Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9ypPXrJA_kfaOWN1IkpWehGfMU.roa
File: p9ypPXrJA_kfaOWN1IkpWehGfMU.roa (raw, json)
Hash identifier: 5a/HwTQqHSEzSaRxxJLST6xdGhNcar6YRZJoQNPP9l4=
Subject key identifier: A7:DC:A9:3D:7A:C9:03:F9:1F:68:E5:8D:D4:89:29:59:E8:46:7C:C5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A1D2C267D6B89172B50B5E3DE3DC5A43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9ypPXrJA_kfaOWN1IkpWehGfMU.roa
Signing time: Thu 02 Mar 2023 10:16:29 +0000
ROA not before: Thu 02 Mar 2023 10:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.236.0/22 maxlen: 22
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 12:46:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:d2:c2:67:d6:b8:91:72:b5:0b:5e:3d:e3:dc:5a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 2 10:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7dca93d7ac903f91f68e58dd4892959e8467cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:39:c4:20:1a:c8:a1:3c:a9:a3:65:a7:85:
8e:fb:a3:d4:47:2f:09:46:30:09:a9:8f:5d:8d:74:
9e:46:08:ee:df:3b:c5:db:c1:ad:04:e2:51:79:46:
ae:9b:87:d1:a8:f5:41:7b:1e:47:3f:00:fa:a9:7d:
99:d7:42:ce:67:ca:a7:eb:d7:21:3c:38:14:db:0a:
86:c0:9b:3a:4c:5c:0d:b3:d7:0e:31:ba:ec:69:c5:
de:b1:8c:2e:65:74:2b:10:bc:76:ee:e8:81:31:16:
43:8a:b4:11:6c:88:4a:89:78:5b:77:fb:c1:60:b7:
38:b4:46:aa:7d:4b:20:2c:b5:6f:71:97:f0:3f:61:
3d:fd:6d:0f:61:b0:1b:ab:c9:58:82:27:66:dc:9f:
e2:48:26:61:30:f3:67:62:cf:a7:44:34:59:a1:52:
cc:37:78:21:81:98:fe:db:a6:84:5f:50:74:c7:df:
2a:5b:bb:1e:db:be:3c:40:98:a1:8b:5b:d8:a3:9f:
44:95:43:8e:42:11:2c:04:54:c8:9a:e8:5e:3d:91:
02:57:3d:c9:9f:f7:b8:02:5d:47:87:1e:a2:f9:09:
6f:88:c8:8c:a3:89:73:cd:db:9d:03:0b:4a:e2:6f:
34:cd:fd:07:bc:e1:38:f7:90:30:76:b3:a2:55:67:
0d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DC:A9:3D:7A:C9:03:F9:1F:68:E5:8D:D4:89:29:59:E8:46:7C:C5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9ypPXrJA_kfaOWN1IkpWehGfMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.236.0/22
192.124.182.0/24
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b8:13:2e:74:a6:20:60:c8:ea:07:9e:95:04:65:e7:31:bb:
3b:4b:b8:39:77:a7:36:7e:af:aa:17:5e:2c:10:69:11:b8:f6:
8c:d8:96:2f:87:a9:0c:f2:72:0f:1e:2c:70:eb:f9:d5:d3:e7:
76:91:ee:ed:9e:01:24:12:d7:01:76:f1:d5:a0:c9:dc:57:37:
c7:07:e3:40:cb:ed:da:dd:2d:e1:bf:7e:e1:fa:13:96:a0:8a:
c5:57:89:13:cb:2f:07:69:d9:f1:cc:fc:d3:b1:c1:2f:75:ee:
a4:c9:ce:98:aa:6c:fd:e7:c2:14:b8:6f:1f:ef:06:55:32:7b:
2f:5f:21:f9:e9:80:d7:c5:20:95:42:61:53:fa:d7:96:0d:ae:
67:a2:cc:1e:32:a5:7a:56:45:4e:3a:aa:aa:23:70:eb:48:09:
22:8c:2b:f7:bc:77:90:83:0c:68:67:6a:06:9d:b6:76:08:21:
16:99:48:95:cc:62:05:0e:01:fd:da:a2:b4:a3:89:2d:49:be:
9c:57:fa:5d:15:c2:cd:9c:25:66:66:d1:d0:f7:68:77:bc:b1:
de:46:3b:f9:e1:a5:13:10:04:2c:93:57:e0:d1:9f:8f:9a:de:
73:f7:a8:8c:b9:87:26:2e:8e:e7:36:89:68:ed:78:3b:69:dc:
9c:a4:4a:20
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYah0sJn1riRcrULXj3j3FpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAyMTAxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RjYTkzZDdhYzkwM2Y5MWY2OGU1OGRkNDg5Mjk1OWU4NDY3Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzY5xCAayKE8qaNlp4WO+6PURy8J
RjAJqY9djXSeRgju3zvF28GtBOJReUaum4fRqPVBex5HPwD6qX2Z10LOZ8qn69ch
PDgU2wqGwJs6TFwNs9cOMbrsacXesYwuZXQrELx27uiBMRZDirQRbIhKiXhbd/vB
YLc4tEaqfUsgLLVvcZfwP2E9/W0PYbAbq8lYgidm3J/iSCZhMPNnYs+nRDRZoVLM
N3ghgZj+26aEX1B0x98qW7se2748QJihi1vYo59ElUOOQhEsBFTImuhePZECVz3J
n/e4Al1Hhx6i+QlviMiMo4lzzdudAwtK4m80zf0HvOE495AwdrOiVWcNMwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFKfcqT16yQP5H2jljdSJKVnoRnzFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcDl5cFBYckpBX2tmYU9XTjFJa3BXZWhHZk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAI+
TOwDBADAfLYDBADBfAgDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAME
AMJXFgMEAMJXGwMEAMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwld+AwQAwleI
AwQBwleKAwQAwlelAwQAwlerAwQAwlfGAwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoy
MAwDBALDOjQDBAbDOgADBADDhTcDBADDhcEDBADDhcMDBAHUwAADBAHUwNADBADU
wNMDBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBAFW4Ey50piBgyOoHnpUE
ZecxuztLuDl3pzZ+r6oXXiwQaRG49ozYli+HqQzycg8eLHDr+dXT53aR7u2eASQS
1wF28dWgydxXN8cH40DL7drdLeG/fuH6E5agisVXiRPLLwdp2fHM/NOxwS917qTJ
zpiqbP3nwhS4bx/vBlUyey9fIfnpgNfFIJVCYVP615YNrmeizB4ypXpWRU46qqoj
cOtICSKMK/e8d5CDDGhnagadtnYIIRaZSJXMYgUOAf3aorSjiS1JvpxX+l0Vws2c
JWZm0dD3aHe8sd5GO/nhpRMQBCyTV+DRn4+a3nP3qIy5hyYujuc2iWjteDtp3Jyk
SiA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org