07:0c:12:8a:54:66:
d9:03:4c:1d:c3:fb:33:89:bf:80:4d:3a:a9:6f:c7:
6f:b4:cf:f5:af:20:56:51:58:ec:37:18:c8:a0:34:
95:ca:7a:58:1b:03:a6:b6:76:48:7d:4d:bb:83:50:
df:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DD:C1:FB:7D:51:7A:53:EF:A0:48:99:67:3B:DC:12:53:DA:B4:2F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.58.41.0/24
194.87.140.0/23
194.87.228.0/24
194.135.30.0/24
195.133.81.0/24
195.133.194.0/24
212.192.244.0/24
212.192.255.0/24
Signature Algorithm: sha256WithRSAEncryption
19:cd:9f:24:da:ca:2f:c8:8e:95:66:2f:10:1b:fc:3e:d2:9d:
b2:b4:ee:62:ad:3c:cb:d6:13:94:2d:7a:aa:2e:52:bc:b0:9d:
de:27:c1:72:ff:9f:58:cb:76:fd:5e:e8:15:19:67:0a:79:b9:
3b:a3:b1:56:3e:c3:c7:c3:a6:b1:4f:76:83:22:40:ce:9f:4c:
80:20:c9:02:99:7a:29:05:e6:05:e3:c1:a1:d1:b6:84:dc:6b:
51:64:a6:b7:b0:e3:fb:ba:13:69:f3:db:3d:40:5c:0b:2e:42:
80:11:53:0e:c9:a8:eb:42:bd:e3:4f:21:c2:27:bb:b9:8b:e2:
bd:03:83:66:94:67:ea:bf:50:72:2d:2e:57:e4:49:f1:01:a9:
21:a8:e5:d8:29:46:1d:af:e1:c3:ba:d5:44:21:fe:d9:16:0b:
5a:f5:e1:d6:c7:38:50:d7:57:fd:ff:12:b3:b3:ae:10:9d:99:
2a:0d:24:fe:8b:f5:65:d3:f7:d0:73:5b:31:b9:34:f6:68:1e:
24:b2:47:17:ab:61:08:84:ad:53:d3:54:2d:02:8f:44:8a:db:
d4:7d:81:85:4a:60:b8:e0:71:a7:33:29:6f:f1:1d:09:f9:6c:
a3:fa:00:eb:ec:2e:30:e6:73:6f:d5:fe:5b:e2:ea:f5:28:34:
8a:0b:7d:a2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYqYZLDFtlFCm3wciT7E3HTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE1MTAzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RkYzFmYjdkNTE3YTUzZWZhMDQ4OTk2NzNiZGMxMjUzZGFiNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT3+nw1tG2X/yNtI6mmmQzfelWFm
fhWX90XSxX9EXbeUJp8ZCX0uXKPfydiNKUhcvDma5efBlCVxMjZ8tRJc6jd2QNO0
JJ4EMgsKbJ4HjhP5ZBMKmezeKU7aUfa9Pqx5CHHqDVJj0dOBO16s9D+srJE6kW8V
Ib2TabvqT66k7oRb+8E+FUKjq7bKIaHtvEgba9rFf3DxVN9xzRILcPqDcJP5YMad
cc8kJS6qPgTBhO3asGkgB5g1SJAUrldgRfWOwCLGfzPn262Z4B8HDBKKVGbZA0wd
w/szib+ATTqpb8dvtM/1ryBWUVjsNxjIoDSVynpYGwOmtnZIfU27g1DfhwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJPdwft9UXpT76BImWc73BJT2rQvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazkzQi0zMVJlbFB2b0VpWlp6dmNFbFBhdEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkzmAwQA
wjopAwQBwleMAwQAwlfkAwQAwoceAwQAw4VRAwQAw4XCAwQA1MD0AwQA1MD/MA0G
CSqGSIb3DQEBCwUAA4IBAQAZzZ8k2sovyI6VZi8QG/w+0p2ytO5irTzL1hOULXqq
LlK8sJ3eJ8Fy/59Yy3b9XugVGWcKebk7o7FWPsPHw6axT3aDIkDOn0yAIMkCmXop
BeYF48Gh0baE3GtRZKa3sOP7uhNp89s9QFwLLkKAEVMOyajrQr3jTyHCJ7u5i+K9
A4NmlGfqv1ByLS5X5EnxAakhqOXYKUYdr+HDutVEIf7ZFgta9eHWxzhQ11f9/xKz
s64QnZkqDST+i/Vl0/fQc1sxuTT2aB4kskcXq2EIhK1T01QtAo9EitvUfYGFSmC4
4HGnMylv8R0J+Wyj+gDr7C4w5nNv1f5b4ur1KDSKC32i
-----END CERTIFICATE-----
Generated at Sun Sep 17 08:45:54 2023 by rpki-client on console-fra.rpki-client.org