Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z8q0oh4u7ddDkSvAaKWfMkUqicw.roa
File: z8q0oh4u7ddDkSvAaKWfMkUqicw.roa (raw, json)
Hash identifier: c/3sN8ahy74NJanWV1O6Doxvc4Y80I+0czGS14IWtaw=
Subject key identifier: CF:CA:B4:A2:1E:2E:ED:D7:43:91:2B:C0:68:A5:9F:32:45:2A:89:CC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01891784F860F8D769280474FD78F5C34BD1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z8q0oh4u7ddDkSvAaKWfMkUqicw.roa
Signing time: Sun 02 Jul 2023 16:52:17 +0000
ROA not before: Sun 02 Jul 2023 16:52:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
212.192.218.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
212.192.219.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 17:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:17:84:f8:60:f8:d7:69:28:04:74:fd:78:f5:c3:4b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 2 16:52:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfcab4a21e2eedd743912bc068a59f32452a89cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d4:15:5c:93:37:ef:e9:29:49:4f:09:ff:cc:
a8:25:f6:77:dd:4b:7c:19:d9:25:8d:0f:96:57:2a:
b5:4c:c6:75:25:03:8c:79:2b:c2:e6:77:99:80:08:
6d:50:9b:85:08:95:48:fe:33:a2:cf:83:5f:ee:3a:
47:9a:fa:cd:1c:0b:2d:16:6b:d8:78:d7:f6:9c:17:
a7:8c:15:f1:c0:67:89:2d:14:1e:79:90:d1:b4:ae:
ed:7c:18:d3:47:20:80:1c:bd:08:e6:5e:20:74:b3:
5c:2c:90:86:a5:39:32:6a:19:95:05:9a:fd:40:43:
e4:eb:bb:6e:95:dd:02:a9:bc:03:71:24:ae:36:d4:
e1:0c:29:e2:a1:2b:2b:8a:2c:91:0c:3e:34:32:c7:
6f:53:15:a5:9c:3f:b2:e1:2a:ed:59:22:fc:2e:3c:
6e:84:00:02:96:99:aa:b2:c0:eb:96:f5:df:55:a1:
af:9c:60:49:ec:92:e0:4c:2b:bd:e0:bd:b0:2c:e4:
49:7a:fa:9b:be:64:6a:4c:85:d0:54:50:fd:c6:f4:
86:17:dd:b2:1b:b6:d1:cc:14:56:56:d2:b1:4c:13:
f9:82:c2:93:26:df:70:1f:0a:85:14:27:ea:25:9d:
17:7a:bd:f4:2b:b6:98:b8:17:45:5c:e9:6b:c4:ab:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CA:B4:A2:1E:2E:ED:D7:43:91:2B:C0:68:A5:9F:32:45:2A:89:CC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z8q0oh4u7ddDkSvAaKWfMkUqicw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.84.0/24
195.133.16.0/23
195.133.37.0/24
195.133.42.0/23
212.192.216.0/22
212.192.240.0/24
212.192.243.0/24
212.193.28.0/23
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f2:f1:01:59:3d:f2:a3:5b:09:57:0c:98:84:3e:d5:c2:cd:
dc:cc:2e:8b:8b:06:d3:3d:68:f9:b7:84:c8:b9:65:16:c6:2f:
bd:f7:51:cb:d1:04:c8:14:5c:78:7e:6d:ac:8e:0a:3c:e4:9f:
dd:d2:8c:59:fd:1d:43:0d:24:c9:ac:8d:3a:85:ab:2d:3e:17:
78:8e:4f:14:71:67:c6:2c:14:7d:51:13:4d:ab:9c:57:26:2a:
89:78:ce:29:81:f3:85:4d:13:41:11:d9:17:98:06:46:6c:1c:
8a:80:58:49:35:20:67:da:41:e4:1a:5f:a6:02:2f:8f:41:b9:
e9:c7:54:ad:11:0d:62:f1:1e:9a:bc:88:e4:73:1d:cd:47:a8:
1d:9e:4c:63:9e:d8:aa:bc:83:5c:bf:08:b3:39:07:be:52:7f:
c3:e6:d7:0d:e2:53:5c:a2:84:89:43:04:34:d6:ce:07:24:1a:
42:ec:fd:ed:b7:c9:09:fe:a4:0f:8f:9a:ec:ef:d5:ff:43:7f:
bd:84:6b:50:3a:66:aa:a6:2f:bf:33:fe:d7:90:41:71:69:2e:
81:6b:24:ec:6f:ef:fa:05:4a:fa:4a:a9:d5:85:f9:e4:a0:dd:
9c:a3:23:52:b7:bb:d7:72:1c:96:89:8d:db:6a:44:00:b0:1d:
62:9e:d3:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYkXhPhg+NdpKAR0/Xj1w0vRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzAyMTY1MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNhYjRhMjFlMmVlZGQ3NDM5MTJiYzA2OGE1OWYzMjQ1MmE4OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdQVXJM37+kpSU8J/8yoJfZ33Ut8
GdkljQ+WVyq1TMZ1JQOMeSvC5neZgAhtUJuFCJVI/jOiz4Nf7jpHmvrNHAstFmvY
eNf2nBenjBXxwGeJLRQeeZDRtK7tfBjTRyCAHL0I5l4gdLNcLJCGpTkyahmVBZr9
QEPk67tuld0CqbwDcSSuNtThDCnioSsriiyRDD40MsdvUxWlnD+y4SrtWSL8Ljxu
hAAClpmqssDrlvXfVaGvnGBJ7JLgTCu94L2wLORJevqbvmRqTIXQVFD9xvSGF92y
G7bRzBRWVtKxTBP5gsKTJt9wHwqFFCfqJZ0Xer30K7aYuBdFXOlrxKtjMQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM/KtKIeLu3XQ5ErwGilnzJFKonMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvejhxMG9oNHU3ZGREa1N2QWFLV2ZNa1VxaWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwXzjAwQA
wldUAwQBw4UQAwQAw4UlAwQBw4UqAwQC1MDYAwQA1MDwAwQA1MDzAwQB1MEcAwQA
1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQBl8vEBWT3yo1sJVwyYhD7Vws3czC6LiwbT
PWj5t4TIuWUWxi+991HL0QTIFFx4fm2sjgo85J/d0oxZ/R1DDSTJrI06hastPhd4
jk8UcWfGLBR9URNNq5xXJiqJeM4pgfOFTRNBEdkXmAZGbByKgFhJNSBn2kHkGl+m
Ai+PQbnpx1StEQ1i8R6avIjkcx3NR6gdnkxjntiqvINcvwizOQe+Un/D5tcN4lNc
ooSJQwQ01s4HJBpC7P3tt8kJ/qQPj5rs79X/Q3+9hGtQOmaqpi+/M/7XkEFxaS6B
ayTsb+/6BUr6SqnVhfnkoN2coyNSt7vXchyWiY3bakQAsB1intMS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org