Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vz0xWbR_ClpIzawVZKcnMWpw5Cc.roa
File: vz0xWbR_ClpIzawVZKcnMWpw5Cc.roa (raw, json)
Hash identifier: 5dakfzYKl3vrgmyN/1YFZUJTHNB9tNt451Ey7yBknqc=
Subject key identifier: BF:3D:31:59:B4:7F:0A:5A:48:CD:AC:15:64:A7:27:31:6A:70:E4:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187FFEC00AD3B0EC73B19D16C1D15497EEA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vz0xWbR_ClpIzawVZKcnMWpw5Cc.roa
Signing time: Tue 09 May 2023 09:51:09 +0000
ROA not before: Tue 09 May 2023 09:51:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 195.133.76.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
195.133.91.0/24 maxlen: 24
195.133.90.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
193.124.35.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
195.133.64.0/22 maxlen: 22
194.87.255.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:ec:00:ad:3b:0e:c7:3b:19:d1:6c:1d:15:49:7e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 9 09:51:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf3d3159b47f0a5a48cdac1564a727316a70e427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:21:7d:5e:95:2b:ef:74:42:14:f6:bd:0d:3d:
9d:5a:f4:31:06:1f:8a:0e:dc:52:96:5a:b0:4b:e9:
20:9a:7a:3e:c7:2c:1a:d7:c9:38:ce:53:fb:9c:5e:
e2:1a:99:cf:8c:24:3b:ef:a8:c8:41:48:42:7d:e8:
e2:9c:c9:8e:81:89:bf:0a:b5:5c:d6:dc:bf:fd:8b:
af:42:dd:72:87:fe:12:49:3a:56:3b:36:7a:bd:3c:
76:7c:d1:fb:4d:46:1f:3c:ed:d6:ca:c6:fc:d0:9d:
90:c5:73:8b:2d:02:83:bd:de:0e:4a:92:17:be:d1:
79:1e:2d:c2:ed:84:f6:1f:fb:99:7a:0f:bc:36:0b:
bf:66:b7:4c:01:40:54:41:31:0d:70:ba:9d:4e:0a:
7a:4d:91:bc:a2:89:e6:36:19:47:92:5b:63:e2:01:
55:f4:44:67:31:a8:82:47:ec:16:eb:65:aa:2a:ac:
9a:9f:1d:a5:5d:07:b3:a6:dc:f5:f3:74:7e:a9:39:
6f:40:98:68:c4:0b:98:52:93:41:9c:30:21:a2:01:
21:16:1b:e8:d5:e7:15:b1:bb:64:1f:ff:6b:ca:59:
3e:a2:0f:b3:dd:88:f1:ff:c8:71:1f:cc:e2:05:52:
8d:ee:b0:76:27:14:4e:86:70:52:56:d8:d5:2a:57:
6c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3D:31:59:B4:7F:0A:5A:48:CD:AC:15:64:A7:27:31:6A:70:E4:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vz0xWbR_ClpIzawVZKcnMWpw5Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
194.58.40.0/24
194.58.56.0/23
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.77.0/24
194.87.255.0/24
195.58.38.0/24
195.133.20.0/24
195.133.64.0/22
195.133.76.0/24
195.133.90.0/23
Signature Algorithm: sha256WithRSAEncryption
73:74:ae:0e:15:b5:d5:9a:b7:20:db:c2:88:b4:76:ea:b7:42:
20:27:04:ec:c1:61:0f:8f:48:95:44:12:34:21:33:d1:7d:95:
80:48:88:50:0f:0a:2f:4e:85:59:0e:b2:56:ad:18:76:84:36:
5e:56:b6:fa:34:53:a8:68:8a:0e:17:c5:1b:ad:cb:bb:4a:d6:
94:dc:72:c0:9c:89:2a:5e:2e:3a:66:db:55:88:61:d0:0d:c9:
b9:b7:09:ff:81:42:53:0c:c1:76:6c:a5:70:4a:b7:21:96:6e:
82:15:b4:ab:89:3d:53:0b:1d:0f:79:54:5c:73:a6:04:98:23:
a6:ff:e5:b5:42:aa:6e:18:a8:e2:84:82:36:1c:41:d4:c8:5d:
43:e9:a4:02:9f:97:0f:ef:78:34:a2:4e:95:4e:39:8a:d7:1f:
07:d7:05:0e:e4:7c:81:ab:4f:da:9e:8d:0b:96:28:41:36:db:
d7:95:3f:52:86:53:dc:d1:f0:ce:42:2e:c8:ff:88:9b:c5:e5:
7c:5b:99:fd:da:28:3e:fb:23:81:1f:3f:49:00:dc:de:47:2d:
61:c5:e4:43:46:8c:6a:56:87:8b:90:98:8a:cc:b6:6c:39:a4:
0c:7a:e7:1d:c6:40:28:fc:98:da:84:ac:2e:35:d2:ad:9d:91:
13:88:6d:e1
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYf/7ACtOw7HOxnRbB0VSX7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTA5MDk1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNkMzE1OWI0N2YwYTVhNDhjZGFjMTU2NGE3MjczMTZhNzBlNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSF9XpUr73RCFPa9DT2dWvQxBh+K
DtxSllqwS+kgmno+xywa18k4zlP7nF7iGpnPjCQ776jIQUhCfejinMmOgYm/CrVc
1ty//YuvQt1yh/4SSTpWOzZ6vTx2fNH7TUYfPO3Wysb80J2QxXOLLQKDvd4OSpIX
vtF5Hi3C7YT2H/uZeg+8Ngu/ZrdMAUBUQTENcLqdTgp6TZG8oonmNhlHkltj4gFV
9ERnMaiCR+wW62WqKqyanx2lXQezptz183R+qTlvQJhoxAuYUpNBnDAhogEhFhvo
1ecVsbtkH/9rylk+og+z3Yjx/8hxH8ziBVKN7rB2JxROhnBSVtjVKldsjQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL89MVm0fwpaSM2sFWSnJzFqcOQnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdnoweFdiUl9DbHBJemF3VlpLY25NV3B3NUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwXwjAwQA
wjooAwQBwjo4AwQAwlX4AwQAwlX7AwQAwlcKAwQAwlcRAwQAwldNAwQAwlf/AwQA
wzomAwQAw4UUAwQCw4VAAwQAw4VMAwQBw4VaMA0GCSqGSIb3DQEBCwUAA4IBAQBz
dK4OFbXVmrcg28KItHbqt0IgJwTswWEPj0iVRBI0ITPRfZWASIhQDwovToVZDrJW
rRh2hDZeVrb6NFOoaIoOF8Ubrcu7StaU3HLAnIkqXi46ZttViGHQDcm5twn/gUJT
DMF2bKVwSrchlm6CFbSriT1TCx0PeVRcc6YEmCOm/+W1QqpuGKjihII2HEHUyF1D
6aQCn5cP73g0ok6VTjmK1x8H1wUO5HyBq0/ano0LlihBNtvXlT9ShlPc0fDOQi7I
/4ibxeV8W5n92ig++yOBHz9JANzeRy1hxeRDRoxqVoeLkJiKzLZsOaQMeucdxkAo
/JjahKwuNdKtnZETiG3h
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-ams.rpki-client.org