Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1HCkuhUoAUp3pDijw6edbHCMhfc.roa
File: 1HCkuhUoAUp3pDijw6edbHCMhfc.roa (raw, json)
Hash identifier: VkglWuV+CfwjIcfw9hVVg07lg4fnqrZrRHUWwJkUqzw=
Subject key identifier: D4:70:A4:BA:15:28:01:4A:77:A4:38:A3:C3:A7:9D:6C:70:8C:85:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185C8D4FF83F4401E403D68549B9A013C06
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1HCkuhUoAUp3pDijw6edbHCMhfc.roa
Signing time: Thu 19 Jan 2023 07:01:20 +0000
ROA not before: Thu 19 Jan 2023 07:01:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53850
IP address blocks: 62.76.224.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:d4:ff:83:f4:40:1e:40:3d:68:54:9b:9a:01:3c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 07:01:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d470a4ba1528014a77a438a3c3a79d6c708c85f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d8:7a:63:f2:14:b6:3c:c1:47:a2:4f:46:86:
4d:a2:0a:bf:2a:e3:23:d6:5d:b4:bb:53:4b:f5:7c:
ca:35:04:ab:b3:67:f3:c6:5f:18:1a:21:26:df:da:
51:1e:3c:07:7b:38:19:9e:a3:a5:91:af:5e:bf:25:
13:1f:21:96:29:57:4e:e1:e3:03:6f:7a:91:22:0a:
e0:2e:01:8d:fe:73:eb:12:72:f7:52:56:55:78:c5:
54:e4:f6:61:09:d4:db:ea:15:f2:1e:a6:ff:1e:db:
26:b3:4f:09:3b:d9:81:04:c0:64:96:45:1f:40:4c:
6f:a1:43:34:a2:b6:f2:ef:f9:83:79:d6:1b:b3:5e:
99:51:71:e6:81:d7:26:ec:5e:1a:ba:20:05:6c:90:
b0:8e:15:a9:60:f2:12:a0:78:d9:9f:65:c7:79:1c:
03:46:e7:0f:38:93:44:6b:77:24:b6:8e:13:71:66:
19:10:65:e0:2c:b1:98:db:89:54:ae:48:13:ab:98:
3c:30:a7:67:4d:62:57:cf:89:d1:32:cb:1f:e6:3c:
a4:95:66:c3:ef:a1:64:c5:c4:84:4e:59:b5:f2:fe:
b8:09:69:40:9c:49:f6:96:cd:83:76:8a:cc:5f:dd:
80:8a:ac:96:aa:f7:b0:f7:20:2e:44:83:be:f5:ad:
bf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:70:A4:BA:15:28:01:4A:77:A4:38:A3:C3:A7:9D:6C:70:8C:85:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1HCkuhUoAUp3pDijw6edbHCMhfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
194.87.32.0/23
194.87.39.0/24
194.87.117.0-194.87.118.255
Signature Algorithm: sha256WithRSAEncryption
49:cf:8c:11:dc:dd:95:6e:01:91:8b:8d:77:40:0f:9a:20:99:
58:c9:d5:db:97:e2:72:20:b0:22:64:f3:f3:e7:42:62:b1:35:
c4:36:5b:8a:58:69:41:d4:ad:66:68:3d:ce:86:cc:36:9a:a3:
c4:86:de:d3:ed:f3:fb:06:b0:83:a3:92:75:b5:8d:41:80:1a:
a0:92:ed:77:96:bd:6a:4e:09:21:22:ad:34:0a:08:6f:2a:06:
1d:be:48:53:e8:95:bb:84:44:78:90:5d:18:97:48:00:16:d6:
05:24:23:9c:3b:64:ef:c4:14:1f:60:90:0e:79:87:5e:19:eb:
1a:a1:8a:2f:25:23:18:ae:dd:f8:ea:e0:9a:2a:19:7d:14:4b:
85:a3:35:3b:e5:0c:21:6c:69:ad:0c:2b:56:72:53:b6:7e:88:
06:7a:ba:5a:c0:f3:1a:bf:05:88:cc:a6:c1:b9:8e:d5:c9:48:
79:fc:e8:da:61:8e:ba:e1:c7:f5:01:0d:b2:a3:6a:4d:5b:b8:
b0:68:9b:7d:37:99:0e:4e:a6:3c:79:aa:1b:08:d6:e6:85:57:
3b:52:84:60:00:a0:1b:b0:12:bc:0f:84:36:28:a9:45:2c:7b:
2a:26:c5:58:b9:4f:67:59:0a:81:09:74:b2:7f:ea:90:f3:e1:
ea:8e:1b:33
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYXI1P+D9EAeQD1oVJuaATwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE5MDcwMTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcwYTRiYTE1MjgwMTRhNzdhNDM4YTNjM2E3OWQ2YzcwOGM4NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNh6Y/IUtjzBR6JPRoZNogq/KuMj
1l20u1NL9XzKNQSrs2fzxl8YGiEm39pRHjwHezgZnqOlka9evyUTHyGWKVdO4eMD
b3qRIgrgLgGN/nPrEnL3UlZVeMVU5PZhCdTb6hXyHqb/Htsms08JO9mBBMBklkUf
QExvoUM0orby7/mDedYbs16ZUXHmgdcm7F4auiAFbJCwjhWpYPISoHjZn2XHeRwD
RucPOJNEa3ckto4TcWYZEGXgLLGY24lUrkgTq5g8MKdnTWJXz4nRMssf5jyklWbD
76FkxcSETlm18v64CWlAnEn2ls2DdorMX92AiqyWqvew9yAuRIO+9a2/oQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNRwpLoVKAFKd6Q4o8OnnWxwjIX3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMUhDa3VoVW9BVXAzcERpanc2ZWRiSENNaGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAPkzgAwQB
wlcgAwQAwlcnMAwDBADCV3UDBADCV3YwDQYJKoZIhvcNAQELBQADggEBAEnPjBHc
3ZVuAZGLjXdAD5ogmVjJ1duX4nIgsCJk8/PnQmKxNcQ2W4pYaUHUrWZoPc6GzDaa
o8SG3tPt8/sGsIOjknW1jUGAGqCS7XeWvWpOCSEirTQKCG8qBh2+SFPolbuERHiQ
XRiXSAAW1gUkI5w7ZO/EFB9gkA55h14Z6xqhii8lIxiu3fjq4JoqGX0US4WjNTvl
DCFsaa0MK1ZyU7Z+iAZ6ulrA8xq/BYjMpsG5jtXJSHn86Nphjrrhx/UBDbKjak1b
uLBom303mQ5Opjx5qhsI1uaFVztShGAAoBuwErwPhDYoqUUseyomxVi5T2dZCoEJ
dLJ/6pDz4eqOGzM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org