Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kxjg55nkL2zidcbwHr8iH9w_314.roa
File: kxjg55nkL2zidcbwHr8iH9w_314.roa (raw, json)
Hash identifier: vxv1zRZOBGanQEDjoquOB3ra8kejveb1RjjsdHmO8WQ=
Subject key identifier: 93:18:E0:E7:99:E4:2F:6C:E2:75:C6:F0:1E:BF:22:1F:DC:3F:DF:5E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018963CB21C8FBF11CEDA8742CE46BEC3CFF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kxjg55nkL2zidcbwHr8iH9w_314.roa
Signing time: Mon 17 Jul 2023 12:20:04 +0000
ROA not before: Mon 17 Jul 2023 12:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:cb:21:c8:fb:f1:1c:ed:a8:74:2c:e4:6b:ec:3c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 17 12:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9318e0e799e42f6ce275c6f01ebf221fdc3fdf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:43:d4:cf:7d:6c:d5:18:1f:54:e4:75:ad:
6e:3e:07:31:41:0a:fb:04:99:53:c1:8c:11:46:a7:
67:a4:d7:d5:cf:87:f1:a6:82:37:e7:1b:a9:a5:d9:
fb:0f:1e:08:5c:b1:ea:ba:6c:ee:2e:54:ac:e0:30:
93:5e:52:ae:ad:f1:76:e6:4a:b5:85:c6:d4:e1:6a:
b3:cd:8a:bc:fd:bf:3a:9c:fd:ed:60:55:f5:b2:4e:
4c:72:28:be:18:96:1b:e3:fb:e1:c6:22:17:6a:74:
ad:3a:60:8f:90:17:84:ec:97:db:34:6d:53:1f:31:
c3:0f:64:e0:30:39:1c:ee:98:1d:50:ed:19:6a:1b:
8f:9e:b5:73:2d:bc:99:06:c9:03:c0:5e:29:90:57:
38:99:e1:72:39:3a:ac:46:66:65:02:e1:34:ce:19:
56:a6:1a:5a:7e:67:7e:60:ab:71:2d:07:3c:74:73:
6f:e4:dc:85:a3:45:d2:ec:00:66:82:5d:12:23:3c:
ae:e7:a8:3c:18:ab:27:1c:1e:56:0f:1e:1f:2d:ed:
86:9e:36:37:5d:b8:f9:22:0e:9e:cb:b9:6c:5d:7f:
ba:72:9f:ab:57:d9:ac:ff:9b:9e:29:27:b8:1b:cc:
cd:02:b7:a2:d5:b2:8d:a8:23:fb:a1:47:d8:53:fe:
38:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:18:E0:E7:99:E4:2F:6C:E2:75:C6:F0:1E:BF:22:1F:DC:3F:DF:5E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kxjg55nkL2zidcbwHr8iH9w_314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
193.124.90.0/24
194.58.42.0/24
194.87.76.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.15.0/24
195.133.25.0/24
195.133.27.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cc:ae:c3:48:39:af:97:f9:85:4d:3c:38:2e:d6:59:fd:5a:
14:97:3c:56:f6:48:62:a5:c2:ff:b3:c4:35:a9:6e:34:7f:d5:
df:87:2e:cc:9d:92:f7:b9:e7:f3:1a:18:21:fc:92:51:39:05:
c4:34:6f:19:e2:52:65:8a:51:ac:c5:e0:2e:2d:d3:38:08:bd:
b2:42:c6:19:e7:d1:be:4b:f6:96:f4:fa:4c:7a:8d:fb:be:5b:
b2:c2:3b:8f:74:11:72:76:45:f0:0e:37:2f:68:21:01:04:87:
62:02:cc:56:6c:1a:da:4e:13:fe:a4:03:83:da:ea:de:c4:55:
a7:0e:4a:d3:30:e8:38:39:13:6c:e2:a9:cf:25:24:62:4e:69:
2c:52:10:0c:06:51:22:d3:b3:ad:6b:f5:22:47:47:0d:70:5b:
84:24:a5:f9:7b:46:d6:2e:88:54:e0:5c:70:0a:8c:c4:4f:b1:
25:71:d9:74:71:59:50:4f:77:98:8c:c9:40:ca:c0:e2:38:e4:
9f:40:13:ed:04:3d:c7:97:ef:03:a5:90:77:88:10:15:87:ab:
88:37:ac:c3:e6:ec:a2:65:15:2e:b1:87:5b:66:fd:d0:ce:20:
58:3a:42:65:e5:e8:64:08:23:ef:c9:91:ad:ed:88:e5:1f:5b:
bd:5b:d4:65
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYljyyHI+/Ec7ah0LORr7Dz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE3MTIyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzE4ZTBlNzk5ZTQyZjZjZTI3NWM2ZjAxZWJmMjIxZmRjM2ZkZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8dD1M99bNUYH1Tkda1uPgcxQQr7
BJlTwYwRRqdnpNfVz4fxpoI35xuppdn7Dx4IXLHqumzuLlSs4DCTXlKurfF25kq1
hcbU4WqzzYq8/b86nP3tYFX1sk5Mcii+GJYb4/vhxiIXanStOmCPkBeE7JfbNG1T
HzHDD2TgMDkc7pgdUO0ZahuPnrVzLbyZBskDwF4pkFc4meFyOTqsRmZlAuE0zhlW
phpafmd+YKtxLQc8dHNv5NyFo0XS7ABmgl0SIzyu56g8GKsnHB5WDx4fLe2GnjY3
Xbj5Ig6ey7lsXX+6cp+rV9ms/5ueKSe4G8zNArei1bKNqCP7oUfYU/44XQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJMY4OeZ5C9s4nXG8B6/Ih/cP99eMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva3hqZzU1bmtMMnppZGNid0hyOGlIOXdfMzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwHy0AwQA
wXxaAwQAwjoqAwQAwldMAwQAwlesAwQAwlfQAwQAwlfiAwQAwlfnAwQAw4UPAwQA
w4UZAwQAw4UbAwQA1MAEAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQA0zK7DSDmv
l/mFTTw4LtZZ/VoUlzxW9khipcL/s8Q1qW40f9Xfhy7MnZL3uefzGhgh/JJROQXE
NG8Z4lJlilGsxeAuLdM4CL2yQsYZ59G+S/aW9PpMeo37vluywjuPdBFydkXwDjcv
aCEBBIdiAsxWbBraThP+pAOD2urexFWnDkrTMOg4ORNs4qnPJSRiTmksUhAMBlEi
07Ota/UiR0cNcFuEJKX5e0bWLohU4FxwCozET7Elcdl0cVlQT3eYjMlAysDiOOSf
QBPtBD3Hl+8DpZB3iBAVh6uIN6zD5uyiZRUusYdbZv3QziBYOkJl5ehkCCPvyZGt
7YjlH1u9W9Rl
-----END CERTIFICATE-----
Generated at Fri Aug 18 11:52:34 2023 by rpki-client on console-ams.rpki-client.org