Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sWCET63xOnzl1NcuCuJTye97dy4.roa
File: sWCET63xOnzl1NcuCuJTye97dy4.roa (raw, json)
Hash identifier: ndC3vsqp3DlN4oXFZAnwDlxK9TGZxbRuku+ETmWNGrM=
Subject key identifier: B1:60:84:4F:AD:F1:3A:7C:E5:D4:D7:2E:0A:E2:53:C9:EF:7B:77:2E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186C1C4524833BE6DA7DC22A23BA6F29048
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sWCET63xOnzl1NcuCuJTye97dy4.roa
Signing time: Wed 08 Mar 2023 15:08:34 +0000
ROA not before: Wed 08 Mar 2023 15:08:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:c4:52:48:33:be:6d:a7:dc:22:a2:3b:a6:f2:90:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 8 15:08:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b160844fadf13a7ce5d4d72e0ae253c9ef7b772e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:24:68:ac:01:58:d5:ad:6f:61:03:bc:0a:b8:
75:48:73:38:0e:e9:0f:f9:ad:e7:22:9a:cc:9c:73:
fc:8c:9b:de:b1:56:6f:76:d1:e6:be:cc:24:7f:05:
6f:cc:e2:1a:2c:7e:78:fb:74:e7:87:d2:64:a0:e1:
a6:8b:c1:4b:59:c6:2a:25:1d:75:72:4d:70:90:f4:
3a:1f:52:88:45:b2:b7:80:fa:6a:9e:8a:9d:da:0a:
81:cf:a8:f4:c1:78:74:e3:a1:31:b4:81:a0:b2:64:
d4:ef:ab:ae:f8:f9:92:c3:ac:ef:69:b5:41:22:e4:
26:a9:82:e8:ee:18:32:b3:63:e4:8c:71:44:2a:cd:
1c:4d:c0:7a:53:6b:74:14:8a:1f:c9:08:21:3e:e0:
5d:fc:a9:5d:a7:7c:cb:de:2b:43:c9:60:d9:89:d7:
99:4f:cc:6f:71:4c:2e:41:83:3e:6b:da:f2:ef:ff:
43:73:c4:96:22:28:e8:32:9b:4f:ca:7e:99:b0:d8:
ae:a9:e8:31:51:ab:70:4b:18:96:88:90:29:09:8e:
57:41:35:e6:f6:9d:14:9f:57:3e:72:7a:55:fb:52:
46:2a:ab:c0:a6:40:7b:49:d7:84:11:8c:71:b7:ba:
dc:86:b3:08:07:46:18:41:27:26:dd:85:46:df:e4:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:60:84:4F:AD:F1:3A:7C:E5:D4:D7:2E:0A:E2:53:C9:EF:7B:77:2E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sWCET63xOnzl1NcuCuJTye97dy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:3d:74:2a:27:79:da:f2:72:a4:18:c4:e3:76:20:8b:4b:1a:
73:1e:be:bf:4d:07:5a:8a:1e:c5:62:eb:5c:b3:87:2c:14:1d:
39:7a:9c:ea:e6:10:59:6f:1b:18:94:4c:c0:2f:a0:45:c6:ca:
8b:c7:aa:c1:3f:e6:cf:ed:85:84:4a:5c:27:e4:dc:1c:51:70:
a5:ef:b3:f8:70:de:0b:03:fd:f7:10:f2:d1:d9:af:37:fc:12:
98:3d:e9:06:74:12:7e:f4:29:83:a5:24:db:27:92:01:2f:5f:
27:5f:62:e6:9d:2c:e5:4f:6e:c1:e4:f5:b4:b6:d6:9a:2f:f0:
9c:35:45:22:9c:84:a4:e6:b8:07:52:76:35:cc:36:ab:43:f5:
77:08:42:76:34:ff:9c:ec:7b:71:6f:49:c8:a4:45:52:d9:ed:
43:3f:18:a0:a5:3a:da:cb:2e:0d:3c:87:70:cb:d6:2e:96:c2:
69:d0:77:bd:c2:dc:10:65:4f:1e:2f:f1:63:b2:ff:51:4f:4f:
58:83:0e:05:65:f1:4f:02:50:01:d6:03:77:f9:3e:ae:16:0f:
09:a2:48:cf:c5:64:16:04:db:49:95:23:08:e2:a2:a6:08:3a:
2c:56:b8:a0:d5:f8:78:81:2c:b6:5e:3e:1a:8b:df:0b:84:9b:
24:21:41:c6
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYbBxFJIM75tp9wiojum8pBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA4MTUwODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTYwODQ0ZmFkZjEzYTdjZTVkNGQ3MmUwYWUyNTNjOWVmN2I3NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiRorAFY1a1vYQO8Crh1SHM4DukP
+a3nIprMnHP8jJvesVZvdtHmvswkfwVvzOIaLH54+3Tnh9JkoOGmi8FLWcYqJR11
ck1wkPQ6H1KIRbK3gPpqnoqd2gqBz6j0wXh046ExtIGgsmTU76uu+PmSw6zvabVB
IuQmqYLo7hgys2PkjHFEKs0cTcB6U2t0FIofyQghPuBd/Kldp3zL3itDyWDZideZ
T8xvcUwuQYM+a9ry7/9Dc8SWIijoMptPyn6ZsNiuqegxUatwSxiWiJApCY5XQTXm
9p0Un1c+cnpV+1JGKqvApkB7SdeEEYxxt7rchrMIB0YYQScm3YVG3+QctQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFLFghE+t8Tp85dTXLgriU8nve3cuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1dDRVQ2M3hPbnpsMU5jdUN1SlR5ZTk3ZHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBADA
fLYDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgMEAMJXGwME
AMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwleIAwQAwlelAwQAwlerAwQAwlfG
AwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoyMAwDBALDOjQDBAbDOgADBADDhTcDBADD
hcMDBAHUwAADBAHUwNADBADUwNMDBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQAD
ggEBAI89dConedrycqQYxON2IItLGnMevr9NB1qKHsVi61yzhywUHTl6nOrmEFlv
GxiUTMAvoEXGyovHqsE/5s/thYRKXCfk3BxRcKXvs/hw3gsD/fcQ8tHZrzf8Epg9
6QZ0En70KYOlJNsnkgEvXydfYuadLOVPbsHk9bS21pov8Jw1RSKchKTmuAdSdjXM
NqtD9XcIQnY0/5zse3FvScikRVLZ7UM/GKClOtrLLg08h3DL1i6WwmnQd73C3BBl
Tx4v8WOy/1FPT1iDDgVl8U8CUAHWA3f5Pq4WDwmiSM/FZBYE20mVIwjioqYIOixW
uKDV+HiBLLZePhqL3wuEmyQhQcY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org