Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhAbIXdr0zgGYZ8KvfhFS4zbtK8.roa
File: zhAbIXdr0zgGYZ8KvfhFS4zbtK8.roa (raw, json)
Hash identifier: jytK+zUpJWj2qH6TuDXig07g6mVVoKu7Px6t64xz/5o=
Subject key identifier: CE:10:1B:21:77:6B:D3:38:06:61:9F:0A:BD:F8:45:4B:8C:DB:B4:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01888EE8A87DFCA9F39EE18005B9B50E1DD5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhAbIXdr0zgGYZ8KvfhFS4zbtK8.roa
Signing time: Tue 06 Jun 2023 04:13:12 +0000
ROA not before: Tue 06 Jun 2023 04:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 212.193.12.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
194.87.129.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8e:e8:a8:7d:fc:a9:f3:9e:e1:80:05:b9:b5:0e:1d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 6 04:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce101b21776bd33806619f0abdf8454b8cdbb4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:8d:7b:70:4f:98:7e:b8:0d:90:7b:2d:de:
19:8f:85:a4:2a:23:98:48:8b:70:20:5a:06:0a:c6:
e9:6b:e2:c0:49:19:6c:72:60:d3:5e:a5:9c:24:2f:
d4:c0:a6:47:a2:27:af:2d:c8:cb:bd:02:18:5d:69:
ae:d3:cc:76:6b:a7:63:f8:58:a4:26:1a:d3:e0:cf:
d8:34:68:63:dc:3f:90:14:9f:e5:6d:e4:d8:45:53:
61:53:52:b2:6e:14:df:d0:68:40:a7:18:ca:6e:d0:
2e:a9:32:23:21:0a:4f:c4:40:97:e3:3f:be:91:99:
78:2e:96:ae:74:0b:bb:b7:f3:fd:18:b4:96:53:28:
99:39:23:8b:9e:cd:95:4d:35:6a:d6:5c:1c:36:6f:
3a:0a:b7:9e:63:42:84:50:de:db:3c:48:68:84:d8:
66:43:1e:fe:2f:12:d0:c5:22:7a:30:92:8b:3a:ec:
7f:ed:1c:95:b2:3a:bc:a9:29:b8:d0:f2:4b:6a:bf:
11:b6:e6:98:e5:6d:e9:e8:10:bc:17:6a:46:67:60:
40:09:b3:1f:a6:ff:2a:91:a4:d5:ba:81:d1:ca:e8:
71:81:80:6e:bf:a3:62:33:5d:98:73:55:d3:8b:e9:
d3:b1:fe:d0:9c:d9:79:28:98:d7:ca:bb:ef:16:71:
4f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:10:1B:21:77:6B:D3:38:06:61:9F:0A:BD:F8:45:4B:8C:DB:B4:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhAbIXdr0zgGYZ8KvfhFS4zbtK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.51.0/24
194.87.81.0/24
194.87.129.0/24
195.58.35.0/24
195.133.14.0/24
195.133.79.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:40:58:f6:bb:9c:36:86:98:23:c7:b4:34:d2:08:49:38:fd:
c2:44:b9:f7:2f:a1:6b:5b:cd:1e:7a:eb:85:66:b8:00:4f:d7:
67:da:b5:f1:21:a9:08:cd:95:63:41:c9:d7:d1:ea:d2:9e:1e:
5d:9a:2c:0f:02:09:a4:83:61:f6:4e:42:52:ab:cd:fc:98:33:
82:67:58:0a:ec:7f:de:89:26:75:2f:68:6c:d9:d2:1f:ed:98:
55:95:ba:4c:e2:46:a7:ec:7e:1f:a9:04:e8:0b:de:b5:7d:c5:
03:b8:29:d3:9c:a8:23:b2:4e:70:34:42:fd:4f:04:1b:fc:7d:
e9:a8:98:37:ee:43:b8:61:1a:57:4c:db:71:19:62:11:0d:32:
89:c0:55:de:54:5e:81:ee:a8:13:04:f9:90:35:24:ff:7f:c2:
36:2d:be:c5:70:b5:45:2b:1f:ee:c9:0c:34:e5:07:be:f2:c8:
6f:86:10:b6:1f:f0:6d:43:f4:54:c7:02:8a:ae:d1:94:f3:d3:
17:33:7c:63:ec:8e:23:38:99:70:9d:96:2e:2c:d3:31:b2:13:
01:62:29:fa:0d:3d:1b:02:8c:70:be:8a:06:61:d3:ab:bd:04:
d8:4b:88:3f:9d:53:b9:d3:21:ef:9b:73:5b:e8:36:ad:f8:f7:
e1:de:df:18
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYiO6Kh9/KnznuGABbm1Dh3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA2MDQxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTEwMWIyMTc3NmJkMzM4MDY2MTlmMGFiZGY4NDU0YjhjZGJiNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5guNe3BPmH64DZB7Ld4Zj4WkKiOY
SItwIFoGCsbpa+LASRlscmDTXqWcJC/UwKZHoievLcjLvQIYXWmu08x2a6dj+Fik
JhrT4M/YNGhj3D+QFJ/lbeTYRVNhU1KybhTf0GhApxjKbtAuqTIjIQpPxECX4z++
kZl4LpaudAu7t/P9GLSWUyiZOSOLns2VTTVq1lwcNm86CreeY0KEUN7bPEhohNhm
Qx7+LxLQxSJ6MJKLOux/7RyVsjq8qSm40PJLar8RtuaY5W3p6BC8F2pGZ2BACbMf
pv8qkaTVuoHRyuhxgYBuv6NiM12Yc1XTi+nTsf7QnNl5KJjXyrvvFnFPWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM4QGyF3a9M4BmGfCr34RUuM27SvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvemhBYklYZHIwemdHWVo4S3ZmaEZTNHpidEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlczAwQA
wldRAwQAwleBAwQAwzojAwQAw4UOAwQAw4VPAwQA1MEMMA0GCSqGSIb3DQEBCwUA
A4IBAQA/QFj2u5w2hpgjx7Q00ghJOP3CRLn3L6FrW80eeuuFZrgAT9dn2rXxIakI
zZVjQcnX0erSnh5dmiwPAgmkg2H2TkJSq838mDOCZ1gK7H/eiSZ1L2hs2dIf7ZhV
lbpM4kan7H4fqQToC961fcUDuCnTnKgjsk5wNEL9TwQb/H3pqJg37kO4YRpXTNtx
GWIRDTKJwFXeVF6B7qgTBPmQNST/f8I2Lb7FcLVFKx/uyQw05Qe+8shvhhC2H/Bt
Q/RUxwKKrtGU89MXM3xj7I4jOJlwnZYuLNMxshMBYin6DT0bAoxwvooGYdOrvQTY
S4g/nVO50yHvm3Nb6Dat+Pfh3t8Y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:16 2023 by rpki-client on console-ams.rpki-client.org