Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0kCSRTKXIpFeCXabHB9PTLgXb-k.roa
File: 0kCSRTKXIpFeCXabHB9PTLgXb-k.roa (raw, json)
Hash identifier: SZqEN59bNF2o7BxGnc7l+jQ+7YClHMI1OBNjOEZR3DM=
Subject key identifier: D2:40:92:45:32:97:22:91:5E:09:76:9B:1C:1F:4F:4C:B8:17:6F:E9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01857B9A8550FD80B4FBC74F62DEABAF9E6D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0kCSRTKXIpFeCXabHB9PTLgXb-k.roa
Signing time: Wed 04 Jan 2023 07:06:42 +0000
ROA not before: Wed 04 Jan 2023 07:06:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.58.155.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:9a:85:50:fd:80:b4:fb:c7:4f:62:de:ab:af:9e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 4 07:06:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2409245329722915e09769b1c1f4f4cb8176fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ee:d1:a9:2a:6e:f3:52:d7:64:66:98:54:6e:
37:97:e2:13:98:63:9f:62:1e:26:79:45:ea:b4:87:
1c:2e:a2:79:a2:82:08:08:1c:a2:af:0f:f9:85:d8:
56:ee:39:c0:20:1d:a9:8f:27:5b:5e:4f:d9:ab:9f:
f9:4e:49:89:ff:f3:98:7c:19:d1:c0:06:e5:b6:f2:
83:c8:62:06:d6:99:14:5b:28:86:5e:d1:23:99:92:
fe:43:e9:e8:30:ef:c3:03:ff:5d:c5:de:b4:2d:b7:
03:99:cb:d6:0d:d8:dd:f2:02:ea:2d:64:07:57:4d:
b8:2d:a1:ac:c9:76:bd:6a:a6:f4:4f:ca:b3:88:88:
59:57:3a:0c:aa:2c:65:46:c5:f1:eb:ac:04:71:87:
90:e8:a9:f0:6f:64:71:c5:e0:e5:22:1e:9c:ab:c1:
80:ad:99:c6:e5:2a:67:7f:d3:da:51:88:f4:dd:e0:
74:b0:63:49:59:1c:db:99:58:02:a6:2c:2f:6e:4e:
b0:2b:88:3e:7f:35:53:c3:97:ff:8c:7c:54:2d:4e:
dd:c6:b3:16:cc:8c:d3:60:e4:ed:b4:0a:06:ee:a2:
99:b0:10:fd:a0:b6:44:80:46:7b:82:31:f4:b0:b3:
79:e4:66:f0:c1:0a:88:4b:f9:0f:bd:83:a8:3b:36:
86:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:40:92:45:32:97:22:91:5E:09:76:9B:1C:1F:4F:4C:B8:17:6F:E9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0kCSRTKXIpFeCXabHB9PTLgXb-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
193.124.94.0/24
194.58.61.0/24
194.58.154.0/23
194.87.180.0/24
194.87.191.0/24
195.58.61.0/24
212.193.5.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
21:36:e0:d9:2b:24:06:7b:db:02:9f:f1:80:f4:1d:d3:4e:4f:
aa:3b:56:ec:bc:12:7a:bb:e5:c2:0e:17:cb:eb:35:36:34:ee:
89:24:cc:d5:48:22:52:43:22:6b:e8:84:57:a0:31:da:0a:23:
8c:b3:c3:ec:6a:58:9a:7c:98:3c:7a:cc:3f:ba:c1:42:d0:07:
0a:19:60:e2:ed:e9:5b:d7:00:39:3a:4a:38:41:a5:b2:91:8f:
6f:6b:81:8a:5a:b5:83:8b:62:f3:40:99:83:aa:1a:7b:b4:aa:
b0:a5:e0:e3:f3:19:37:fe:df:c4:be:df:54:a7:cb:1b:47:45:
bc:4d:80:cb:ec:cb:f0:f1:36:a2:71:59:97:14:d7:16:b5:10:
bf:9d:43:a5:88:22:a2:19:84:14:62:f3:86:5b:5b:22:c6:e4:
7a:f1:ba:7c:cc:ee:e7:3a:cf:b5:12:8f:34:bf:ef:ef:a7:66:
c5:2a:49:08:a9:fd:34:3a:a1:d2:72:9c:e2:71:42:2e:ab:1b:
21:1d:c7:89:7d:ee:bd:2a:08:9c:1a:13:e7:b3:d9:d9:f3:7c:
29:eb:cd:7a:2a:55:73:ca:4e:47:b9:6e:10:c3:cf:a9:ac:48:
50:58:cb:61:4d:b0:85:9f:84:67:ba:63:ae:da:d3:23:dc:5a:
8d:b2:ec:46
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYV7moVQ/YC0+8dPYt6rr55tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA0MDcwNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQwOTI0NTMyOTcyMjkxNWUwOTc2OWIxYzFmNGY0Y2I4MTc2ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu7RqSpu81LXZGaYVG43l+ITmGOf
Yh4meUXqtIccLqJ5ooIICByirw/5hdhW7jnAIB2pjydbXk/Zq5/5TkmJ//OYfBnR
wAbltvKDyGIG1pkUWyiGXtEjmZL+Q+noMO/DA/9dxd60LbcDmcvWDdjd8gLqLWQH
V024LaGsyXa9aqb0T8qziIhZVzoMqixlRsXx66wEcYeQ6Knwb2RxxeDlIh6cq8GA
rZnG5Spnf9PaUYj03eB0sGNJWRzbmVgCpiwvbk6wK4g+fzVTw5f/jHxULU7dxrMW
zIzTYOTttAoG7qKZsBD9oLZEgEZ7gjH0sLN55GbwwQqIS/kPvYOoOzaGbQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNJAkkUylyKRXgl2mxwfT0y4F2/pMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMGtDU1JUS1hJcEZlQ1hhYkhCOVBUTGdYYi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy1AwQA
wXxeAwQAwjo9AwQBwjqaAwQAwle0AwQAwle/AwQAwzo9AwQA1MEFAwQA1MEJMA0G
CSqGSIb3DQEBCwUAA4IBAQAhNuDZKyQGe9sCn/GA9B3TTk+qO1bsvBJ6u+XCDhfL
6zU2NO6JJMzVSCJSQyJr6IRXoDHaCiOMs8PsaliafJg8esw/usFC0AcKGWDi7elb
1wA5Oko4QaWykY9va4GKWrWDi2LzQJmDqhp7tKqwpeDj8xk3/t/Evt9Up8sbR0W8
TYDL7Mvw8TaicVmXFNcWtRC/nUOliCKiGYQUYvOGW1sixuR68bp8zO7nOs+1Eo80
v+/vp2bFKkkIqf00OqHScpzicUIuqxshHceJfe69KgicGhPns9nZ83wp6816KlVz
yk5HuW4Qw8+prEhQWMthTbCFn4RnumOu2tMj3FqNsuxG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:48 2023 by rpki-client on console-ams.rpki-client.org