Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-mlpMCY55_VgqPeR312_0TSKiLg.roa
File: 1-mlpMCY55_VgqPeR312_0TSKiLg.roa (raw, json)
Hash identifier: /deDFRrqtbBiN5mQc+uca9ELCaGWLZ3uWqmmmDVnKPA=
Subject key identifier: FA:69:69:30:26:39:E7:F5:60:A8:F7:91:DF:5D:BF:D1:34:8A:88:B8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185965C760669FD7ABE303D370A4A5F160E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-mlpMCY55_VgqPeR312_0TSKiLg.roa
Signing time: Mon 09 Jan 2023 11:48:39 +0000
ROA not before: Mon 09 Jan 2023 11:48:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:5c:76:06:69:fd:7a:be:30:3d:37:0a:4a:5f:16:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 9 11:48:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa6969302639e7f560a8f791df5dbfd1348a88b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:57:de:23:cc:b2:11:0d:8c:9e:49:5e:bb:c0:
b1:01:3b:d0:8d:75:ff:d0:c9:e6:f7:52:65:e8:7c:
b5:87:f9:77:c8:9f:0f:a0:74:75:c3:f7:8f:56:e2:
25:f5:ed:fe:b9:5a:0a:3c:18:0c:73:22:90:ae:8d:
28:9c:e0:fe:21:a3:1d:4b:21:cb:9f:91:14:8b:59:
94:42:f9:df:59:6c:4d:fc:84:a4:2a:52:f0:2d:1b:
40:3b:b4:e7:a9:48:ec:52:46:de:1f:f1:25:fe:1b:
ac:77:60:90:9e:67:dd:ff:65:0a:cd:8d:82:67:58:
a9:2f:f3:a0:e0:ba:3d:00:a5:85:e4:3a:10:42:fa:
1a:75:21:3b:2c:f9:ac:6e:d3:b2:31:a6:36:ac:cb:
e9:be:df:be:ee:6b:23:2f:ae:10:6b:cb:c7:5a:f2:
d2:b8:2f:23:79:3f:7c:1a:fb:71:1c:2b:d5:ed:a1:
31:23:e0:90:8a:f1:0f:00:f4:9a:b5:79:80:37:0f:
45:a4:90:a2:cc:df:55:25:06:15:6f:69:bd:1c:33:
5d:74:48:dd:0e:71:06:aa:36:20:b0:a7:ca:fd:d5:
bf:73:53:00:ec:91:96:aa:4e:db:5b:88:1f:2a:3a:
02:38:91:69:28:bc:32:5a:75:9d:ac:90:e2:ce:c1:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:69:69:30:26:39:E7:F5:60:A8:F7:91:DF:5D:BF:D1:34:8A:88:B8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-mlpMCY55_VgqPeR312_0TSKiLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.37.0/24
194.87.177.0/24
195.133.194.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6f:72:25:ea:27:f9:b7:eb:80:34:d6:4f:0a:70:c0:b2:a6:
d7:22:23:04:d3:0c:a6:e3:78:c5:c0:31:88:b3:46:fb:05:44:
a2:d1:68:ca:0e:cf:fc:0c:da:28:dc:cc:f2:ed:8b:5a:34:c9:
51:78:74:b5:0f:89:30:11:dc:f9:95:dc:de:90:90:9f:05:38:
72:3b:6d:47:62:7b:b3:d1:21:7b:84:b9:8d:1f:b5:77:e6:df:
c6:95:a2:09:13:db:dc:33:a5:79:04:1c:be:14:99:5d:92:c8:
4a:7a:bd:ab:cd:8e:b9:9b:65:2b:35:4b:46:57:71:44:98:b7:
50:09:c8:14:66:bf:f4:4e:1e:d6:06:80:31:71:07:2f:55:3a:
7f:8d:41:b1:c7:80:82:c8:b0:d1:2f:3c:9c:09:3d:6b:9f:8f:
52:f1:73:97:90:ae:e5:37:a3:ec:4e:92:9b:9e:6d:d9:ad:79:
77:39:30:4e:85:cf:31:09:c7:db:54:fb:5e:9e:66:bd:08:04:
03:04:9c:5c:68:51:10:e5:b3:c4:e3:2d:6a:63:29:67:f4:99:
f4:22:ac:c2:ae:c3:a1:d2:f8:b5:de:3b:46:b1:c0:08:46:31:
5d:d3:82:6c:3b:c8:b8:d5:76:c7:a7:56:95:a2:e8:f2:3b:e1:
08:57:62:e0
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYWWXHYGaf16vjA9NwpKXxYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA5MTE0ODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY5NjkzMDI2MzllN2Y1NjBhOGY3OTFkZjVkYmZkMTM0OGE4OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1feI8yyEQ2Mnkleu8CxATvQjXX/
0Mnm91Jl6Hy1h/l3yJ8PoHR1w/ePVuIl9e3+uVoKPBgMcyKQro0onOD+IaMdSyHL
n5EUi1mUQvnfWWxN/ISkKlLwLRtAO7TnqUjsUkbeH/El/husd2CQnmfd/2UKzY2C
Z1ipL/Og4Lo9AKWF5DoQQvoadSE7LPmsbtOyMaY2rMvpvt++7msjL64Qa8vHWvLS
uC8jeT98GvtxHCvV7aExI+CQivEPAPSatXmANw9FpJCizN9VJQYVb2m9HDNddEjd
DnEGqjYgsKfK/dW/c1MA7JGWqk7bW4gfKjoCOJFpKLwyWnWdrJDizsGa8wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPppaTAmOef1YKj3kd9dv9E0ioi4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1tbHBNQ1k1NV9WZ3FQZVIzMTJfMFRTS2lMZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAD5M6AME
AD5M6wMEAMF8EAMEAMF8XQMEAMF8ygMEAMI6LwMEAMJXAwMEAMJXEAMEAMJXFgME
AMJXJQMEAMJXsQMEAMOFwgMEANTA0zANBgkqhkiG9w0BAQsFAAOCAQEAgG9yJeon
+bfrgDTWTwpwwLKm1yIjBNMMpuN4xcAxiLNG+wVEotFoyg7P/AzaKNzM8u2LWjTJ
UXh0tQ+JMBHc+ZXc3pCQnwU4cjttR2J7s9Ehe4S5jR+1d+bfxpWiCRPb3DOleQQc
vhSZXZLISnq9q82OuZtlKzVLRldxRJi3UAnIFGa/9E4e1gaAMXEHL1U6f41BsceA
gsiw0S88nAk9a5+PUvFzl5Cu5Tej7E6Sm55t2a15dzkwToXPMQnH21T7Xp5mvQgE
AwScXGhREOWzxOMtamMpZ/SZ9CKswq7DodL4td47RrHACEYxXdOCbDvIuNV2x6dW
laLo8jvhCFdi4A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org