Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kArQND_CGbTf1pNhH4Xv0KQj8rs.roa
File: kArQND_CGbTf1pNhH4Xv0KQj8rs.roa (raw, json)
Hash identifier: sR7D8MawTVM2haoIGJoua9QqJBinUDdz9EE24gNm/gA=
Subject key identifier: 90:0A:D0:34:3F:C2:19:B4:DF:D6:93:61:1F:85:EF:D0:A4:23:F2:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018707EB3477A75773BDB9E76D38117D0E30
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kArQND_CGbTf1pNhH4Xv0KQj8rs.roa
Signing time: Wed 22 Mar 2023 06:04:27 +0000
ROA not before: Wed 22 Mar 2023 06:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 15:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:07:eb:34:77:a7:57:73:bd:b9:e7:6d:38:11:7d:0e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 22 06:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=900ad0343fc219b4dfd693611f85efd0a423f2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:0f:c9:ba:b7:56:b1:2b:18:ab:2a:3c:67:
f0:f4:80:6f:33:e6:11:35:4f:38:15:2a:a2:90:cd:
b4:c3:36:06:0e:b2:fa:b3:81:39:e9:12:76:db:55:
65:cc:5c:ad:5f:72:1d:67:00:22:6a:73:61:a5:74:
97:30:89:d7:0b:be:37:53:46:30:4c:3a:95:38:40:
5b:e7:b9:8e:9f:5e:05:28:e1:41:e5:7c:d1:dc:4c:
52:54:e1:b9:25:da:b0:c5:da:ae:98:05:27:a0:7f:
a9:21:b8:19:b3:84:a6:9e:31:21:d1:4b:9d:f8:08:
48:04:8f:d5:4c:4f:c7:9a:14:3d:a0:ee:7b:26:c6:
89:0f:65:91:46:d9:0c:c5:03:b0:d4:31:59:97:05:
70:8d:ec:86:0d:0f:aa:d0:9e:b2:a3:d8:e0:55:98:
11:c9:5e:d0:f2:2c:3d:73:fa:6d:19:4e:72:11:14:
05:07:e8:cd:cf:78:fd:1c:a5:3b:50:8b:2f:c4:31:
cc:16:af:ea:70:31:8c:fd:f2:83:18:85:26:8a:c9:
f4:71:8a:e8:e2:6a:98:3a:9c:b1:74:34:f9:91:bc:
b3:72:55:d0:d8:b4:7f:50:26:64:82:08:01:57:50:
64:66:be:9e:cf:37:1b:0d:d8:4f:9c:b3:4e:30:0d:
53:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:D0:34:3F:C2:19:B4:DF:D6:93:61:1F:85:EF:D0:A4:23:F2:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kArQND_CGbTf1pNhH4Xv0KQj8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.84.0/24
194.87.86.0/24
194.87.187.0/24
195.133.13.0/24
195.133.37.0/24
195.133.39.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f3:5a:bf:75:9b:7a:56:60:2e:a2:b9:2f:b5:f2:3a:ff:82:
1b:e7:f8:f0:1c:df:8b:8a:c6:3f:4a:de:15:35:4d:3c:3b:97:
1b:42:41:c9:a0:5e:f6:c0:43:72:b9:bb:11:07:e8:d8:66:d4:
0c:53:0b:1f:75:80:c8:0c:d3:b8:d6:77:37:65:c1:2b:d9:f6:
19:ba:33:7b:17:64:fd:2a:b2:4d:aa:75:1b:84:ab:79:a3:48:
51:18:e8:b3:82:70:c6:44:e4:88:31:ae:6b:3c:05:b9:c3:07:
ce:ab:c9:08:e0:a8:dc:30:a9:16:15:aa:83:32:1e:21:da:e2:
49:19:22:1d:10:ed:b7:c4:91:21:69:b3:93:e9:b9:38:aa:c6:
62:6f:c1:03:a5:1c:3b:83:20:a7:59:dd:f9:14:b0:de:5d:9e:
00:90:91:27:16:83:6d:27:dd:10:73:ec:59:54:28:cc:a1:96:
43:8d:e2:5c:e5:29:0a:da:81:67:c2:8b:99:10:ff:16:d9:7f:
ca:c1:a1:ae:c0:5a:7b:7c:22:4d:02:03:5c:1a:b9:6b:67:86:
e2:3f:27:4e:56:9d:80:59:75:81:04:b9:29:42:7e:8d:66:ed:
b5:80:57:4e:17:ca:fd:c2:e1:57:92:3f:86:01:d7:e8:fc:55:
19:8c:e3:11
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYcH6zR3p1dzvbnnbTgRfQ4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIyMDYwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBhZDAzNDNmYzIxOWI0ZGZkNjkzNjExZjg1ZWZkMGE0MjNmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDsPybq3VrErGKsqPGfw9IBvM+YR
NU84FSqikM20wzYGDrL6s4E56RJ221VlzFytX3IdZwAianNhpXSXMInXC743U0Yw
TDqVOEBb57mOn14FKOFB5XzR3ExSVOG5JdqwxdqumAUnoH+pIbgZs4SmnjEh0Uud
+AhIBI/VTE/HmhQ9oO57JsaJD2WRRtkMxQOw1DFZlwVwjeyGDQ+q0J6yo9jgVZgR
yV7Q8iw9c/ptGU5yERQFB+jNz3j9HKU7UIsvxDHMFq/qcDGM/fKDGIUmisn0cYro
4mqYOpyxdDT5kbyzclXQ2LR/UCZkgggBV1BkZr6ezzcbDdhPnLNOMA1TJwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJAK0DQ/whm039aTYR+F79CkI/K7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva0FyUU5EX0NHYlRmMXBOaEg0WHYwS1FqOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwHy8AwQA
wXzjAwQAwlX5AwQAwlX7AwQAwldUAwQAwldWAwQAwle7AwQAw4UNAwQAw4UlAwQA
w4UnAwQA1MDwAwQA1MEcAwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQBr81q/dZt6
VmAuorkvtfI6/4Ib5/jwHN+LisY/St4VNU08O5cbQkHJoF72wENyubsRB+jYZtQM
UwsfdYDIDNO41nc3ZcEr2fYZujN7F2T9KrJNqnUbhKt5o0hRGOizgnDGROSIMa5r
PAW5wwfOq8kI4KjcMKkWFaqDMh4h2uJJGSIdEO23xJEhabOT6bk4qsZib8EDpRw7
gyCnWd35FLDeXZ4AkJEnFoNtJ90Qc+xZVCjMoZZDjeJc5SkK2oFnwouZEP8W2X/K
waGuwFp7fCJNAgNcGrlrZ4biPydOVp2AWXWBBLkpQn6NZu21gFdOF8r9wuFXkj+G
Adfo/FUZjOMR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org