Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p0j9GB5XaBSrQgFInjPU70UQgLc.roa
File: p0j9GB5XaBSrQgFInjPU70UQgLc.roa (raw, json)
Hash identifier: Q0bQB9twUDkqggXnvyT5lAJJoUcQWsGeUB2oNW9HKko=
Subject key identifier: A7:48:FD:18:1E:57:68:14:AB:42:01:48:9E:33:D4:EF:45:10:80:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01892922C19683AAD644F640981C2321D3FD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p0j9GB5XaBSrQgFInjPU70UQgLc.roa
Signing time: Thu 06 Jul 2023 02:58:10 +0000
ROA not before: Thu 06 Jul 2023 02:58:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.129.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:29:22:c1:96:83:aa:d6:44:f6:40:98:1c:23:21:d3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 6 02:58:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a748fd181e576814ab4201489e33d4ef451080b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3e:9a:07:9f:ec:fe:b7:75:31:98:25:38:06:
77:67:6a:16:c8:a2:2f:fc:3e:4a:00:47:20:22:ed:
2c:07:a9:c0:ff:a4:3c:3e:59:ce:d1:d2:ce:0e:46:
7f:0e:ca:78:52:c3:eb:f1:89:07:47:b7:2a:2f:0b:
d6:81:30:ce:da:9f:f9:22:d5:21:13:31:ee:df:ee:
5b:7a:78:1d:48:9b:56:06:cf:fe:2a:5c:33:12:80:
c7:d3:1c:00:c6:c9:11:88:e1:b4:ee:c4:11:22:f4:
82:de:d4:c7:ef:84:b0:e5:01:2b:d3:bd:16:86:39:
50:56:81:1b:9f:7d:66:e4:6f:b0:70:7b:a3:2f:7a:
75:5b:ae:76:e1:5b:a7:3d:9c:76:9b:49:f3:a0:80:
dd:cb:a3:f1:4b:9b:cd:f3:17:f8:dd:28:b5:f0:7d:
11:9c:b3:7e:0b:22:2d:56:7b:73:68:ca:b5:9e:ce:
fd:3a:04:ca:74:c5:8a:d0:ca:58:07:04:02:72:69:
8b:b1:30:de:a6:51:c5:4b:84:cc:a0:84:1a:f0:ef:
81:fa:0d:7d:99:8d:99:ba:0f:73:de:b5:79:6b:d2:
35:c7:b4:db:e8:68:45:58:e7:70:28:ec:c9:9d:05:
06:56:c5:69:c5:c8:c1:c5:16:b7:a9:f3:ff:b7:e1:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:48:FD:18:1E:57:68:14:AB:42:01:48:9E:33:D4:EF:45:10:80:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p0j9GB5XaBSrQgFInjPU70UQgLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.51.0-194.87.52.255
194.87.54.0/24
194.87.81.0/24
194.87.114.0/24
194.87.121.0/24
194.87.129.0/24
194.87.178.0/24
195.58.35.0/24
195.133.14.0/24
195.133.79.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:91:e2:68:d6:d5:73:94:b1:9f:fe:74:ce:06:ac:ec:58:1a:
be:8d:43:72:ef:90:04:f4:2b:e7:06:9c:a3:12:6b:7f:87:54:
a0:5f:1a:b3:39:3c:29:7a:86:a8:9b:3d:ae:f9:82:a1:0f:72:
1a:b4:04:5a:d9:67:c8:62:c6:4d:2b:6a:54:67:54:fe:3c:3c:
b3:f9:0d:19:d4:af:c0:8d:a5:db:d6:f5:52:29:7e:5d:99:e1:
96:39:2a:d6:e1:d9:ac:60:69:98:6e:fe:a9:5c:5c:4d:5e:4a:
3c:12:5f:16:a9:8c:24:0a:e6:70:28:77:ea:37:8b:0c:e7:2a:
fa:87:6a:4d:a8:d1:40:41:5a:c7:04:c6:d4:12:82:b0:c7:fc:
ab:57:8e:25:85:4b:42:77:37:61:12:dd:66:2e:16:14:b7:08:
69:57:bf:30:fe:03:6b:58:13:07:da:8d:d3:26:fe:c4:3a:51:
29:cc:2e:a7:8f:49:20:07:65:34:00:2b:77:7f:fa:62:90:83:
62:7a:69:6a:30:5f:5a:88:d5:6c:26:13:8c:57:62:07:e7:ba:
64:2e:80:17:33:f0:a0:4a:4f:ec:bd:28:cf:7e:78:6c:20:54:
8a:15:9f:2f:45:f3:eb:7c:9e:5a:1b:fd:9a:b8:b8:4b:9e:2e:
77:24:48:bb
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYkpIsGWg6rWRPZAmBwjIdP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA2MDI1ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQ4ZmQxODFlNTc2ODE0YWI0MjAxNDg5ZTMzZDRlZjQ1MTA4MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz6aB5/s/rd1MZglOAZ3Z2oWyKIv
/D5KAEcgIu0sB6nA/6Q8PlnO0dLODkZ/Dsp4UsPr8YkHR7cqLwvWgTDO2p/5ItUh
EzHu3+5bengdSJtWBs/+KlwzEoDH0xwAxskRiOG07sQRIvSC3tTH74Sw5QEr070W
hjlQVoEbn31m5G+wcHujL3p1W6524VunPZx2m0nzoIDdy6PxS5vN8xf43Si18H0R
nLN+CyItVntzaMq1ns79OgTKdMWK0MpYBwQCcmmLsTDeplHFS4TMoIQa8O+B+g19
mY2Zug9z3rV5a9I1x7Tb6GhFWOdwKOzJnQUGVsVpxcjBxRa3qfP/t+EoBwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKdI/RgeV2gUq0IBSJ4z1O9FEIC3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcDBqOUdCNVhhQlNyUWdGSW5qUFU3MFVRZ0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAwXwFMAwD
BADCVzMDBADCVzQDBADCVzYDBADCV1EDBADCV3IDBADCV3kDBADCV4EDBADCV7ID
BADDOiMDBADDhQ4DBADDhU8DBADUwQwwDQYJKoZIhvcNAQELBQADggEBADyR4mjW
1XOUsZ/+dM4GrOxYGr6NQ3LvkAT0K+cGnKMSa3+HVKBfGrM5PCl6hqibPa75gqEP
chq0BFrZZ8hixk0ralRnVP48PLP5DRnUr8CNpdvW9VIpfl2Z4ZY5Ktbh2axgaZhu
/qlcXE1eSjwSXxapjCQK5nAod+o3iwznKvqHak2o0UBBWscExtQSgrDH/KtXjiWF
S0J3N2ES3WYuFhS3CGlXvzD+A2tYEwfajdMm/sQ6USnMLqePSSAHZTQAK3d/+mKQ
g2J6aWowX1qI1WwmE4xXYgfnumQugBcz8KBKT+y9KM9+eGwgVIoVny9F8+t8nlob
/Zq4uEueLnckSLs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:11 2023 by rpki-client on console-fra.rpki-client.org