Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-VJ30axeDCxn9p3C9XjfZBQayMM.roa
File: 1-VJ30axeDCxn9p3C9XjfZBQayMM.roa (raw, json)
Hash identifier: zwzHL3ZjktNyJhCnN3vULUFpExyxQSKebsCpRFF/8EY=
Subject key identifier: F9:52:77:D1:AC:5E:0C:2C:67:F6:9D:C2:F5:78:DF:64:14:1A:C8:C3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018572FA457B97CDF992E0F108B10A274639
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-VJ30axeDCxn9p3C9XjfZBQayMM.roa
Signing time: Mon 02 Jan 2023 14:54:42 +0000
ROA not before: Mon 02 Jan 2023 14:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.17.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:45:7b:97:cd:f9:92:e0:f1:08:b1:0a:27:46:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 14:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f95277d1ac5e0c2c67f69dc2f578df64141ac8c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:10:44:e7:a0:ea:fa:ac:5d:29:0f:42:ba:00:
d2:49:d2:88:a0:73:75:ea:95:f0:1c:bd:07:bf:e3:
55:8d:3e:02:4f:ba:bb:48:a2:0c:ab:35:e4:18:be:
dd:d6:e3:bc:11:6c:98:db:02:de:86:ea:92:81:8e:
ed:20:b3:09:fa:4a:07:79:fa:4a:46:0f:1c:5a:cd:
cf:4c:38:81:e9:a0:cf:13:da:69:1c:73:17:60:71:
ff:d4:24:1d:5e:12:8b:49:2f:97:44:ff:38:2a:83:
7d:da:4e:94:70:cb:5a:cd:88:c9:e8:53:0a:da:e1:
03:96:e3:5e:e2:3b:a3:d2:c6:40:4d:10:45:10:c7:
f4:3e:21:62:b9:a6:e3:03:12:2a:78:89:8f:15:03:
9e:e8:6f:32:04:1a:d3:32:d3:e8:46:82:86:40:05:
b8:f6:8e:eb:84:22:f7:cb:61:7c:a7:86:f6:c0:32:
fe:53:df:80:81:14:9a:c3:d2:09:29:df:de:9f:c4:
80:4f:28:77:e5:bb:d3:3d:85:80:e2:97:12:41:12:
dc:82:2f:28:e6:9b:64:b3:5c:2a:0e:c3:84:fc:75:
8d:bf:2e:09:c8:74:7f:36:e1:4d:2e:12:86:d5:62:
af:b5:47:09:b9:19:6d:fb:82:46:36:42:db:2b:d4:
9a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:52:77:D1:AC:5E:0C:2C:67:F6:9D:C2:F5:78:DF:64:14:1A:C8:C3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-VJ30axeDCxn9p3C9XjfZBQayMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.17.0/24
194.87.91.0/24
194.87.188.0/24
Signature Algorithm: sha256WithRSAEncryption
39:57:fb:6a:88:8c:2f:f2:fc:13:83:27:16:a9:b9:79:3f:90:
79:44:88:2c:7a:9f:84:00:a2:6a:c5:a4:2f:cd:6c:b3:fd:d9:
8a:e2:7f:55:8a:2e:ca:25:0a:fd:37:99:7b:55:e5:61:94:54:
a0:12:91:d8:e4:ff:e9:9d:de:18:e9:34:30:14:f4:cb:36:c6:
52:8b:c0:c9:e3:df:8e:f3:6d:69:41:de:c2:8c:6a:9d:76:32:
69:ea:0e:ae:d6:8e:26:ab:0f:8d:61:e8:72:85:dc:f9:d3:7e:
3e:5a:ee:51:df:a3:28:28:f4:ec:8a:b9:14:65:26:a7:09:9e:
77:13:34:8b:b5:16:0d:fe:73:f7:44:80:0d:c7:c4:50:6c:1a:
cb:3c:f2:5e:4c:83:5f:71:55:39:86:fd:fc:fa:19:e0:6e:48:
d1:94:7e:2c:75:05:62:06:f4:de:13:3f:d6:e9:e5:24:f0:d8:
d3:04:51:ea:dd:66:26:d6:98:31:84:db:c9:e9:be:9c:07:a1:
59:b2:d9:ea:16:ec:69:25:74:6a:25:74:9b:46:c3:7c:73:89:
43:c0:0a:38:e7:f3:98:ce:83:30:1b:44:cc:8b:39:de:b4:fd:
25:11:e1:12:b3:39:f5:2d:f4:c6:9e:4e:5c:92:2c:23:90:c2:
4b:31:0a:e0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVy+kV7l835kuDxCLEKJ0Y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMTQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTUyNzdkMWFjNWUwYzJjNjdmNjlkYzJmNTc4ZGY2NDE0MWFjOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBBE56Dq+qxdKQ9CugDSSdKIoHN1
6pXwHL0Hv+NVjT4CT7q7SKIMqzXkGL7d1uO8EWyY2wLehuqSgY7tILMJ+koHefpK
Rg8cWs3PTDiB6aDPE9ppHHMXYHH/1CQdXhKLSS+XRP84KoN92k6UcMtazYjJ6FMK
2uEDluNe4juj0sZATRBFEMf0PiFiuabjAxIqeImPFQOe6G8yBBrTMtPoRoKGQAW4
9o7rhCL3y2F8p4b2wDL+U9+AgRSaw9IJKd/en8SATyh35bvTPYWA4pcSQRLcgi8o
5ptks1wqDsOE/HWNvy4JyHR/NuFNLhKG1WKvtUcJuRlt+4JGNkLbK9SapwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPlSd9GsXgwsZ/adwvV432QUGsjDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1WSjMwYXhlREN4bjlwM0M5WGpmWkJRYXlNTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMJXEQME
AMJXWwMEAMJXvDANBgkqhkiG9w0BAQsFAAOCAQEAOVf7aoiML/L8E4MnFqm5eT+Q
eUSILHqfhACiasWkL81ss/3ZiuJ/VYouyiUK/TeZe1XlYZRUoBKR2OT/6Z3eGOk0
MBT0yzbGUovAyePfjvNtaUHewoxqnXYyaeoOrtaOJqsPjWHocoXc+dN+PlruUd+j
KCj07Iq5FGUmpwmedxM0i7UWDf5z90SADcfEUGwayzzyXkyDX3FVOYb9/PoZ4G5I
0ZR+LHUFYgb03hM/1unlJPDY0wRR6t1mJtaYMYTbyem+nAehWbLZ6hbsaSV0aiV0
m0bDfHOJQ8AKOOfzmM6DMBtEzIs53rT9JRHhErM59S30xp5OXJIsI5DCSzEK4A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org