Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0p1Oh5hBh5C0s8g2Fpo5acT90TI.roa
File: 0p1Oh5hBh5C0s8g2Fpo5acT90TI.roa (raw, json)
Hash identifier: 0oeSrgPz7nPKoJ+prTW5T0AlxEWdTrHyJ+BfMaIN69k=
Subject key identifier: D2:9D:4E:87:98:41:87:90:B4:B3:C8:36:16:9A:39:69:C4:FD:D1:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B65C4299379ADDEB52E30D6587876964A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0p1Oh5hBh5C0s8g2Fpo5acT90TI.roa
Signing time: Wed 25 Oct 2023 07:37:16 +0000
ROA not before: Wed 25 Oct 2023 07:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 146943
IP address blocks: 194.87.204.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:c4:29:93:79:ad:de:b5:2e:30:d6:58:78:76:96:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 07:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d29d4e8798418790b4b3c836169a3969c4fdd132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6a:02:58:5f:12:ab:59:63:e2:15:ba:96:c3:
d8:8d:ba:64:aa:98:07:bd:2d:b9:27:73:41:ac:6f:
1f:cf:3f:46:ba:26:d0:90:e4:bc:85:77:99:70:c6:
e2:a7:c7:5a:bb:f8:d6:4c:3a:a7:6f:1d:c5:57:43:
7e:21:e6:f0:c6:fa:5e:9e:c8:32:56:2a:8f:06:82:
76:3b:6a:7c:30:e2:9d:ae:f1:bc:ac:a5:c8:4c:cb:
a4:63:9d:48:e4:1e:85:92:99:10:ef:44:c8:bc:6f:
e7:d7:7c:50:11:c0:ac:1c:5a:57:97:b9:9a:17:5e:
da:3d:f0:39:cc:e3:53:ba:49:44:c1:0e:d4:38:24:
d2:37:8d:24:e3:70:78:cf:54:33:65:e2:90:f6:76:
b7:23:95:1f:5c:bc:4f:04:01:fb:3b:44:d1:55:f7:
41:9d:74:3f:bc:fb:16:18:ff:fd:46:9a:8f:6f:24:
8b:72:c7:6e:af:f4:fb:0d:52:ec:52:41:9b:42:86:
b0:e8:5b:15:7b:25:2f:ca:23:48:6a:15:06:d8:f3:
e9:74:94:86:48:da:7c:3e:51:61:57:75:85:28:8b:
c1:c6:bc:bc:36:37:f5:47:34:71:6d:0b:a3:af:32:
c8:a6:cf:9b:2f:43:eb:cb:65:de:e9:25:78:ca:23:
be:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9D:4E:87:98:41:87:90:B4:B3:C8:36:16:9A:39:69:C4:FD:D1:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0p1Oh5hBh5C0s8g2Fpo5acT90TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.204.0/24
212.192.244.0/24
212.193.24.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b0:5d:dc:2e:ba:b0:3f:14:cd:d7:b7:87:ce:44:8a:11:f6:
1d:ac:bb:cc:1c:45:e0:96:15:f3:03:07:e1:ac:0a:d6:18:23:
cf:71:f0:75:59:b5:64:8c:2b:4a:c7:94:2a:55:79:92:5e:88:
ee:5f:84:41:df:50:17:0f:b2:c5:68:4e:b1:d3:90:d6:34:03:
23:1a:09:99:b7:59:b8:15:91:b2:9d:92:67:b8:41:d2:c8:69:
2a:e2:63:75:69:c6:fc:f6:9b:d4:88:97:9a:5b:23:a5:32:f9:
2e:ce:15:d0:d4:f4:c4:78:b8:00:28:26:fa:72:cf:c1:60:69:
2b:0b:6c:8e:0a:8f:e4:4c:a7:57:bb:bd:4d:82:52:23:ed:92:
24:d7:cd:55:31:9b:a4:22:23:d0:21:06:78:cc:81:da:98:c2:
fc:ad:92:3f:1f:c5:4b:81:44:e9:9e:5b:8e:0b:ed:96:fc:ad:
6a:da:a0:b6:aa:8e:43:8f:04:72:d4:23:e0:b5:a4:ce:51:a1:
2d:89:f8:a6:7e:73:2b:5a:4e:44:7a:03:aa:31:6a:7a:97:40:
8d:a3:7b:e2:5e:89:f1:2c:78:7d:a1:de:8a:41:98:b6:8b:db:
8e:00:79:f1:69:78:a9:9a:ff:43:19:d1:dd:07:4d:f5:5d:b7:
a0:de:37:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtlxCmTea3etS4w1lh4dpZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI1MDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjlkNGU4Nzk4NDE4NzkwYjRiM2M4MzYxNjlhMzk2OWM0ZmRkMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGoCWF8Sq1lj4hW6lsPYjbpkqpgH
vS25J3NBrG8fzz9GuibQkOS8hXeZcMbip8dau/jWTDqnbx3FV0N+Iebwxvpensgy
ViqPBoJ2O2p8MOKdrvG8rKXITMukY51I5B6FkpkQ70TIvG/n13xQEcCsHFpXl7ma
F17aPfA5zONTuklEwQ7UOCTSN40k43B4z1QzZeKQ9na3I5UfXLxPBAH7O0TRVfdB
nXQ/vPsWGP/9RpqPbySLcsdur/T7DVLsUkGbQoaw6FsVeyUvyiNIahUG2PPpdJSG
SNp8PlFhV3WFKIvBxry8Njf1RzRxbQujrzLIps+bL0Pry2Xe6SV4yiO+1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNKdToeYQYeQtLPINhaaOWnE/dEyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMHAxT2g1aEJoNUMwczhnMkZwbzVhY1Q5MFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlfMAwQA
1MD0AwQA1MEYMA0GCSqGSIb3DQEBCwUAA4IBAQBqsF3cLrqwPxTN17eHzkSKEfYd
rLvMHEXglhXzAwfhrArWGCPPcfB1WbVkjCtKx5QqVXmSXojuX4RB31AXD7LFaE6x
05DWNAMjGgmZt1m4FZGynZJnuEHSyGkq4mN1acb89pvUiJeaWyOlMvkuzhXQ1PTE
eLgAKCb6cs/BYGkrC2yOCo/kTKdXu71NglIj7ZIk181VMZukIiPQIQZ4zIHamML8
rZI/H8VLgUTpnluOC+2W/K1q2qC2qo5DjwRy1CPgtaTOUaEtifimfnMrWk5EegOq
MWp6l0CNo3viXonxLHh9od6KQZi2i9uOAHnxaXipmv9DGdHdB031Xbeg3jes
-----END CERTIFICATE-----
Generated at Wed Nov 1 17:57:50 2023 by rpki-client on console-ams.rpki-client.org