Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yuKc5N7N1si6ikfLjphHc3cy-do.roa
File: yuKc5N7N1si6ikfLjphHc3cy-do.roa (raw, json)
Hash identifier: 7wxUfPPuiIEm7FV0hF16ceI1vivw2bqQJs18OYu3qXs=
Subject key identifier: CA:E2:9C:E4:DE:CD:D6:C8:BA:8A:47:CB:8E:98:47:73:77:32:F9:DA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66E713F987DAA8A93B5982F65A6C11
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yuKc5N7N1si6ikfLjphHc3cy-do.roa
Signing time: Sun 01 Jan 2023 22:14:52 +0000
ROA not before: Sun 01 Jan 2023 22:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
192.124.182.0/23 maxlen: 24
194.87.171.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e7:13:f9:87:da:a8:a9:3b:59:82:f6:5a:6c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cae29ce4decdd6c8ba8a47cb8e9847737732f9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:b4:0c:13:f3:cf:97:18:6e:c8:40:07:d2:
45:4a:4c:a7:26:88:13:10:47:79:a9:68:56:69:7d:
6f:8c:2f:dc:7f:76:95:7e:55:f8:73:f4:c4:ea:08:
0b:c5:ce:f5:39:1a:b6:79:47:ba:a3:6c:15:bb:e1:
3f:23:2a:29:31:cc:f6:3e:db:27:60:1e:f1:ea:ef:
69:85:ac:4b:21:c1:24:01:cd:d2:39:55:13:54:29:
6a:8d:b7:b8:31:a7:7d:ac:b7:1e:7e:b0:f0:c6:30:
72:e7:84:f0:79:06:56:0f:42:f7:5c:35:e7:97:6b:
82:37:5c:9a:e7:28:11:02:28:9b:88:27:9a:bc:b0:
9f:76:ff:1c:e0:a1:6d:4d:88:2f:7e:20:54:79:46:
3a:f4:0f:9e:5f:84:0b:60:ff:d0:be:25:42:b1:df:
90:ed:3a:30:7d:4a:2a:0b:4f:31:23:2e:13:ac:92:
20:0c:0a:54:69:b4:cc:24:6d:b9:26:fa:f2:e8:96:
50:35:3b:b5:2e:f6:b3:a8:7d:26:6a:97:e3:27:63:
2f:9a:24:fb:02:32:ea:a9:5e:51:58:15:ed:88:15:
ad:bd:cd:ff:aa:23:90:6c:7c:25:d5:a9:5e:af:09:
be:1d:40:6b:d7:8d:20:be:fa:de:bb:83:81:fc:76:
7f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E2:9C:E4:DE:CD:D6:C8:BA:8A:47:CB:8E:98:47:73:77:32:F9:DA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yuKc5N7N1si6ikfLjphHc3cy-do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.133.0/24
193.124.201.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.7.0/24
194.87.24.0/22
194.87.56.0/24
194.87.76.0/24
194.87.82.0/23
194.87.104.0/24
194.87.116.0/24
194.87.118.0/24
194.87.123.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.163.0/24
194.87.165.0/24
194.87.171.0-194.87.172.255
194.87.176.0/24
194.87.182.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.195.0/24
212.192.0.0/23
212.192.10.0/24
212.192.222.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
23:e3:e6:e0:bc:57:ec:1b:95:3f:bd:d8:d5:e8:43:c2:f0:e3:
48:b6:cc:48:39:aa:d2:db:11:8a:2b:35:ad:4a:54:21:51:b3:
c5:31:5b:2e:f0:3f:98:5d:0a:da:e3:4b:88:3c:34:95:ae:7b:
b8:00:aa:6b:32:6f:54:b3:62:b2:20:39:d6:2d:48:3c:c7:ad:
e5:50:e9:f7:ae:01:d4:a0:7a:c4:5c:41:a9:7b:e0:24:19:bc:
20:af:80:20:db:a6:87:a9:be:1b:87:d0:db:fa:c4:d2:d0:f7:
e5:c9:7a:8d:f3:7f:fa:08:cd:16:cb:ef:08:a7:d9:b5:93:82:
a9:51:0f:f3:5c:ec:02:40:16:4e:5a:86:2a:e8:e7:2d:50:53:
98:36:dc:c1:12:eb:33:c3:42:34:fc:9c:8a:eb:cf:62:84:7e:
35:0c:8e:7e:15:9e:98:ae:6e:ae:ad:ee:22:01:59:ad:b6:c7:
69:cb:f1:e8:5f:a0:6e:25:7d:f8:a9:86:0c:8b:16:b5:27:1d:
b7:2c:15:f7:59:a0:0c:be:3c:ce:f5:cd:78:25:4d:da:48:2c:
95:92:e9:bc:db:9d:21:26:d4:df:e6:33:73:5a:e6:5a:b6:f4:
77:d9:24:f6:8e:1d:0a:2d:2b:fe:3c:dc:4e:e7:d2:60:af:0a:
ec:9a:70:e3
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYVvZucT+YfaqKk7WYL2WmwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUyOWNlNGRlY2RkNmM4YmE4YTQ3Y2I4ZTk4NDc3Mzc3MzJmOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJO0DBPzz5cYbshAB9JFSkynJogT
EEd5qWhWaX1vjC/cf3aVflX4c/TE6ggLxc71ORq2eUe6o2wVu+E/IyopMcz2Ptsn
YB7x6u9phaxLIcEkAc3SOVUTVClqjbe4Mad9rLcefrDwxjBy54TweQZWD0L3XDXn
l2uCN1ya5ygRAiibiCeavLCfdv8c4KFtTYgvfiBUeUY69A+eX4QLYP/QviVCsd+Q
7TowfUoqC08xIy4TrJIgDApUabTMJG25Jvry6JZQNTu1LvazqH0mapfjJ2MvmiT7
AjLqqV5RWBXtiBWtvc3/qiOQbHwl1alerwm+HUBr140gvvreu4OB/HZ/JQIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFMrinOTezdbIuopHy46YR3N3MvnaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveXVLYzVON04xc2k2aWtmTGpwaEhjM2N5LWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAMF8CAMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wld0AwQAwld2AwQAwld7AwQAwleIAwQBwleKAwQAwleVAwQAwlejAwQAwlelMAwD
BADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9ADBAHCV94D
BADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOFXgMEAMOF
wwMEAdTAAAMEANTACgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOC
AQEAI+Pm4LxX7BuVP73Y1ehDwvDjSLbMSDmq0tsRiis1rUpUIVGzxTFbLvA/mF0K
2uNLiDw0la57uACqazJvVLNisiA51i1IPMet5VDp964B1KB6xFxBqXvgJBm8IK+A
INumh6m+G4fQ2/rE0tD35cl6jfN/+gjNFsvvCKfZtZOCqVEP81zsAkAWTlqGKujn
LVBTmDbcwRLrM8NCNPyciuvPYoR+NQyOfhWemK5urq3uIgFZrbbHacvx6F+gbiV9
+KmGDIsWtScdtywV91mgDL48zvXNeCVN2kgslZLpvNudISbU3+Yzc1rmWrb0d9kk
9o4dCi0r/jzcTufSYK8K7Jpw4w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:15 2023 by rpki-client on console-fra.rpki-client.org