Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23IaVrRv10vi3JnpH8V25f86Gxw.roa
File: 23IaVrRv10vi3JnpH8V25f86Gxw.roa (raw, json)
Hash identifier: wITBToLCY7vQME5yrwTa3uxnZzedtni+GeB95wPf+UA=
Subject key identifier: DB:72:1A:56:B4:6F:D7:4B:E2:DC:99:E9:1F:C5:76:E5:FF:3A:1B:1C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01894937A84BD1B0ADBC2D79D10EEDB1A196
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23IaVrRv10vi3JnpH8V25f86Gxw.roa
Signing time: Wed 12 Jul 2023 08:28:51 +0000
ROA not before: Wed 12 Jul 2023 08:28:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:37:a8:4b:d1:b0:ad:bc:2d:79:d1:0e:ed:b1:a1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 12 08:28:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db721a56b46fd74be2dc99e91fc576e5ff3a1b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a3:39:7a:c1:a6:23:1b:96:59:31:46:b5:5c:
42:53:67:97:90:8e:41:74:75:65:81:7b:41:fa:6d:
e7:3b:49:17:fd:87:67:2c:ff:af:5c:80:b8:75:a1:
85:b0:33:35:6e:e3:bb:ef:6d:8e:78:b7:ed:b6:1b:
d1:0d:09:b5:e9:21:7c:20:e3:d1:7d:e8:18:49:98:
83:95:8a:1b:7f:9a:af:f5:0d:45:ca:0a:f8:d4:18:
cf:5e:e7:55:0a:cc:5a:40:1d:be:c2:f6:e2:d9:2d:
1c:6e:cc:24:a3:92:ef:7c:4e:1d:d7:bb:58:67:90:
98:b1:f1:a5:4d:b7:33:78:ba:79:ce:a7:21:9a:1e:
fa:e7:7d:c9:73:f8:69:f0:13:4b:e2:ec:be:4f:53:
64:cc:c3:0b:b0:19:2b:77:a8:21:ee:e6:7f:09:9d:
a1:85:c9:d3:9e:86:70:49:16:d9:ed:b5:a9:0d:35:
89:d8:4c:ec:c6:10:40:08:65:a5:33:1d:86:12:47:
1c:36:25:67:d2:ca:46:84:cf:a1:38:f7:1b:80:1c:
3d:c4:d3:8d:ff:65:3f:b4:c8:fc:05:95:25:48:70:
be:2c:47:63:3b:10:bf:50:80:c6:2b:ab:6b:4e:72:
57:db:5f:ff:37:c8:72:4d:87:f3:5d:4d:ba:de:69:
43:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:72:1A:56:B4:6F:D7:4B:E2:DC:99:E9:1F:C5:76:E5:FF:3A:1B:1C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23IaVrRv10vi3JnpH8V25f86Gxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.87.170.0/24
194.87.205.0/24
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
55:4c:dc:e3:e2:ac:58:72:7f:5b:31:9d:7b:0a:ef:90:ad:8f:
16:6f:f4:ca:fc:e3:ee:98:23:ec:67:99:58:02:13:8f:15:ce:
76:73:d0:06:25:14:a3:fd:f4:cc:19:ea:b5:8d:7b:f8:80:5b:
35:25:c7:0e:f1:19:3c:34:d1:2e:ab:c5:db:b6:7d:69:48:cd:
eb:4b:b2:bb:10:29:07:72:f3:8f:0e:0e:59:c1:d0:4d:67:b0:
3c:67:78:ca:06:83:c6:b5:e9:d2:54:08:81:c0:bb:11:61:d9:
cd:47:9a:3f:93:0f:42:07:e0:c7:ca:d9:85:b0:a7:80:5c:c3:
71:f7:fb:4c:8a:ea:72:99:09:18:1b:f9:b7:26:cf:58:bd:5e:
81:00:25:4b:e8:50:29:71:d4:4b:ad:bf:d5:b8:21:1f:a7:68:
a7:fa:01:3e:f3:7c:37:91:1d:4c:78:58:eb:cd:7f:e5:08:a4:
bb:bf:48:e1:2e:27:16:6a:31:48:dd:75:10:01:8a:cf:eb:81:
e7:10:93:c2:70:0d:04:69:a8:1d:26:fe:9e:98:af:6a:f2:c1:
f2:e4:f9:fb:9d:21:e6:d1:a6:d6:7e:a4:c8:fb:70:c9:60:66:
d4:89:05:c8:be:11:24:6f:ff:99:bc:fd:1e:59:30:6f:33:e6:
cd:d0:33:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlJN6hL0bCtvC150Q7tsaGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEyMDgyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjcyMWE1NmI0NmZkNzRiZTJkYzk5ZTkxZmM1NzZlNWZmM2ExYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6M5esGmIxuWWTFGtVxCU2eXkI5B
dHVlgXtB+m3nO0kX/YdnLP+vXIC4daGFsDM1buO7722OeLftthvRDQm16SF8IOPR
fegYSZiDlYobf5qv9Q1Fygr41BjPXudVCsxaQB2+wvbi2S0cbswko5LvfE4d17tY
Z5CYsfGlTbczeLp5zqchmh76533Jc/hp8BNL4uy+T1NkzMMLsBkrd6gh7uZ/CZ2h
hcnTnoZwSRbZ7bWpDTWJ2EzsxhBACGWlMx2GEkccNiVn0spGhM+hOPcbgBw9xNON
/2U/tMj8BZUlSHC+LEdjOxC/UIDGK6trTnJX21//N8hyTYfzXU263mlDswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNtyGla0b9dL4tyZ6R/FduX/OhscMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMjNJYVZyUnYxMHZpM0pucEg4VjI1Zjg2R3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjosAwQA
wleqAwQAwlfNAwQAwlf2MA0GCSqGSIb3DQEBCwUAA4IBAQBVTNzj4qxYcn9bMZ17
Cu+QrY8Wb/TK/OPumCPsZ5lYAhOPFc52c9AGJRSj/fTMGeq1jXv4gFs1JccO8Rk8
NNEuq8Xbtn1pSM3rS7K7ECkHcvOPDg5ZwdBNZ7A8Z3jKBoPGtenSVAiBwLsRYdnN
R5o/kw9CB+DHytmFsKeAXMNx9/tMiupymQkYG/m3Js9YvV6BACVL6FApcdRLrb/V
uCEfp2in+gE+83w3kR1MeFjrzX/lCKS7v0jhLicWajFI3XUQAYrP64HnEJPCcA0E
aagdJv6emK9q8sHy5Pn7nSHm0abWfqTI+3DJYGbUiQXIvhEkb/+ZvP0eWTBvM+bN
0DP9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org