Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1561Ea8YoIHKsn68EeHOBwpprkg.roa
File: 1561Ea8YoIHKsn68EeHOBwpprkg.roa (raw, json)
Hash identifier: QzeOVB+JqiTPY+zyd77YZ9adOAU4RvKa9jaYq/9b508=
Subject key identifier: D7:9E:B5:11:AF:18:A0:81:CA:B2:7E:BC:11:E1:CE:07:0A:69:AE:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185DDAB1FBDA02FAF2E4C3EE717C65180DA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1561Ea8YoIHKsn68EeHOBwpprkg.roa
Signing time: Mon 23 Jan 2023 08:07:37 +0000
ROA not before: Mon 23 Jan 2023 08:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 195.133.84.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:ab:1f:bd:a0:2f:af:2e:4c:3e:e7:17:c6:51:80:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 08:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d79eb511af18a081cab27ebc11e1ce070a69ae48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:59:1d:ce:30:50:60:77:b7:9b:b3:ad:de:
87:11:d4:43:6e:0e:6d:47:6f:fa:e3:29:ef:bc:a5:
42:24:82:dc:b1:e5:8f:bd:5b:18:d9:a7:11:c3:9e:
83:82:62:d3:d6:e8:91:0c:90:0c:45:39:32:49:85:
52:63:81:38:12:5a:3f:8e:2f:a6:d5:04:39:0a:c0:
dc:4c:75:a3:49:19:0d:76:29:4c:4e:9b:57:54:a2:
96:4d:d2:a6:99:91:ca:80:6f:53:96:ff:8f:34:ca:
5a:d7:47:2c:0d:e1:5e:61:ab:1d:f3:35:5d:b9:a8:
0a:87:dd:ca:a8:31:6c:be:97:94:f3:8b:33:3f:e8:
fc:f5:8c:b9:67:38:c8:3a:75:e4:a7:31:a1:1f:b2:
ae:a7:a4:3b:ff:18:80:17:3b:64:ef:ba:5d:07:a3:
62:2e:16:ef:00:48:56:eb:ac:53:24:a8:f3:c9:7d:
eb:78:a6:a1:5c:06:b3:97:2e:6d:b8:ef:0f:f8:3b:
a4:9c:f1:b2:eb:dc:67:6e:70:9c:1d:2b:14:c3:56:
85:a7:ac:3c:83:cd:b6:47:ee:21:04:1d:1f:23:ea:
de:63:74:d2:b1:ff:98:86:a2:c6:07:39:ea:75:63:
b8:c0:85:30:a2:3e:6f:f5:f0:a4:4b:a6:b9:90:19:
ed:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9E:B5:11:AF:18:A0:81:CA:B2:7E:BC:11:E1:CE:07:0A:69:AE:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1561Ea8YoIHKsn68EeHOBwpprkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
194.58.58.0/24
194.58.67.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a2:97:82:dc:47:e3:c6:1f:ee:f9:ef:c3:fc:c8:55:f3:1c:
61:8a:bd:5d:10:8d:08:6a:8b:a7:db:32:3f:d7:4d:5c:1b:d8:
64:12:d2:b1:35:f7:1a:e2:3c:59:95:73:7e:a8:1f:f6:0d:ee:
e6:18:03:14:e5:51:22:86:09:73:09:34:1a:ce:b5:62:57:66:
b0:db:6c:09:6f:d4:7c:60:ee:ab:14:1c:8a:57:82:a3:4e:25:
ec:aa:e7:90:9f:70:d6:f6:59:1d:89:a2:e0:53:71:c5:1e:e1:
ff:c7:b9:83:8b:71:eb:28:c8:58:95:2a:df:eb:b8:50:09:82:
97:11:d7:05:55:e6:d3:8f:43:32:7f:47:34:43:32:0d:e2:39:
03:7b:9d:02:8b:21:69:9d:ca:a4:39:50:74:b1:fa:10:d5:f8:
8d:20:a2:fc:94:51:0e:fa:01:f0:90:56:ae:2e:cc:b6:13:cf:
57:0a:3f:2b:c5:1f:2d:d8:ca:1f:73:80:00:94:95:58:95:c6:
fd:76:13:09:e3:1a:54:58:c8:fe:7e:4e:56:99:76:44:2b:3f:
90:33:ed:0f:4f:28:2c:0e:53:cb:a0:4d:55:4b:1c:64:bb:5e:
cb:55:8a:7a:71:0c:24:58:df:ae:2f:97:e9:e5:e4:86:ea:46:
2f:9b:27:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXdqx+9oC+vLkw+5xfGUYDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTIzMDgwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzllYjUxMWFmMThhMDgxY2FiMjdlYmMxMWUxY2UwNzBhNjlhZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWlZHc4wUGB3t5uzrd6HEdRDbg5t
R2/64ynvvKVCJILcseWPvVsY2acRw56DgmLT1uiRDJAMRTkySYVSY4E4Elo/ji+m
1QQ5CsDcTHWjSRkNdilMTptXVKKWTdKmmZHKgG9Tlv+PNMpa10csDeFeYasd8zVd
uagKh93KqDFsvpeU84szP+j89Yy5ZzjIOnXkpzGhH7Kup6Q7/xiAFztk77pdB6Ni
LhbvAEhW66xTJKjzyX3reKahXAazly5tuO8P+DuknPGy69xnbnCcHSsUw1aFp6w8
g822R+4hBB0fI+reY3TSsf+YhqLGBznqdWO4wIUwoj5v9fCkS6a5kBnt2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNeetRGvGKCByrJ+vBHhzgcKaa5IMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTU2MUVhOFlvSUhLc242OEVlSE9Cd3BwcmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwtAwQA
wjo6AwQAwjpDAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQBaopeC3Efjxh/u+e/D
/MhV8xxhir1dEI0Iaoun2zI/101cG9hkEtKxNfca4jxZlXN+qB/2De7mGAMU5VEi
hglzCTQazrViV2aw22wJb9R8YO6rFByKV4KjTiXsqueQn3DW9lkdiaLgU3HFHuH/
x7mDi3HrKMhYlSrf67hQCYKXEdcFVebTj0Myf0c0QzIN4jkDe50CiyFpncqkOVB0
sfoQ1fiNIKL8lFEO+gHwkFauLsy2E89XCj8rxR8t2Mofc4AAlJVYlcb9dhMJ4xpU
WMj+fk5WmXZEKz+QM+0PTygsDlPLoE1VSxxku17LVYp6cQwkWN+uL5fp5eSG6kYv
myfk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org