Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1pao26snMFwxgYfaTDoLL0EeBtU.roa
File: 1pao26snMFwxgYfaTDoLL0EeBtU.roa (raw, json)
Hash identifier: y3o7XIL1xdq+ldvEl8h8pKdyFDs3LTmGTkJKfiH+gAU=
Subject key identifier: D6:96:A8:DB:AB:27:30:5C:31:81:87:DA:4C:3A:0B:2F:41:1E:06:D5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01897D109C5263CCD639389836C538DD5413
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1pao26snMFwxgYfaTDoLL0EeBtU.roa
Signing time: Sat 22 Jul 2023 10:06:27 +0000
ROA not before: Sat 22 Jul 2023 10:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.119.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7d:10:9c:52:63:cc:d6:39:38:98:36:c5:38:dd:54:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 22 10:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d696a8dbab27305c318187da4c3a0b2f411e06d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ff:92:b6:7e:90:ce:d0:37:ed:fe:a9:f5:05:
65:e8:ec:d1:30:18:2c:fa:33:fc:12:94:a5:d6:e2:
52:1b:9f:ca:50:7b:41:42:37:5a:18:a1:c9:63:59:
dc:21:e1:1e:dc:5a:b4:46:dd:33:fa:18:68:54:71:
3f:a3:44:1f:13:ef:b7:1b:f4:75:90:a0:44:38:ff:
36:03:c9:f8:91:f6:9c:84:39:f7:a2:84:ab:c8:a3:
35:b5:d6:03:6b:a7:a2:56:dd:9d:a5:65:8e:4b:09:
48:50:34:53:d0:4b:21:50:16:60:b8:e4:33:87:e0:
fd:64:73:cf:a6:79:d4:1c:44:08:a8:10:58:a0:f3:
2c:6f:3b:61:3f:ce:c5:7c:0b:0a:77:b2:1c:27:25:
7a:cf:e5:41:0b:0e:12:8f:d1:68:3c:04:a8:21:79:
57:74:66:18:16:e2:44:3d:b0:af:26:c1:8e:b2:a4:
11:b9:e8:d2:9a:df:1d:ff:3b:67:87:e3:b2:1c:96:
9a:67:03:a1:11:3d:9a:1e:90:ed:58:d5:e9:69:06:
96:79:2a:66:ce:f7:b2:c0:32:bf:b1:a4:40:6a:cf:
d8:85:c7:3e:79:ae:23:6c:61:58:e9:da:65:bc:3a:
d7:ba:92:f4:a5:25:b9:cb:84:3e:c7:84:97:c4:b0:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:96:A8:DB:AB:27:30:5C:31:81:87:DA:4C:3A:0B:2F:41:1E:06:D5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1pao26snMFwxgYfaTDoLL0EeBtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.94.0/24
193.124.201.0/24
194.87.119.0/24
194.87.181.0/24
194.135.30.0/24
212.192.0.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:31:f5:b5:bc:39:1e:aa:e8:5e:db:4a:96:a4:3d:d2:4c:f3:
f5:22:d6:16:ea:87:80:a0:f6:ca:a4:b2:79:f1:ba:12:c6:ac:
73:f8:15:ec:01:1d:4e:6b:03:3e:43:1f:56:82:cd:3c:cb:5c:
04:ea:e2:98:67:bb:8d:1c:8e:8e:49:6c:66:72:3a:b1:63:81:
24:c1:15:ed:65:ea:b3:cc:1e:f7:89:9d:1e:cd:b9:49:01:8b:
b7:86:62:ce:8f:aa:d9:d3:1b:d9:d4:3f:86:18:27:24:7d:34:
40:de:a7:5e:53:fb:11:58:cc:6d:27:b8:52:d4:a5:f3:3d:11:
43:4c:59:22:c1:a1:45:65:f1:22:a3:09:76:a3:c7:e1:a4:1c:
33:ac:13:2b:02:48:97:7f:33:9b:98:53:ef:43:c6:06:08:ae:
b7:b3:cb:f3:11:f8:fd:07:c0:58:40:07:5f:aa:32:62:06:f9:
88:ef:d0:25:3d:12:6a:28:fb:3b:83:e8:91:2b:0a:19:71:6b:
0e:52:e2:f3:e3:32:24:bc:18:77:06:fb:d6:3f:ef:2c:36:2e:
0a:14:f2:ac:02:c6:b2:02:71:ab:2c:11:2f:e9:c8:41:f4:4f:
6e:d1:08:6b:cb:b0:2c:db:fe:6a:c5:18:75:f5:ff:54:df:87:
2a:c7:4f:3b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYl9EJxSY8zWOTiYNsU43VQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIyMTAwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk2YThkYmFiMjczMDVjMzE4MTg3ZGE0YzNhMGIyZjQxMWUwNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP+Stn6QztA37f6p9QVl6OzRMBgs
+jP8EpSl1uJSG5/KUHtBQjdaGKHJY1ncIeEe3Fq0Rt0z+hhoVHE/o0QfE++3G/R1
kKBEOP82A8n4kfachDn3ooSryKM1tdYDa6eiVt2dpWWOSwlIUDRT0EshUBZguOQz
h+D9ZHPPpnnUHEQIqBBYoPMsbzthP87FfAsKd7IcJyV6z+VBCw4Sj9FoPASoIXlX
dGYYFuJEPbCvJsGOsqQRuejSmt8d/ztnh+OyHJaaZwOhET2aHpDtWNXpaQaWeSpm
zveywDK/saRAas/Yhcc+ea4jbGFY6dplvDrXupL0pSW5y4Q+x4SXxLBeeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNaWqNurJzBcMYGH2kw6Cy9BHgbVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMXBhbzI2c25NRnd4Z1lmYVREb0xMMEVlQnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXxeAwQA
wXzJAwQAwld3AwQAwle1AwQAwoceAwQA1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
MfW1vDkequhe20qWpD3STPP1ItYW6oeAoPbKpLJ58boSxqxz+BXsAR1OawM+Qx9W
gs08y1wE6uKYZ7uNHI6OSWxmcjqxY4EkwRXtZeqzzB73iZ0ezblJAYu3hmLOj6rZ
0xvZ1D+GGCckfTRA3qdeU/sRWMxtJ7hS1KXzPRFDTFkiwaFFZfEiowl2o8fhpBwz
rBMrAkiXfzObmFPvQ8YGCK63s8vzEfj9B8BYQAdfqjJiBvmI79AlPRJqKPs7g+iR
KwoZcWsOUuLz4zIkvBh3BvvWP+8sNi4KFPKsAsayAnGrLBEv6chB9E9u0Qhry7As
2/5qxRh19f9U34cqx087
-----END CERTIFICATE-----
Generated at Wed Jul 26 11:54:53 2023 by rpki-client on console-ams.rpki-client.org