Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9Jn2VvioL8D0Hz0faaqlkJdQ-U.roa
File: w9Jn2VvioL8D0Hz0faaqlkJdQ-U.roa (raw, json)
Hash identifier: MyrEXnUl3U9SVt4D1qTxgHxupyXoXaH+RnDVK37c/Y0=
Subject key identifier: C3:D2:67:D9:5B:E2:A0:BF:03:D0:7C:F4:7D:A6:AA:96:42:5D:43:E5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6B0AF3CB38DEE1B4FCC7B06E2C2307DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9Jn2VvioL8D0Hz0faaqlkJdQ-U.roa
Signing time: Wed 06 Sep 2023 15:09:54 +0000
ROA not before: Wed 06 Sep 2023 15:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.29.0/24 maxlen: 24
194.87.132.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
212.192.218.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
212.192.219.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:0a:f3:cb:38:de:e1:b4:fc:c7:b0:6e:2c:23:07:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 15:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3d267d95be2a0bf03d07cf47da6aa96425d43e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dc:60:56:bc:6d:2d:28:0a:6a:4c:2e:64:40:
57:61:f8:79:ed:28:e9:a4:44:e3:b8:9d:47:44:32:
56:4f:01:5f:4e:71:49:51:e8:79:63:07:77:74:12:
c6:2f:08:17:0e:2f:84:cf:9d:af:6a:f7:7e:4b:3a:
e0:73:07:5a:c2:2c:78:b6:dd:13:8d:e9:6b:d2:54:
e5:7f:aa:94:0b:2e:f8:21:1d:6a:91:21:54:29:d4:
42:bf:9c:52:c1:ab:22:ab:26:43:a4:49:3f:fe:5f:
62:7b:be:64:8a:b0:51:51:5a:cd:53:45:1a:22:51:
b2:de:72:1e:a9:f7:6f:dd:f3:c3:44:38:c7:be:7e:
ab:3e:fe:d4:dc:c4:bd:c8:05:71:ec:54:70:b2:ea:
19:f5:d8:29:6d:8a:7b:ce:24:b0:81:1c:87:5c:00:
c8:32:61:b5:f8:16:2f:4c:b3:7e:3d:7d:3f:0e:2e:
32:5b:b9:64:6d:f0:e7:28:aa:85:12:f2:65:ff:ee:
ce:80:82:b7:34:03:ea:a9:c5:ab:c2:91:5e:11:75:
5c:bc:20:74:5b:93:05:94:52:a7:7f:b1:c2:7f:1b:
e3:2a:80:cc:ef:f5:fc:b6:0f:1d:bf:20:c3:f0:45:
da:20:21:d2:0a:dc:54:f4:cb:44:bc:a9:16:1e:e1:
1e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D2:67:D9:5B:E2:A0:BF:03:D0:7C:F4:7D:A6:AA:96:42:5D:43:E5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9Jn2VvioL8D0Hz0faaqlkJdQ-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.132.0/24
195.133.16.0/23
212.192.216.0/24
212.192.218.0/23
212.192.240.0/24
212.192.243.0/24
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:1c:5a:1c:05:77:70:33:67:8b:5f:7c:0e:3d:04:23:8d:c3:
c7:2e:3c:85:8e:60:44:7c:2a:e5:11:02:b4:08:4e:3a:46:36:
b2:92:51:b5:25:a2:63:c1:9f:32:ae:86:f9:06:36:e5:1a:08:
39:af:cd:ab:ed:5e:8a:91:0a:a8:47:d9:07:a3:4d:fd:fc:a2:
b2:c4:51:3a:ef:96:9e:cc:8d:67:e7:36:53:f3:e4:af:07:8d:
91:e8:6b:cf:57:39:5e:64:94:14:b6:69:d9:3b:8b:f3:ca:7a:
ce:0a:ee:b8:35:7a:2f:9d:a7:33:1d:19:fa:55:31:1e:5a:3e:
0f:85:5f:20:88:a2:34:26:0b:63:98:89:cb:b0:4e:58:12:af:
d7:36:57:79:dd:aa:f4:94:00:66:99:5e:27:2c:e2:d9:5d:fd:
1a:ba:38:1c:cb:a2:bf:23:24:a1:22:72:80:90:c3:70:98:e2:
5a:a4:75:3d:d4:a4:9a:78:c9:cf:ed:80:2c:56:35:3c:3c:41:
f1:c4:50:7b:87:31:09:99:5a:ca:67:57:ab:a3:36:ac:ee:61:
7c:48:fb:2f:5b:f6:06:50:5c:bb:1c:45:85:b4:f4:a2:56:a5:
7d:61:9d:46:14:eb:b4:a6:f6:0a:34:fd:13:e6:fb:0d:33:4d:
29:86:83:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYprCvPLON7htPzHsG4sIwffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MTUwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2QyNjdkOTViZTJhMGJmMDNkMDdjZjQ3ZGE2YWE5NjQyNWQ0M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9xgVrxtLSgKakwuZEBXYfh57Sjp
pETjuJ1HRDJWTwFfTnFJUeh5Ywd3dBLGLwgXDi+Ez52vavd+Szrgcwdawix4tt0T
jelr0lTlf6qUCy74IR1qkSFUKdRCv5xSwasiqyZDpEk//l9ie75kirBRUVrNU0Ua
IlGy3nIeqfdv3fPDRDjHvn6rPv7U3MS9yAVx7FRwsuoZ9dgpbYp7ziSwgRyHXADI
MmG1+BYvTLN+PX0/Di4yW7lkbfDnKKqFEvJl/+7OgIK3NAPqqcWrwpFeEXVcvCB0
W5MFlFKnf7HCfxvjKoDM7/X8tg8dvyDD8EXaICHSCtxU9MtEvKkWHuEeOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMPSZ9lb4qC/A9B89H2mqpZCXUPlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdzlKbjJWdmlvTDhEMEh6MGZhYXFsa0pkUS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwleEAwQB
w4UQAwQA1MDYAwQB1MDaAwQA1MDwAwQA1MDzAwQA1MEdMA0GCSqGSIb3DQEBCwUA
A4IBAQAMHFocBXdwM2eLX3wOPQQjjcPHLjyFjmBEfCrlEQK0CE46RjayklG1JaJj
wZ8yrob5BjblGgg5r82r7V6KkQqoR9kHo039/KKyxFE675aezI1n5zZT8+SvB42R
6GvPVzleZJQUtmnZO4vzynrOCu64NXovnaczHRn6VTEeWj4PhV8giKI0JgtjmInL
sE5YEq/XNld53ar0lABmmV4nLOLZXf0aujgcy6K/IyShInKAkMNwmOJapHU91KSa
eMnP7YAsVjU8PEHxxFB7hzEJmVrKZ1erozas7mF8SPsvW/YGUFy7HEWFtPSiVqV9
YZ1GFOu0pvYKNP0T5vsNM00phoNz
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org