Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o9ZWMNySwRAFHiUUg0SgOC-_e_E.roa
File: o9ZWMNySwRAFHiUUg0SgOC-_e_E.roa (raw, json)
Hash identifier: 8Glq/bs9qJ14aG4gPJ5XRMcSib/o0AJFSBxtinDZ11k=
Subject key identifier: A3:D6:56:30:DC:92:C1:10:05:1E:25:14:83:44:A0:38:2F:BF:7B:F1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187BD221C7F269842B5A1BE25D58A4983AD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o9ZWMNySwRAFHiUUg0SgOC-_e_E.roa
Signing time: Wed 26 Apr 2023 10:35:42 +0000
ROA not before: Wed 26 Apr 2023 10:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:22:1c:7f:26:98:42:b5:a1:be:25:d5:8a:49:83:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 26 10:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3d65630dc92c110051e25148344a0382fbf7bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4d:13:f1:8f:be:cf:fe:c2:b5:41:60:5b:43:
4b:29:bd:28:46:30:42:d8:0e:40:bd:b8:4a:76:e8:
50:32:ac:31:a1:31:5f:27:c5:ea:00:66:89:32:00:
43:e8:57:ff:b2:58:af:ab:0e:94:63:d4:71:4b:01:
2f:20:24:8b:53:d8:c3:78:91:cc:03:31:35:59:20:
91:4e:ac:f6:ee:5f:d8:89:5f:3f:20:19:a0:f8:25:
11:e2:fc:c9:23:74:98:18:14:c5:27:69:28:e9:e4:
fc:b8:d8:4d:c0:3d:10:f9:30:cd:19:d7:ee:a2:3c:
ed:73:4f:31:74:4a:9a:63:12:c8:3d:21:7a:07:29:
54:d4:d6:02:6a:d9:d8:e5:b0:67:0e:b6:8a:ff:33:
4f:8a:80:1c:15:b6:ce:4f:cf:ac:87:04:c2:80:53:
ae:3f:67:51:9e:08:b0:33:b6:84:e5:ab:d7:59:97:
e5:a2:bb:bf:2b:74:47:ea:81:13:2c:ec:50:bc:95:
57:bd:9b:bd:e4:10:f0:71:e2:be:b3:df:cd:cd:08:
aa:2b:a6:a9:30:8e:da:42:84:e9:71:38:ef:da:03:
3d:d5:e0:d5:2c:cc:7a:6b:47:8e:2a:13:89:27:8e:
79:7a:c1:eb:c2:5d:fc:06:04:dc:9c:63:10:d2:95:
8d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D6:56:30:DC:92:C1:10:05:1E:25:14:83:44:A0:38:2F:BF:7B:F1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o9ZWMNySwRAFHiUUg0SgOC-_e_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.87.76.0/24
194.87.208.0/24
194.87.221.0/24
194.87.226.0/24
194.87.231.0/24
195.133.15.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
99:74:2e:ec:4b:cb:64:ce:ab:0b:f9:56:ce:19:27:0b:aa:99:
69:c9:2b:12:db:e4:2d:37:02:ab:8e:00:e3:de:8f:8e:de:8f:
4c:6b:e1:d8:c4:aa:d3:d5:3c:4b:59:38:82:43:ab:19:4f:c9:
ee:b0:f4:7c:8d:1b:a8:29:25:4d:fe:1c:e5:a2:d9:7d:86:a6:
e2:10:17:3b:a4:db:6c:42:68:39:8f:9e:1b:dc:2f:17:23:18:
43:d0:79:71:67:7e:34:f8:fc:9b:01:12:8e:bb:8d:3a:64:c6:
92:39:00:ca:31:39:2d:bb:ad:19:60:b3:97:82:b5:94:99:24:
66:36:9d:ec:ce:2b:b4:9b:36:3c:12:47:3a:93:12:c7:80:30:
ca:81:1b:d5:d1:ee:ba:57:6e:c8:b8:e1:c0:77:53:39:2f:5c:
2d:c9:b1:35:f7:48:1f:0f:79:8a:ee:22:da:38:80:5e:73:90:
37:5d:55:7f:a0:ea:5c:fc:03:11:02:cb:e1:01:4c:e0:2e:bc:
b4:ca:4d:9a:85:73:b8:70:9a:57:8b:ab:3a:28:1c:57:f2:f5:
16:60:62:7d:ba:3f:84:55:c0:1c:ed:97:55:87:e0:32:eb:b6:
db:19:f5:b1:58:70:51:79:90:77:d6:69:64:41:02:82:91:b9:
36:65:b7:ba
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYe9Ihx/JphCtaG+JdWKSYOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI2MTAzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q2NTYzMGRjOTJjMTEwMDUxZTI1MTQ4MzQ0YTAzODJmYmY3YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU0T8Y++z/7CtUFgW0NLKb0oRjBC
2A5AvbhKduhQMqwxoTFfJ8XqAGaJMgBD6Ff/slivqw6UY9RxSwEvICSLU9jDeJHM
AzE1WSCRTqz27l/YiV8/IBmg+CUR4vzJI3SYGBTFJ2ko6eT8uNhNwD0Q+TDNGdfu
ojztc08xdEqaYxLIPSF6BylU1NYCatnY5bBnDraK/zNPioAcFbbOT8+shwTCgFOu
P2dRngiwM7aE5avXWZfloru/K3RH6oETLOxQvJVXvZu95BDwceK+s9/NzQiqK6ap
MI7aQoTpcTjv2gM91eDVLMx6a0eOKhOJJ455esHrwl38BgTcnGMQ0pWNNQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKPWVjDcksEQBR4lFINEoDgvv3vxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbzlaV01OeVN3UkFGSGlVVWcwU2dPQy1fZV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy0AwQA
wldMAwQAwlfQAwQAwlfdAwQAwlfiAwQAwlfnAwQAw4UPAwQA1MAEAwQA1MEOMA0G
CSqGSIb3DQEBCwUAA4IBAQCZdC7sS8tkzqsL+VbOGScLqplpySsS2+QtNwKrjgDj
3o+O3o9Ma+HYxKrT1TxLWTiCQ6sZT8nusPR8jRuoKSVN/hzlotl9hqbiEBc7pNts
Qmg5j54b3C8XIxhD0HlxZ340+PybARKOu406ZMaSOQDKMTktu60ZYLOXgrWUmSRm
Np3sziu0mzY8Ekc6kxLHgDDKgRvV0e66V27IuOHAd1M5L1wtybE190gfD3mK7iLa
OIBec5A3XVV/oOpc/AMRAsvhAUzgLry0yk2ahXO4cJpXi6s6KBxX8vUWYGJ9uj+E
VcAc7ZdVh+Ay67bbGfWxWHBReZB31mlkQQKCkbk2Zbe6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org