Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0F9ivka5ClS6slsl8fe1oRBrVgY.roa
File: 0F9ivka5ClS6slsl8fe1oRBrVgY.roa (raw, json)
Hash identifier: j9lSDCQNKDlb2PlJf9EYthfMZlrn+vM37EYY2jwNESw=
Subject key identifier: D0:5F:62:BE:46:B9:0A:54:BA:B2:5B:25:F1:F7:B5:A1:10:6B:56:06
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01888541A73AE1BEFAF3002EF40E5114BF29
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0F9ivka5ClS6slsl8fe1oRBrVgY.roa
Signing time: Sun 04 Jun 2023 07:14:12 +0000
ROA not before: Sun 04 Jun 2023 07:14:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.120.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:85:41:a7:3a:e1:be:fa:f3:00:2e:f4:0e:51:14:bf:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 4 07:14:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d05f62be46b90a54bab25b25f1f7b5a1106b5606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:01:62:ff:06:15:3e:54:fd:07:9e:dc:b9:
09:47:58:be:f3:a9:9e:87:63:e0:c8:de:9b:4c:49:
66:88:96:d6:68:a3:dc:d4:2b:1c:4a:f5:9e:30:47:
08:9b:31:c7:ca:95:94:86:0a:13:de:84:58:f8:4d:
13:89:d3:2f:f9:10:e5:73:cd:6a:d0:68:13:74:72:
9d:cd:98:2a:59:d8:27:e2:f7:8c:5f:4b:a7:81:09:
cc:cd:af:bf:ba:c4:ab:5f:15:e1:84:a2:c9:33:09:
78:9a:dc:5b:46:e6:f1:77:9e:ef:9f:8b:52:96:d4:
1e:20:03:1f:f4:51:10:f7:73:73:54:32:71:bd:9b:
49:8a:31:6f:b7:26:d2:42:47:a1:3d:c8:6e:3f:e3:
e9:ed:8d:7b:c7:50:2b:82:fd:79:dd:59:06:dc:f8:
6f:6b:86:b7:f9:e2:fd:7a:3f:31:c2:83:27:d0:a5:
03:07:08:98:8c:0c:c0:5b:48:a3:5f:6b:7b:07:ef:
f1:d6:34:19:75:76:c3:91:f1:68:7c:7f:f1:a2:af:
60:d0:4c:b5:86:22:71:a5:ca:09:d0:eb:04:15:5f:
56:56:03:73:d8:e3:7d:03:14:ec:0c:58:b1:b1:05:
58:78:0d:1b:26:06:cd:30:da:39:27:2d:ed:6b:84:
32:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5F:62:BE:46:B9:0A:54:BA:B2:5B:25:F1:F7:B5:A1:10:6B:56:06
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0F9ivka5ClS6slsl8fe1oRBrVgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.94.0/24
194.87.119.0-194.87.120.255
Signature Algorithm: sha256WithRSAEncryption
7a:41:7c:b1:16:a4:3b:0c:a0:66:09:fb:9c:4c:4c:cf:87:dc:
20:13:9a:8d:dc:79:c6:e6:e9:a0:07:a7:bb:a9:4a:a7:e3:f6:
e7:ae:fc:30:cb:c2:e0:a6:eb:08:82:b5:b8:0f:92:ce:4e:01:
59:06:31:9e:c0:f2:17:7d:0e:29:f5:28:ae:62:68:ec:d4:1f:
cd:82:ca:e8:44:65:1e:c1:87:cf:05:6c:0a:82:4b:5a:31:e9:
7d:51:ab:57:17:cb:41:58:9c:3f:aa:e8:6e:08:0f:b1:d6:4a:
aa:db:0b:9e:29:09:0b:8f:2c:62:f8:e6:a6:85:18:a5:dd:3b:
7d:b3:f5:3b:98:be:6a:e7:dc:25:69:0d:4d:68:3b:e4:39:ae:
6e:dc:8b:88:fa:16:77:e0:e5:63:2e:56:c7:4b:bd:e2:9f:b7:
b4:8c:a6:ed:5d:f9:19:27:2d:b5:39:2b:e6:d1:0c:4e:57:4b:
ef:fb:a9:e3:84:50:e4:4c:b5:eb:bd:8f:2c:92:25:b7:41:ad:
c8:7c:34:a7:20:e6:4a:c5:02:31:60:03:99:72:f7:90:7a:c2:
75:25:db:47:8b:97:b4:11:39:3b:58:34:7c:94:22:d4:93:5d:
3b:b3:46:c8:8c:ed:05:05:27:73:59:b1:34:39:e9:ae:04:1b:
45:c8:3d:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiFQac64b768wAu9A5RFL8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA0MDcxNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDVmNjJiZTQ2YjkwYTU0YmFiMjViMjVmMWY3YjVhMTEwNmI1NjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZUBYv8GFT5U/Qee3LkJR1i+86me
h2PgyN6bTElmiJbWaKPc1CscSvWeMEcImzHHypWUhgoT3oRY+E0TidMv+RDlc81q
0GgTdHKdzZgqWdgn4veMX0ungQnMza+/usSrXxXhhKLJMwl4mtxbRubxd57vn4tS
ltQeIAMf9FEQ93NzVDJxvZtJijFvtybSQkehPchuP+Pp7Y17x1Argv153VkG3Phv
a4a3+eL9ej8xwoMn0KUDBwiYjAzAW0ijX2t7B+/x1jQZdXbDkfFofH/xoq9g0Ey1
hiJxpcoJ0OsEFV9WVgNz2ON9AxTsDFixsQVYeA0bJgbNMNo5Jy3ta4QyFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNBfYr5GuQpUurJbJfH3taEQa1YGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMEY5aXZrYTVDbFM2c2xzbDhmZTFvUkJyVmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwHy2AwQA
wXxeMAwDBADCV3cDBADCV3gwDQYJKoZIhvcNAQELBQADggEBAHpBfLEWpDsMoGYJ
+5xMTM+H3CATmo3cecbm6aAHp7upSqfj9ueu/DDLwuCm6wiCtbgPks5OAVkGMZ7A
8hd9Din1KK5iaOzUH82CyuhEZR7Bh88FbAqCS1ox6X1Rq1cXy0FYnD+q6G4ID7HW
SqrbC54pCQuPLGL45qaFGKXdO32z9TuYvmrn3CVpDU1oO+Q5rm7ci4j6Fnfg5WMu
VsdLveKft7SMpu1d+RknLbU5K+bRDE5XS+/7qeOEUORMteu9jyySJbdBrch8NKcg
5krFAjFgA5ly95B6wnUl20eLl7QROTtYNHyUItSTXTuzRsiM7QUFJ3NZsTQ56a4E
G0XIPas=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:53 2023 by rpki-client on console-fra.rpki-client.org