Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1LnlDO-qVqizeUFl1qNVVujDHQ4.roa
File: 1LnlDO-qVqizeUFl1qNVVujDHQ4.roa (raw, json)
Hash identifier: z73vlWMAOtTWOTqIoRFRhUs0D9wP016Mxmp34QOcFaA=
Subject key identifier: D4:B9:E5:0C:EF:AA:56:A8:B3:79:41:65:D6:A3:55:56:E8:C3:1D:0E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BF219895961616256212D3DFA0F6DF5F6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1LnlDO-qVqizeUFl1qNVVujDHQ4.roa
Signing time: Tue 21 Nov 2023 13:37:21 +0000
ROA not before: Tue 21 Nov 2023 13:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.138.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:19:89:59:61:61:62:56:21:2d:3d:fa:0f:6d:f5:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 21 13:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4b9e50cefaa56a8b3794165d6a35556e8c31d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:aa:73:c4:29:7a:b1:83:ba:b6:3b:09:2c:
02:b7:fa:c0:b5:f2:3f:2e:ab:1c:25:33:b9:67:95:
04:ce:ba:a6:7f:5f:5f:23:26:2e:c3:9b:46:6b:41:
0d:2e:40:21:8e:01:ab:6f:2b:c6:63:48:1c:d7:07:
69:77:6f:6d:3a:a0:d2:28:83:ff:1d:76:ff:6f:89:
5e:9a:ac:29:d3:99:6d:01:73:88:65:89:6c:2f:2b:
e7:b1:84:f8:46:16:ba:05:fa:5b:00:64:f9:b3:fb:
f2:6c:47:0c:18:5e:14:e1:e7:2f:2e:97:ff:09:dd:
5c:0b:57:82:57:7f:8c:ef:23:09:f1:1a:ac:59:ce:
b1:81:d4:bf:de:a1:36:10:39:34:3b:c2:0e:03:d8:
fe:0d:e8:53:a5:3e:29:4a:3b:e4:cc:cb:0d:90:8b:
93:7f:93:8c:1f:aa:c2:dc:8b:7d:42:78:5e:82:9f:
2a:d5:35:e0:4c:2b:59:6d:03:b0:f7:06:5d:4d:71:
e2:63:38:c3:40:53:5b:b4:5c:46:04:53:dd:81:ec:
d2:58:cc:93:cf:7e:1d:75:d5:ef:38:14:88:ce:06:
82:79:12:42:72:a5:ee:e1:bb:40:5f:33:a5:e5:db:
00:7c:54:cf:05:49:10:b8:b8:ab:c3:62:ab:c7:98:
c5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B9:E5:0C:EF:AA:56:A8:B3:79:41:65:D6:A3:55:56:E8:C3:1D:0E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1LnlDO-qVqizeUFl1qNVVujDHQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.33.0/24
194.87.138.0/24
194.87.141.0/24
194.87.170.0/24
194.87.178.0/24
194.87.250.0/24
195.58.63.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
10:64:0c:24:f8:0e:ff:67:3d:51:a1:78:09:81:5e:19:61:41:
5b:2d:ed:37:6a:20:79:25:9b:9b:71:ff:ef:20:cf:77:b9:a7:
0b:09:d6:78:9b:ab:ec:10:2b:6d:13:bc:7a:0c:16:71:a2:9d:
10:46:c7:58:6c:cf:ee:06:7b:fc:2c:68:f1:70:f1:eb:e4:35:
e6:67:ca:cf:13:c4:b7:e5:34:b2:3d:fd:e3:3e:67:ea:bf:bc:
ce:f0:e9:26:4e:70:1b:b8:c9:aa:b1:e1:c4:fb:c5:fa:43:46:
15:e6:1c:56:f4:a1:7d:a7:14:6b:cd:38:e7:75:80:46:ec:9c:
67:fd:40:bb:9f:c8:ba:e0:dd:87:db:9e:56:07:fa:d8:5c:61:
2e:c2:36:94:2f:b4:69:95:19:0d:cd:fc:79:9c:cc:a9:fb:c0:
3a:ec:65:d8:33:c1:11:63:c6:f2:88:db:c4:7a:42:5e:3c:a0:
fe:20:0f:78:85:bd:59:ef:3e:2a:3d:97:2f:56:58:28:87:60:
6e:c9:5f:2c:07:67:5b:96:26:ba:57:09:40:19:6d:69:0e:21:
e0:ca:15:94:05:2f:82:65:f5:d3:3a:24:a8:a3:7d:c3:84:46:
2c:73:7e:1c:08:e4:f2:ba:16:2e:cb:e8:ec:b9:c6:2c:e1:c3:
03:30:32:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYvyGYlZYWFiViEtPfoPbfX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIxMTMzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI5ZTUwY2VmYWE1NmE4YjM3OTQxNjVkNmEzNTU1NmU4YzMxZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK+qc8QperGDurY7CSwCt/rAtfI/
LqscJTO5Z5UEzrqmf19fIyYuw5tGa0ENLkAhjgGrbyvGY0gc1wdpd29tOqDSKIP/
HXb/b4lemqwp05ltAXOIZYlsLyvnsYT4Rha6BfpbAGT5s/vybEcMGF4U4ecvLpf/
Cd1cC1eCV3+M7yMJ8RqsWc6xgdS/3qE2EDk0O8IOA9j+DehTpT4pSjvkzMsNkIuT
f5OMH6rC3It9Qnhegp8q1TXgTCtZbQOw9wZdTXHiYzjDQFNbtFxGBFPdgezSWMyT
z34dddXvOBSIzgaCeRJCcqXu4btAXzOl5dsAfFTPBUkQuLirw2Krx5jFPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNS55Qzvqlaos3lBZdajVVbowx0OMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMUxubERPLXFWcWl6ZVVGbDFxTlZWdWpESFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwlchAwQA
wleKAwQAwleNAwQAwleqAwQAwleyAwQAwlf6AwQAwzo/AwQA1MABMA0GCSqGSIb3
DQEBCwUAA4IBAQAQZAwk+A7/Zz1RoXgJgV4ZYUFbLe03aiB5JZubcf/vIM93uacL
CdZ4m6vsECttE7x6DBZxop0QRsdYbM/uBnv8LGjxcPHr5DXmZ8rPE8S35TSyPf3j
Pmfqv7zO8OkmTnAbuMmqseHE+8X6Q0YV5hxW9KF9pxRrzTjndYBG7Jxn/UC7n8i6
4N2H255WB/rYXGEuwjaUL7RplRkNzfx5nMyp+8A67GXYM8ERY8byiNvEekJePKD+
IA94hb1Z7z4qPZcvVlgoh2BuyV8sB2dblia6VwlAGW1pDiHgyhWUBS+CZfXTOiSo
o33DhEYsc34cCOTyuhYuy+jsucYs4cMDMDJG
-----END CERTIFICATE-----
Generated at Sat Nov 25 09:59:11 2023 by rpki-client on console-fra.rpki-client.org