Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xwIxfk0rqbQASy20NgjZxl7XPKk.roa
File: xwIxfk0rqbQASy20NgjZxl7XPKk.roa (raw, json)
Hash identifier: coA9SbzMT0S9qA8AZZDDbUYf0UCgzx1euvBuqHiL9Ns=
Subject key identifier: C7:02:31:7E:4D:2B:A9:B4:00:4B:2D:B4:36:08:D9:C6:5E:D7:3C:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018757417DC1029E534C9628EB06970C9B72
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xwIxfk0rqbQASy20NgjZxl7XPKk.roa
Signing time: Thu 06 Apr 2023 15:48:42 +0000
ROA not before: Thu 06 Apr 2023 15:48:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
212.192.218.0/24 maxlen: 24
212.192.219.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 10:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:41:7d:c1:02:9e:53:4c:96:28:eb:06:97:0c:9b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:48:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c702317e4d2ba9b4004b2db43608d9c65ed73ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:78:01:0d:37:bc:6c:63:5a:16:ae:ea:a4:de:
db:eb:20:c4:69:78:b2:9c:75:73:a3:66:3b:47:8a:
8d:10:3f:6d:f5:03:40:75:71:0e:7b:25:85:50:32:
e8:db:22:79:f2:f8:2d:28:7a:29:85:4d:99:52:98:
aa:cd:d5:f6:91:7c:46:4b:9d:ce:5d:23:e3:e3:27:
95:1c:49:ff:8d:25:ba:26:11:23:c4:27:53:af:e8:
11:9c:7a:0a:92:d2:b1:06:d6:c4:90:98:b1:87:cc:
36:90:dd:7a:8a:b5:88:83:22:24:2a:07:2b:0a:f2:
99:16:02:46:a9:0f:bd:02:ab:f6:21:a5:5b:39:98:
c1:ea:d1:e7:06:cb:a3:04:2a:27:6e:c4:aa:75:72:
27:5b:18:d4:56:00:48:45:a5:4d:8f:e4:9b:90:85:
e9:12:4f:90:97:0b:01:ad:5e:9b:88:79:9c:9d:c2:
6b:5b:57:3b:65:67:3e:c5:30:a1:bc:2e:d8:69:95:
cb:4f:fb:dd:74:ca:f6:a4:cf:a6:cc:7a:e6:2f:01:
93:be:e6:43:7b:e8:8a:c8:17:41:a7:dd:25:8c:2d:
01:d6:ac:d5:e2:54:7e:5b:3f:c3:49:2f:5a:97:ee:
af:39:6e:67:41:57:e7:2a:63:b1:eb:54:6d:28:fa:
3b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:31:7E:4D:2B:A9:B4:00:4B:2D:B4:36:08:D9:C6:5E:D7:3C:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xwIxfk0rqbQASy20NgjZxl7XPKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.188.0/24
193.124.227.0/24
194.87.84.0/24
194.87.86.0/24
194.87.187.0/24
195.133.13.0/24
195.133.16.0/23
195.133.37.0/24
212.192.216.0/22
212.192.240.0/24
212.192.243.0/24
212.193.28.0/23
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:bb:99:d7:f1:e4:80:31:a7:ae:50:48:15:dc:3b:00:75:db:
83:b4:4c:49:e8:e1:10:44:7d:83:a7:a3:e9:8e:a8:1d:15:33:
94:78:70:f3:57:5f:6b:95:64:97:3a:31:0b:f1:4c:50:b8:c2:
27:3d:e6:40:df:ca:dd:fe:b8:36:57:5d:a1:77:60:55:0c:bd:
1c:e3:b0:3c:1a:50:83:16:90:f4:54:cc:d5:00:eb:70:d0:82:
de:56:fa:56:35:d2:bf:c4:0d:61:76:13:6c:48:90:43:81:4c:
9f:cf:75:3a:e1:e2:57:c4:af:98:93:07:8f:da:3a:42:70:12:
c3:e8:1a:be:94:15:cf:01:6d:8a:b7:6f:58:40:a9:af:18:36:
37:2f:5e:00:df:56:ab:67:4c:a8:98:94:a5:7d:94:f8:23:eb:
c5:8d:79:35:ea:83:24:71:6e:61:e1:f8:87:b5:ae:96:c6:dc:
94:a0:63:5c:e5:57:31:00:08:9a:47:5f:95:a9:5e:08:bf:1f:
97:a8:32:09:8d:69:20:6d:ba:b1:64:d8:aa:08:73:ec:8d:19:
4b:c8:44:67:d3:8a:04:6a:20:9d:ad:b2:89:4d:dc:f6:d5:e5:
b1:ba:89:84:9c:e9:8d:5f:72:ce:18:da:ce:3e:4b:a0:36:ae:
2e:70:73:fa
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYdXQX3BAp5TTJYo6waXDJtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTU0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzAyMzE3ZTRkMmJhOWI0MDA0YjJkYjQzNjA4ZDljNjVlZDczY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3gBDTe8bGNaFq7qpN7b6yDEaXiy
nHVzo2Y7R4qNED9t9QNAdXEOeyWFUDLo2yJ58vgtKHophU2ZUpiqzdX2kXxGS53O
XSPj4yeVHEn/jSW6JhEjxCdTr+gRnHoKktKxBtbEkJixh8w2kN16irWIgyIkKgcr
CvKZFgJGqQ+9Aqv2IaVbOZjB6tHnBsujBConbsSqdXInWxjUVgBIRaVNj+SbkIXp
Ek+QlwsBrV6biHmcncJrW1c7ZWc+xTChvC7YaZXLT/vddMr2pM+mzHrmLwGTvuZD
e+iKyBdBp90ljC0B1qzV4lR+Wz/DSS9al+6vOW5nQVfnKmOx61RtKPo7LQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMcCMX5NK6m0AEsttDYI2cZe1zypMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHdJeGZrMHJxYlFBU3kyME5nalp4bDdYUEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwHy8AwQA
wXzjAwQAwldUAwQAwldWAwQAwle7AwQAw4UNAwQBw4UQAwQAw4UlAwQC1MDYAwQA
1MDwAwQA1MDzAwQB1MEcAwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQAMu5nX8eSA
MaeuUEgV3DsAdduDtExJ6OEQRH2Dp6PpjqgdFTOUeHDzV19rlWSXOjEL8UxQuMIn
PeZA38rd/rg2V12hd2BVDL0c47A8GlCDFpD0VMzVAOtw0ILeVvpWNdK/xA1hdhNs
SJBDgUyfz3U64eJXxK+YkweP2jpCcBLD6Bq+lBXPAW2Kt29YQKmvGDY3L14A31ar
Z0yomJSlfZT4I+vFjXk16oMkcW5h4fiHta6WxtyUoGNc5VcxAAiaR1+VqV4Ivx+X
qDIJjWkgbbqxZNiqCHPsjRlLyERn04oEaiCdrbKJTdz21eWxuomEnOmNX3LOGNrO
PkugNq4ucHP6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org