Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1y-AyiwZrNtfX9A5bpDiZMcjPv4.roa
File: 1y-AyiwZrNtfX9A5bpDiZMcjPv4.roa (raw, json)
Hash identifier: ZaIaDBm/4fNaVzH5Kq1QQmbUrEzw5IDxLZzVRNFzidM=
Subject key identifier: D7:2F:80:CA:2C:19:AC:DB:5F:5F:D0:39:6E:90:E2:64:C7:23:3E:FE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC82A9AEC854A0931E81EE9693AB108D7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1y-AyiwZrNtfX9A5bpDiZMcjPv4.roa
Signing time: Mon 13 Nov 2023 10:11:57 +0000
ROA not before: Mon 13 Nov 2023 10:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
193.124.254.0/24 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.26.0/23 maxlen: 24
195.133.52.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:2a:9a:ec:85:4a:09:31:e8:1e:e9:69:3a:b1:08:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 10:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d72f80ca2c19acdb5f5fd0396e90e264c7233efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:25:c6:e3:c3:a7:03:6c:6b:a9:1b:86:7a:
19:1b:1c:39:26:f8:fc:12:a6:a8:3e:a8:fa:ce:32:
8b:27:54:37:5d:6d:bf:ff:62:64:dd:08:bd:54:fe:
c4:ad:9e:45:2d:2f:2b:3a:4f:0d:73:6b:3c:e7:c2:
08:21:6a:e7:d3:e6:a1:d1:ba:14:d6:70:e5:96:8e:
2b:f7:ce:a7:a5:2c:bc:e9:b4:26:a2:f8:96:53:8b:
94:f4:a0:4b:ef:41:6c:ad:63:fc:19:ae:37:38:5d:
e2:e2:39:21:1c:ab:51:5c:06:48:23:23:0f:2a:7c:
48:9e:2e:32:33:fa:ac:0c:db:94:79:26:2e:1d:e1:
2c:a7:0c:26:00:08:d3:72:0b:b6:bc:6e:26:f3:9d:
2e:c4:84:ee:93:ac:5c:44:0e:63:e4:8e:25:44:85:
aa:2e:4e:8a:51:fc:fb:1e:24:c0:fb:a8:47:45:46:
dd:3c:31:0d:39:a5:15:80:0f:9f:33:ca:22:d4:de:
0c:9e:0a:68:90:40:ff:eb:90:d2:d4:7d:6c:94:68:
3b:4c:b2:d5:80:2e:85:ae:e6:7d:90:3d:da:26:32:
6d:d6:13:c6:32:40:ac:e7:d1:b8:08:cc:83:92:17:
81:1e:6c:3f:ca:4b:d4:9f:8a:d4:fc:88:44:9d:aa:
68:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2F:80:CA:2C:19:AC:DB:5F:5F:D0:39:6E:90:E2:64:C7:23:3E:FE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1y-AyiwZrNtfX9A5bpDiZMcjPv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.254.0/24
194.87.118.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:63:11:76:ab:ec:84:22:b1:a7:96:8a:ad:b2:30:57:8d:3b:
a4:65:c6:bb:2c:d4:63:f9:83:04:a5:0a:cb:7b:86:21:52:cd:
14:62:77:56:d7:10:0f:d2:9b:88:cf:2b:7c:b1:98:a6:8d:ff:
f1:ca:ab:a2:16:e5:68:e4:65:22:39:b1:95:98:62:b9:8c:0b:
19:44:b1:60:48:f2:d6:54:00:5a:a2:f3:9d:78:7a:f0:cf:cb:
37:a8:44:52:e0:ad:35:93:30:a6:d8:16:82:a5:64:52:6e:bb:
6a:3a:ef:13:72:a5:3d:5e:4c:63:79:57:f2:2b:2b:c4:73:08:
35:93:34:af:3a:28:34:6e:f9:46:3a:93:82:7f:f6:bd:17:60:
06:7e:0e:d3:0f:0f:5d:03:b6:35:1d:59:5a:ff:3e:6f:35:31:
ec:3b:f6:cf:21:a1:ee:c0:25:6a:08:aa:bd:17:b5:45:7b:c3:
6c:b9:8c:6a:18:74:be:4b:39:99:7a:ed:aa:f7:7b:1d:80:18:
c1:f8:0a:6a:34:71:7c:f0:0e:9b:30:10:ee:2f:b6:a9:a7:c4:
61:d5:36:a7:68:72:a6:7b:50:b0:0d:c1:84:d0:0b:61:12:68:
cb:df:94:a3:b8:9c:a7:f0:39:6c:58:24:2f:01:7e:0a:de:f0:
47:29:d6:c5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvIKprshUoJMege6Wk6sQjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMTAxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJmODBjYTJjMTlhY2RiNWY1ZmQwMzk2ZTkwZTI2NGM3MjMzZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv4lxuPDpwNsa6kbhnoZGxw5Jvj8
EqaoPqj6zjKLJ1Q3XW2//2Jk3Qi9VP7ErZ5FLS8rOk8Nc2s858IIIWrn0+ah0boU
1nDllo4r986npSy86bQmoviWU4uU9KBL70FsrWP8Ga43OF3i4jkhHKtRXAZIIyMP
KnxIni4yM/qsDNuUeSYuHeEspwwmAAjTcgu2vG4m850uxITuk6xcRA5j5I4lRIWq
Lk6KUfz7HiTA+6hHRUbdPDENOaUVgA+fM8oi1N4MngpokED/65DS1H1slGg7TLLV
gC6FruZ9kD3aJjJt1hPGMkCs59G4CMyDkheBHmw/ykvUn4rU/IhEnapoTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNcvgMosGazbX1/QOW6Q4mTHIz7+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMXktQXlpd1pyTnRmWDlBNWJwRGlaTWNqUHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXz+AwQB
wld2AwQBw4UKAwQBw4UaAwQBw4U0MA0GCSqGSIb3DQEBCwUAA4IBAQA8YxF2q+yE
IrGnloqtsjBXjTukZca7LNRj+YMEpQrLe4YhUs0UYndW1xAP0puIzyt8sZimjf/x
yquiFuVo5GUiObGVmGK5jAsZRLFgSPLWVABaovOdeHrwz8s3qERS4K01kzCm2BaC
pWRSbrtqOu8TcqU9XkxjeVfyKyvEcwg1kzSvOig0bvlGOpOCf/a9F2AGfg7TDw9d
A7Y1HVla/z5vNTHsO/bPIaHuwCVqCKq9F7VFe8NsuYxqGHS+SzmZeu2q93sdgBjB
+ApqNHF88A6bMBDuL7app8Rh1TanaHKme1CwDcGE0AthEmjL35SjuJyn8DlsWCQv
AX4K3vBHKdbF
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org