Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/17MXugjboGjrR7Zg54CsXcnBtHw.roa
File: 17MXugjboGjrR7Zg54CsXcnBtHw.roa (raw, json)
Hash identifier: wICSKPrHgV9lmCmL6OQlRSAAZUuqRdHaiovC4l1Q/0A=
Subject key identifier: D7:B3:17:BA:08:DB:A0:68:EB:47:B6:60:E7:80:AC:5D:C9:C1:B4:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018865C3B5D40612564B290D32C2850BCF6E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/17MXugjboGjrR7Zg54CsXcnBtHw.roa
Signing time: Mon 29 May 2023 04:28:24 +0000
ROA not before: Mon 29 May 2023 04:28:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 194.87.220.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:65:c3:b5:d4:06:12:56:4b:29:0d:32:c2:85:0b:cf:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 29 04:28:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7b317ba08dba068eb47b660e780ac5dc9c1b47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:4a:8a:83:c2:2f:94:56:d9:93:40:37:87:
af:57:f0:51:de:a1:8c:f1:95:41:4e:a9:5a:03:d1:
ea:a4:7f:dd:01:23:1c:18:57:31:4d:16:5e:52:8b:
1f:e3:16:fe:b9:5f:77:d7:b6:8e:e0:07:c3:65:94:
1f:64:c1:10:55:ed:68:3c:96:c6:fe:56:b2:b5:ba:
15:c0:a1:ae:d1:9a:31:81:2c:76:88:de:f8:88:da:
ba:19:d3:e1:85:31:ac:97:c4:6f:91:a9:7a:71:46:
22:1f:2e:20:cf:de:98:7d:32:a0:43:63:0b:93:40:
3f:cb:73:7c:1b:59:ac:c9:ff:7d:7f:ea:4a:0a:99:
6f:a7:b1:23:41:5a:33:9f:dd:eb:98:fb:93:4b:8d:
38:a3:11:c4:fa:a4:cf:f3:aa:b8:c0:e5:e5:5a:8d:
b2:ff:62:21:c0:fa:4c:bd:ad:87:1c:d2:05:eb:25:
17:08:7c:70:ad:4c:17:3b:6a:ed:b7:c7:4a:a4:53:
e6:2e:68:51:7f:11:bb:ca:55:a5:28:28:df:e7:20:
2c:d4:d2:00:df:fd:62:b1:fc:81:4d:6d:68:14:d4:
3e:68:8e:68:04:fc:c0:8e:8a:6d:96:3b:67:e4:3e:
b1:53:78:01:12:43:31:23:e0:c8:34:42:00:23:e7:
c3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B3:17:BA:08:DB:A0:68:EB:47:B6:60:E7:80:AC:5D:C9:C1:B4:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/17MXugjboGjrR7Zg54CsXcnBtHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0-193.124.46.255
194.58.58.0/24
194.87.220.0/24
195.133.14.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:27:93:dc:f7:ee:27:cd:ba:85:7e:22:f2:17:f3:66:63:1b:
81:fe:e8:1a:a2:33:7d:71:51:fb:ba:1f:ac:fc:09:d6:56:5b:
de:1b:64:1a:94:ed:7f:d0:5e:b4:fa:b1:53:9f:a9:53:fc:19:
4c:55:dc:56:98:ca:a5:1d:c2:f4:77:1d:f8:f8:db:07:3e:75:
b7:95:d7:17:e3:44:68:14:d0:40:b1:3c:63:15:a9:df:1c:14:
89:a9:86:d1:89:a6:4c:09:68:ec:ff:54:70:36:90:c8:20:8b:
44:11:86:97:6a:e3:48:90:f5:16:6d:1f:27:d9:f3:c8:be:a6:
52:ef:7b:22:d8:84:02:62:2a:c5:ca:fa:3c:93:e7:6b:86:4c:
6f:7c:c1:d8:a0:b8:78:bf:66:8c:e7:2c:77:aa:d3:7b:b7:f1:
4a:f8:ab:f9:c6:69:56:bf:91:6a:68:07:c8:46:d7:69:d0:98:
57:5f:eb:89:79:f0:71:33:41:67:4b:3c:09:ed:26:48:19:96:
9a:b4:e5:62:dd:4d:96:11:d0:18:e9:51:12:18:b0:34:fa:2b:
a2:a7:e0:99:7e:cc:fe:53:11:c2:28:5e:1a:0e:ab:f4:e9:a6:
5c:9f:81:72:ee:ce:04:f0:a7:20:1a:6a:90:c5:1e:93:ef:2e:
4b:9c:00:f3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhlw7XUBhJWSykNMsKFC89uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTI5MDQyODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IzMTdiYTA4ZGJhMDY4ZWI0N2I2NjBlNzgwYWM1ZGM5YzFiNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8lKioPCL5RW2ZNAN4evV/BR3qGM
8ZVBTqlaA9HqpH/dASMcGFcxTRZeUosf4xb+uV9317aO4AfDZZQfZMEQVe1oPJbG
/laytboVwKGu0ZoxgSx2iN74iNq6GdPhhTGsl8Rvkal6cUYiHy4gz96YfTKgQ2ML
k0A/y3N8G1msyf99f+pKCplvp7EjQVozn93rmPuTS404oxHE+qTP86q4wOXlWo2y
/2IhwPpMva2HHNIF6yUXCHxwrUwXO2rtt8dKpFPmLmhRfxG7ylWlKCjf5yAs1NIA
3/1isfyBTW1oFNQ+aI5oBPzAjoptljtn5D6xU3gBEkMxI+DINEIAI+fDVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNezF7oI26Bo60e2YOeArF3JwbR8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTdNWHVnamJvR2pyUjdaZzU0Q3NYY25CdEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBADBfC0D
BADBfC4DBADCOjoDBADCV9wDBADDhQ4wDQYJKoZIhvcNAQELBQADggEBAF0nk9z3
7ifNuoV+IvIX82ZjG4H+6BqiM31xUfu6H6z8CdZWW94bZBqU7X/QXrT6sVOfqVP8
GUxV3FaYyqUdwvR3Hfj42wc+dbeV1xfjRGgU0ECxPGMVqd8cFImphtGJpkwJaOz/
VHA2kMggi0QRhpdq40iQ9RZtHyfZ88i+plLveyLYhAJiKsXK+jyT52uGTG98wdig
uHi/ZoznLHeq03u38Ur4q/nGaVa/kWpoB8hG12nQmFdf64l58HEzQWdLPAntJkgZ
lpq05WLdTZYR0BjpURIYsDT6K6Kn4Jl+zP5TEcIoXhoOq/TpplyfgXLuzgTwpyAa
apDFHpPvLkucAPM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org