Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39iLepsBh9XCnGxRSOgbjimRmu0.roa
File: 39iLepsBh9XCnGxRSOgbjimRmu0.roa (raw, json)
Hash identifier: 6Oc93yWj4y6hHtuJQmkf6kjC75IJ7or7/0F3MbS6ej0=
Subject key identifier: DF:D8:8B:7A:9B:01:87:D5:C2:9C:6C:51:48:E8:1B:8E:29:91:9A:ED
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01894333C3368065639EF66E6D9D04DD7BE8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39iLepsBh9XCnGxRSOgbjimRmu0.roa
Signing time: Tue 11 Jul 2023 04:26:52 +0000
ROA not before: Tue 11 Jul 2023 04:26:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 212.193.15.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:33:c3:36:80:65:63:9e:f6:6e:6d:9d:04:dd:7b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 04:26:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfd88b7a9b0187d5c29c6c5148e81b8e29919aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ef:c1:8e:be:b8:6e:53:42:f0:6c:7d:eb:13:
e7:c4:7b:56:17:75:9a:e3:11:90:9f:70:83:ec:bd:
5d:0b:a0:f6:a5:d7:e9:1e:e7:62:68:31:cb:19:ac:
48:01:85:c6:7e:e8:7b:8e:69:86:27:11:ff:9b:01:
ed:d3:ed:1b:30:78:30:0c:79:e0:9d:a1:a0:21:29:
6c:8d:f8:39:6c:fb:6f:61:6c:9b:49:7f:17:54:b4:
9a:97:d0:17:61:6f:b0:16:e6:c1:0c:18:ed:3f:6d:
aa:2e:e1:d8:8c:cd:f6:1a:86:1e:05:10:0e:f5:3a:
c6:af:ea:57:48:8e:9e:0d:e8:11:44:e5:88:24:77:
a8:0b:3a:08:5c:82:f2:41:5f:32:aa:fa:77:e2:e0:
2c:02:62:72:1e:67:9d:bb:b8:38:ef:1e:86:e0:d5:
17:45:32:7f:60:d2:f8:c2:e9:a7:06:ce:16:b9:07:
85:62:e0:7d:e1:ce:e5:d0:8b:ab:08:87:67:22:87:
fd:78:be:79:34:dd:0b:46:5a:bf:72:8a:d9:ef:96:
84:13:10:53:3d:b7:5f:b0:1b:1c:12:81:59:2b:f6:
5c:e1:ad:3e:e5:1a:52:d1:8b:a5:74:65:5f:81:6c:
e1:17:9b:e9:b4:09:c0:15:88:aa:b8:3f:9a:d8:22:
c1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D8:8B:7A:9B:01:87:D5:C2:9C:6C:51:48:E8:1B:8E:29:91:9A:ED
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/39iLepsBh9XCnGxRSOgbjimRmu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.58.59.0/24
194.87.22.0/24
194.87.229.0/24
212.192.30.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
21:29:19:21:46:46:ce:b2:0d:0e:34:53:fe:de:8c:48:6c:27:
61:db:d0:14:dc:a7:fb:be:5f:19:ac:54:0d:0a:df:e8:dc:d7:
b9:67:8e:81:cd:9d:ae:04:e0:27:34:7d:de:a7:1a:1a:ff:67:
e1:e1:ae:c5:80:f7:2a:ee:d7:46:0b:52:c6:ca:f4:8d:e8:2b:
3b:2c:85:4b:21:c3:29:f5:1e:71:97:eb:48:1b:54:6f:8c:72:
57:98:0a:52:59:06:bd:79:10:f8:a3:f1:bb:90:ff:c8:86:32:
b5:e9:69:0d:c1:66:b3:f4:51:6c:aa:a1:c3:b0:a3:39:42:d1:
55:ff:b5:66:c3:9e:2c:9e:9b:e1:d0:d0:fb:af:1b:91:bd:6b:
2f:43:5e:cd:cf:9e:1c:39:38:b3:74:0c:8e:27:8f:f7:ad:b1:
5a:9b:69:2a:fa:dc:15:5b:0b:9f:cf:9a:08:93:31:da:e6:0e:
b1:a8:a0:d6:8d:ee:51:82:68:6b:06:b2:75:dd:85:85:cb:44:
38:3f:68:4e:5a:c0:44:fe:bb:ba:8b:3e:78:0a:fd:74:01:7f:
b5:a1:90:14:ae:bd:30:76:e4:ad:fc:24:d9:8d:d9:84:bd:e5:
d6:a5:0f:91:ff:2d:8c:11:78:29:1a:7c:1f:52:1d:0c:b2:0c:
1f:32:47:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlDM8M2gGVjnvZubZ0E3XvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMDQyNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ4OGI3YTliMDE4N2Q1YzI5YzZjNTE0OGU4MWI4ZTI5OTE5YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO/Bjr64blNC8Gx96xPnxHtWF3Wa
4xGQn3CD7L1dC6D2pdfpHudiaDHLGaxIAYXGfuh7jmmGJxH/mwHt0+0bMHgwDHng
naGgISlsjfg5bPtvYWybSX8XVLSal9AXYW+wFubBDBjtP22qLuHYjM32GoYeBRAO
9TrGr+pXSI6eDegRROWIJHeoCzoIXILyQV8yqvp34uAsAmJyHmedu7g47x6G4NUX
RTJ/YNL4wumnBs4WuQeFYuB94c7l0IurCIdnIof9eL55NN0LRlq/corZ75aEExBT
PbdfsBscEoFZK/Zc4a0+5RpS0YuldGVfgWzhF5vptAnAFYiquD+a2CLBoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN/Yi3qbAYfVwpxsUUjoG44pkZrtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzlpTGVwc0JoOVhDbkd4UlNPZ2JqaW1SbXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgLAwQA
wjo7AwQAwlcWAwQAwlflAwQA1MAeAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQAh
KRkhRkbOsg0ONFP+3oxIbCdh29AU3Kf7vl8ZrFQNCt/o3Ne5Z46BzZ2uBOAnNH3e
pxoa/2fh4a7FgPcq7tdGC1LGyvSN6Cs7LIVLIcMp9R5xl+tIG1RvjHJXmApSWQa9
eRD4o/G7kP/IhjK16WkNwWaz9FFsqqHDsKM5QtFV/7Vmw54snpvh0ND7rxuRvWsv
Q17Nz54cOTizdAyOJ4/3rbFam2kq+twVWwufz5oIkzHa5g6xqKDWje5RgmhrBrJ1
3YWFy0Q4P2hOWsBE/ru6iz54Cv10AX+1oZAUrr0wduSt/CTZjdmEveXWpQ+R/y2M
EXgpGnwfUh0MsgwfMkdh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org