Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x-ZpPimS_Ti0bLqPiRzzGOsHKME.roa
File: x-ZpPimS_Ti0bLqPiRzzGOsHKME.roa (raw, json)
Hash identifier: SAtSS2p9fCafzt95CFGtydD4rj+m3Tp9RKY6WOwvyA4=
Subject key identifier: C7:E6:69:3E:29:92:FD:38:B4:6C:BA:8F:89:1C:F3:18:EB:07:28:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66E9312EA2BE5F808D353A2AE93F04
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x-ZpPimS_Ti0bLqPiRzzGOsHKME.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 212.193.15.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
185.72.9.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e9:31:2e:a2:be:5f:80:8d:35:3a:2a:e9:3f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7e6693e2992fd38b46cba8f891cf318eb0728c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ef:23:a3:74:82:93:68:d1:f9:4d:dd:e2:36:
17:ee:94:bc:70:24:58:64:32:38:cd:0b:a7:e2:a5:
a1:52:00:9d:46:ad:c5:84:b4:5a:a5:8c:6d:34:99:
ea:c9:76:9f:9d:36:87:4c:42:19:4f:76:1a:b1:8b:
b9:48:74:08:a9:14:6a:b3:e1:e8:89:35:ef:d1:9f:
17:17:ff:a6:13:6e:19:b5:ec:b6:c2:9f:cb:e9:c5:
09:50:7d:73:01:ec:3e:b2:12:d0:44:2a:69:25:bd:
eb:cc:62:32:3b:aa:6a:07:31:fe:23:d3:d1:86:bc:
b3:05:3f:9a:44:e7:a6:ba:b2:25:d6:00:f9:65:61:
e9:6e:0c:1a:f2:1d:d0:bc:04:9a:dc:1a:0f:bf:f7:
bc:95:c3:22:5c:65:bd:bc:b1:eb:66:d2:9c:a7:1d:
38:c7:52:23:ee:36:b0:be:81:b7:57:cb:b3:10:f2:
25:a5:47:4e:c8:93:53:e1:c3:42:44:cd:c2:07:c0:
6e:72:a7:8d:cb:a6:e9:04:13:05:d5:8c:cb:55:f2:
2e:e9:8c:e1:66:e3:9d:92:23:97:77:81:42:b0:e7:
4d:e0:e1:a7:ea:3e:88:d9:5a:d8:46:4b:99:96:f1:
cd:42:97:19:cc:66:ab:27:50:1f:20:84:9d:bf:9c:
59:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E6:69:3E:29:92:FD:38:B4:6C:BA:8F:89:1C:F3:18:EB:07:28:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x-ZpPimS_Ti0bLqPiRzzGOsHKME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.9.0/24
194.87.73.0/24
194.87.90.0/24
194.87.181.0/24
194.87.198.0/24
195.133.82.0/24
212.193.0.0-212.193.2.255
212.193.6.0/24
212.193.12.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:de:00:ea:f1:bb:4d:81:83:08:89:02:fc:83:a4:1b:7c:76:
36:2f:a5:d5:78:b9:1b:db:7f:63:40:05:be:7b:d2:92:e9:3c:
ac:0b:02:ab:4e:2b:25:c6:30:f1:fd:c6:e9:b0:e3:3f:5f:ad:
e9:50:1c:36:e4:3f:fa:05:b4:4d:95:c5:62:3c:67:09:49:64:
8e:01:e2:41:2e:2b:3d:1d:81:ae:ee:46:0e:7a:d8:d3:ad:39:
33:e9:88:3c:7b:c2:d3:a0:c2:22:65:a2:58:e2:bb:e2:72:6a:
32:21:79:07:f4:41:79:49:8f:76:7e:1a:74:31:00:81:56:54:
20:85:e7:d3:1e:5f:99:5e:da:a5:23:f4:4e:d2:30:34:f9:f0:
43:29:77:f6:eb:45:b0:0a:b1:56:8e:f6:27:61:f0:89:7e:75:
e1:0f:8a:85:01:ac:d4:11:a1:85:46:74:bb:98:b9:86:e3:78:
b5:e9:f3:19:d3:67:84:b4:25:37:91:94:01:ed:15:ed:f3:c1:
3d:6f:1f:66:e3:b5:8e:a1:fc:e4:39:60:87:a4:40:ea:6a:73:
7b:14:a9:34:f1:49:13:b3:ba:77:b9:49:ef:56:07:47:ba:38:
3e:33:32:77:01:bd:ae:83:c9:9f:2b:24:41:c0:28:4e:e6:57:
be:f8:15:6f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYVvZukxLqK+X4CNNToq6T8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U2NjkzZTI5OTJmZDM4YjQ2Y2JhOGY4OTFjZjMxOGViMDcyOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO8jo3SCk2jR+U3d4jYX7pS8cCRY
ZDI4zQun4qWhUgCdRq3FhLRapYxtNJnqyXafnTaHTEIZT3YasYu5SHQIqRRqs+Ho
iTXv0Z8XF/+mE24Ztey2wp/L6cUJUH1zAew+shLQRCppJb3rzGIyO6pqBzH+I9PR
hryzBT+aROemurIl1gD5ZWHpbgwa8h3QvASa3BoPv/e8lcMiXGW9vLHrZtKcpx04
x1Ij7jawvoG3V8uzEPIlpUdOyJNT4cNCRM3CB8BucqeNy6bpBBMF1YzLVfIu6Yzh
ZuOdkiOXd4FCsOdN4OGn6j6I2VrYRkuZlvHNQpcZzGarJ1AfIISdv5xZmQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFMfmaT4pkv04tGy6j4kc8xjrByjBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveC1acFBpbVNfVGkwYkxxUGlSenpHT3NIS01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9AwQAuUgJAwQA
wldJAwQAwldaAwQAwle1AwQAwlfGAwQAw4VSMAsDAwDUwQMEANTBAgMEANTBBgME
AtTBDDANBgkqhkiG9w0BAQsFAAOCAQEAKt4A6vG7TYGDCIkC/IOkG3x2Ni+l1Xi5
G9t/Y0AFvnvSkuk8rAsCq04rJcYw8f3G6bDjP1+t6VAcNuQ/+gW0TZXFYjxnCUlk
jgHiQS4rPR2Bru5GDnrY0605M+mIPHvC06DCImWiWOK74nJqMiF5B/RBeUmPdn4a
dDEAgVZUIIXn0x5fmV7apSP0TtIwNPnwQyl39utFsAqxVo72J2HwiX514Q+KhQGs
1BGhhUZ0u5i5huN4tenzGdNnhLQlN5GUAe0V7fPBPW8fZuO1jqH85Dlgh6RA6mpz
exSpNPFJE7O6d7lJ71YHR7o4PjMydwG9roPJnyskQcAoTuZXvvgVbw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-ams.rpki-client.org