Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/skiiK1qJ-QIvYTwfDPNeoMDSSc8.roa
File: skiiK1qJ-QIvYTwfDPNeoMDSSc8.roa (raw, json)
Hash identifier: C8ZF8j+lVCZUOaNNyh0I1UDe45R+nMKqEDxxAwhzrec=
Subject key identifier: B2:48:A2:2B:5A:89:F9:02:2F:61:3C:1F:0C:F3:5E:A0:C0:D2:49:CF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187EA66B620E57A6F1031E34DB55B11D2C8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/skiiK1qJ-QIvYTwfDPNeoMDSSc8.roa
Signing time: Fri 05 May 2023 05:33:32 +0000
ROA not before: Fri 05 May 2023 05:33:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:66:b6:20:e5:7a:6f:10:31:e3:4d:b5:5b:11:d2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 5 05:33:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b248a22b5a89f9022f613c1f0cf35ea0c0d249cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:b1:79:c6:34:a2:2a:f8:48:46:1c:bd:fb:
1f:44:66:8d:ac:67:c1:f7:1d:93:0e:06:ce:72:cf:
b3:6d:18:a1:33:bc:98:52:4d:18:64:fe:f7:df:dd:
38:45:27:d7:30:48:d0:71:ec:b1:af:fd:2a:6a:64:
bb:b9:bf:2e:13:6e:58:cd:4c:8c:fc:3a:db:78:cf:
25:98:75:24:c0:9f:09:45:70:fb:bc:f6:3d:ff:a9:
9f:66:7b:b7:73:e0:4b:e1:9c:f1:b1:7d:69:d1:f4:
17:35:18:70:c3:77:cd:cf:2f:59:8e:23:cd:4f:78:
d0:63:7f:b6:d3:92:af:12:56:cf:2a:81:6a:b6:35:
10:ff:54:78:43:04:b5:61:32:11:fc:5c:37:6f:31:
14:23:6b:de:62:81:63:e0:3d:45:bf:7a:a7:d8:86:
f5:2f:41:a0:bd:31:67:77:9c:1c:88:0c:5c:12:b2:
86:f9:15:a5:03:8c:5e:e9:df:70:aa:da:12:11:04:
be:2e:9f:a6:1d:f8:fc:93:0f:65:0f:84:8b:d0:1c:
51:0f:4d:1c:be:eb:54:eb:d7:6d:31:e8:2c:ad:dc:
13:84:45:2a:f2:42:77:49:7c:75:16:ba:8e:bb:0f:
6c:cd:81:ca:e0:80:31:46:32:7e:5e:24:23:89:5c:
85:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:48:A2:2B:5A:89:F9:02:2F:61:3C:1F:0C:F3:5E:A0:C0:D2:49:CF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/skiiK1qJ-QIvYTwfDPNeoMDSSc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
195.58.50.0/24
195.133.75.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ae:31:9c:4b:0c:65:78:1f:4c:63:ec:32:a7:61:a2:a9:0c:
ea:f4:52:db:05:ab:c6:62:8a:1d:24:41:a8:57:07:5b:62:bc:
7e:49:95:d2:d3:fe:30:f0:59:84:18:32:7e:78:e7:d8:67:65:
7f:60:47:21:d4:6d:49:e1:36:e9:fb:63:e7:a1:ff:18:c0:95:
a6:2f:61:df:4c:c8:e1:ac:e2:09:50:a3:16:90:4e:4c:93:d4:
ed:18:e4:99:6b:8e:7c:45:42:c0:6c:2a:23:85:af:c6:ed:4a:
e5:e7:bb:d7:33:f0:1e:fe:24:89:1a:8f:f5:06:15:07:a5:be:
e8:08:f5:ba:68:e0:22:6e:bc:97:05:bf:6c:c0:a7:75:43:62:
f0:2c:29:bf:c3:34:b1:13:71:a2:2e:19:3a:a9:cd:c2:bc:a0:
64:8d:18:43:07:24:57:d6:88:00:63:ac:10:cb:8a:38:10:b0:
8d:f9:28:d2:98:62:0c:7a:47:77:4c:eb:db:9e:82:92:f5:6e:
51:e1:75:34:08:ac:35:ff:f8:da:d8:db:c3:16:17:f6:e9:60:
55:1d:3e:ee:a0:fe:de:14:5e:12:9b:04:b0:78:88:fa:37:97:
d1:b8:43:ed:54:66:0d:53:e9:61:13:71:79:ee:e2:49:1d:85:
e0:de:4b:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYfqZrYg5XpvEDHjTbVbEdLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTA1MDUzMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQ4YTIyYjVhODlmOTAyMmY2MTNjMWYwY2YzNWVhMGMwZDI0OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowSxecY0oir4SEYcvfsfRGaNrGfB
9x2TDgbOcs+zbRihM7yYUk0YZP733904RSfXMEjQceyxr/0qamS7ub8uE25YzUyM
/DrbeM8lmHUkwJ8JRXD7vPY9/6mfZnu3c+BL4ZzxsX1p0fQXNRhww3fNzy9ZjiPN
T3jQY3+205KvElbPKoFqtjUQ/1R4QwS1YTIR/Fw3bzEUI2veYoFj4D1Fv3qn2Ib1
L0GgvTFnd5wciAxcErKG+RWlA4xe6d9wqtoSEQS+Lp+mHfj8kw9lD4SL0BxRD00c
vutU69dtMegsrdwThEUq8kJ3SXx1FrqOuw9szYHK4IAxRjJ+XiQjiVyF3wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLJIoitaifkCL2E8HwzzXqDA0knPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc2tpaUsxcUotUUl2WVR3ZkRQTmVvTURTU2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwhAwQA
wlcjAwQAwlc+AwQAwle/AwQAwlfbAwQAwlf8AwQAwzoyAwQAw4VLAwQA1MAJMA0G
CSqGSIb3DQEBCwUAA4IBAQBDrjGcSwxleB9MY+wyp2GiqQzq9FLbBavGYoodJEGo
VwdbYrx+SZXS0/4w8FmEGDJ+eOfYZ2V/YEch1G1J4Tbp+2Pnof8YwJWmL2HfTMjh
rOIJUKMWkE5Mk9TtGOSZa458RULAbCojha/G7Url57vXM/Ae/iSJGo/1BhUHpb7o
CPW6aOAibryXBb9swKd1Q2LwLCm/wzSxE3GiLhk6qc3CvKBkjRhDByRX1ogAY6wQ
y4o4ELCN+SjSmGIMekd3TOvbnoKS9W5R4XU0CKw1//ja2NvDFhf26WBVHT7uoP7e
FF4SmwSweIj6N5fRuEPtVGYNU+lhE3F57uJJHYXg3ktv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org