Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPlLp6babBDFs9Xdbq4tKvwuluo.roa
File: wPlLp6babBDFs9Xdbq4tKvwuluo.roa (raw, json)
Hash identifier: 4BwRD5nlZIeKg/GURPGWF3B5kgTWEn5GECXxKljCuME=
Subject key identifier: C0:F9:4B:A7:A6:DA:6C:10:C5:B3:D5:DD:6E:AE:2D:2A:FC:2E:96:EA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018608938BAB425D72FE5F529061D6FB871D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPlLp6babBDFs9Xdbq4tKvwuluo.roa
Signing time: Tue 31 Jan 2023 16:05:32 +0000
ROA not before: Tue 31 Jan 2023 16:05:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
195.133.12.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:93:8b:ab:42:5d:72:fe:5f:52:90:61:d6:fb:87:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 31 16:05:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0f94ba7a6da6c10c5b3d5dd6eae2d2afc2e96ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7c:bc:f1:ef:a7:da:32:ac:29:4b:97:82:9a:
8d:67:3f:43:9a:4e:d9:8b:bd:41:41:eb:cc:1a:f5:
8c:e9:36:ce:5e:5b:60:78:33:f4:9e:31:a5:a9:2f:
0b:c1:cd:6f:75:1d:2f:93:7f:45:02:75:a8:05:e1:
4f:7a:1b:d7:29:75:f8:1b:97:f7:b4:88:77:28:b2:
60:2c:2d:65:4b:52:9c:a5:09:38:12:e3:27:9a:7f:
9c:a2:d0:32:5f:bb:f3:b3:d2:72:e8:2f:28:af:55:
c4:46:4b:cb:47:24:37:fd:79:d0:25:45:fc:05:39:
fd:a2:46:35:83:6c:7c:c1:44:a4:ab:d7:19:83:b3:
61:34:0c:2f:77:20:43:2c:13:a4:3a:2b:ef:08:b2:
b5:1c:21:9a:93:d5:df:59:3f:af:5b:9c:e2:5e:ec:
dd:92:65:2f:fb:f2:c1:f1:60:59:c2:5b:87:ad:b9:
11:a5:59:dd:d0:33:aa:24:61:da:97:1d:3f:84:80:
64:e5:f5:da:49:a6:ab:d2:95:2b:4d:35:41:8a:30:
3d:e1:9f:32:93:29:e8:11:a5:6b:d3:05:c9:9d:80:
f9:65:df:39:83:69:01:13:2a:6f:2f:4d:0f:35:62:
df:c2:92:63:37:20:bb:1e:b1:d9:2e:40:2e:02:31:
5e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F9:4B:A7:A6:DA:6C:10:C5:B3:D5:DD:6E:AE:2D:2A:FC:2E:96:EA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPlLp6babBDFs9Xdbq4tKvwuluo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
192.124.182.0/23
193.124.8.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.6.0/24
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.123.0/24
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.165.0/24
194.87.171.0/24
194.87.198.0/23
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
47:da:35:50:24:2f:6e:75:d1:63:ba:fb:bd:f6:cf:da:10:d5:
2c:df:a6:c0:0c:b9:76:51:9e:82:68:0d:3b:d6:33:6d:8d:be:
d2:38:fa:d7:55:32:6e:b0:85:45:17:ad:8c:dc:9f:81:4c:0b:
97:54:ed:9d:9e:38:2a:e6:ff:2a:87:b8:39:dd:47:0e:f3:5d:
61:8a:3f:28:c1:4e:e1:78:48:98:6c:41:42:f5:2b:af:6a:2b:
f2:6a:90:07:52:11:31:9e:91:31:d2:41:ea:9e:f3:ca:5d:18:
ba:37:56:88:f3:4e:93:16:1c:56:71:ee:d2:75:75:45:a7:c0:
3b:66:02:da:78:fe:3e:5e:57:37:3e:a4:d0:b3:fd:75:72:3f:
b1:ea:7a:de:5f:56:68:f3:05:5f:9f:8b:84:7c:57:09:57:92:
8b:df:65:52:d1:6c:5c:13:66:42:8f:8c:f2:1b:ee:46:5e:79:
da:be:9e:5c:e3:28:59:41:02:2a:f0:65:b7:63:0a:5c:9c:60:
c5:ae:45:37:31:7e:7a:30:31:28:62:e1:38:43:7e:ae:92:1c:
8f:fe:3d:b4:a5:37:d0:f8:b9:59:73:59:86:1a:cf:38:b4:02:
51:50:81:89:07:c2:a0:ff:3a:98:3a:fa:b9:8a:e1:da:e5:94:
bc:d1:8a:8e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYYIk4urQl1y/l9SkGHW+4cdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMxMTYwNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY5NGJhN2E2ZGE2YzEwYzViM2Q1ZGQ2ZWFlMmQyYWZjMmU5NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHy88e+n2jKsKUuXgpqNZz9Dmk7Z
i71BQevMGvWM6TbOXltgeDP0njGlqS8Lwc1vdR0vk39FAnWoBeFPehvXKXX4G5f3
tIh3KLJgLC1lS1KcpQk4EuMnmn+cotAyX7vzs9Jy6C8or1XERkvLRyQ3/XnQJUX8
BTn9okY1g2x8wUSkq9cZg7NhNAwvdyBDLBOkOivvCLK1HCGak9XfWT+vW5ziXuzd
kmUv+/LB8WBZwluHrbkRpVnd0DOqJGHalx0/hIBk5fXaSaar0pUrTTVBijA94Z8y
kynoEaVr0wXJnYD5Zd85g2kBEypvL00PNWLfwpJjNyC7HrHZLkAuAjFepQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFMD5S6em2mwQxbPV3W6uLSr8LpbqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd1BsTHA2YmFiQkRGczlYZGJxNHRLdnd1bHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQA
wHysAwQBwHy2AwQAwXwIAwQAwXyFAwQAwXzLAwQAwjoqMAwDBADCOi0DBATCOiAD
BADCVwYDBADCVxYDBADCVxsDBADCV1IwDAMEAcJXcgMEAMJXdAMEAMJXdgMEAMJX
ewMEAMJXfgMEAMJXiAMEAcJXigMEAMJXpQMEAMJXqwMEAcJXxgMEAcJX0AMEAcJX
3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VeAwQA
w4XBAwQAw4XDAwQB1MAAAwQB1MDQAwQA1MDTAwQA1MEAAwQA1MEMMA0GCSqGSIb3
DQEBCwUAA4IBAQBH2jVQJC9uddFjuvu99s/aENUs36bADLl2UZ6CaA071jNtjb7S
OPrXVTJusIVFF62M3J+BTAuXVO2dnjgq5v8qh7g53UcO811hij8owU7heEiYbEFC
9SuvaivyapAHUhExnpEx0kHqnvPKXRi6N1aI806TFhxWce7SdXVFp8A7ZgLaeP4+
Xlc3PqTQs/11cj+x6nreX1Zo8wVfn4uEfFcJV5KL32VS0WxcE2ZCj4zyG+5GXnna
vp5c4yhZQQIq8GW3YwpcnGDFrkU3MX56MDEoYuE4Q36ukhyP/j20pTfQ+LlZc1mG
Gs84tAJRUIGJB8Kg/zqYOvq5iuHa5ZS80YqO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:14 2023 by rpki-client on console-fra.rpki-client.org