Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa
File: 3NljpuhYD8chbA4Pz5qEquNVn7U.roa (raw, json)
Hash identifier: 9h0B2kmQA3od/WxeNoAjdMTwbmE4MYRqAiyKV3pTCEk=
Subject key identifier: DC:D9:63:A6:E8:58:0F:C7:21:6C:0E:0F:CF:9A:84:AA:E3:55:9F:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A55E174233185476F95353CC7E570D10
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa
Signing time: Thu 12 Jan 2023 09:44:45 +0000
ROA not before: Thu 12 Jan 2023 09:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:5e:17:42:33:18:54:76:f9:53:53:cc:7e:57:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 09:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd963a6e8580fc7216c0e0fcf9a84aae3559fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:47:4b:f7:f9:35:82:5c:e8:c2:66:13:1a:6d:
e5:dc:7b:8d:26:89:61:c8:57:3f:3e:80:11:19:3f:
c7:42:df:01:ad:50:79:74:5d:f2:a2:3d:4f:47:f7:
da:8f:5d:c3:23:d1:ef:d9:b3:0f:c9:6a:96:b5:f6:
64:87:99:94:dd:39:5d:32:b0:84:2d:98:aa:25:ee:
be:80:35:48:e5:fc:c2:b1:11:71:81:a4:5a:e2:37:
0e:ab:4e:69:60:81:4b:f2:f1:c9:75:17:56:ff:32:
96:eb:26:82:7f:34:6f:a7:da:e5:a7:39:32:e0:4f:
c4:ea:d7:90:2c:ab:a4:c8:76:43:05:5f:93:ca:1c:
64:af:c8:7d:ac:f9:1f:24:19:f5:be:b6:58:e0:6e:
3f:5e:76:7e:68:7e:7d:9c:a1:e2:58:2a:a5:72:e7:
4a:f2:86:d5:b8:7d:c7:70:bd:80:ed:ca:6d:6b:6d:
76:41:1e:57:e7:39:cb:40:26:ca:ae:94:70:2c:8f:
93:1a:43:43:e8:f5:15:22:e8:34:88:65:6c:d1:9e:
ea:3f:15:88:18:af:d6:dd:f7:2c:75:c8:b2:f7:85:
dd:ea:94:64:a3:9f:b3:ad:d2:5e:80:32:f4:43:72:
49:81:fb:61:84:b2:56:86:30:c9:4e:26:80:3c:a3:
30:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D9:63:A6:E8:58:0F:C7:21:6C:0E:0F:CF:9A:84:AA:E3:55:9F:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.162.0/24
194.87.200.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5f:8b:f3:5d:88:39:3a:68:37:41:8a:01:db:ef:b2:55:14:
c7:10:26:ce:64:c7:14:dd:21:ef:ad:aa:65:a8:65:58:2a:6f:
14:7c:fc:cb:95:36:43:90:b8:36:dd:cb:c9:cd:5e:78:01:8d:
0c:ad:f5:96:a0:bb:cd:86:c9:fe:5c:bd:51:35:a9:9b:ce:6e:
6b:5c:97:d1:59:73:30:9e:2f:54:09:a7:73:c6:bd:b6:96:49:
3e:78:d1:22:e3:fc:b3:4d:7b:9f:3e:f8:7e:20:39:2f:3e:85:
82:11:db:03:4b:0c:64:5a:5a:93:36:ae:e1:d9:4c:ac:0b:d6:
1e:e1:2f:09:72:21:76:19:20:b8:30:16:b4:e0:76:b6:5f:ab:
98:8f:74:ec:c1:5d:03:81:2d:52:53:d3:74:8f:f2:1e:ca:34:
00:b3:86:14:9e:ca:2a:ee:1a:06:80:90:eb:1a:16:11:44:77:
fc:27:05:b9:20:0a:40:f2:50:d7:9b:75:01:33:7d:82:c7:93:
25:3d:7f:9f:a6:83:5e:d1:21:b0:20:63:ec:22:23:2b:e9:3d:
c2:7c:3c:56:0a:7c:de:bf:3b:fa:c6:28:04:89:ba:ea:bd:10:
24:f8:71:35:ab:42:13:3b:7a:e9:04:da:20:12:77:1f:01:99:
26:b6:9b:b7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWlXhdCMxhUdvlTU8x+Vw0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMDk0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q5NjNhNmU4NTgwZmM3MjE2YzBlMGZjZjlhODRhYWUzNTU5ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUdL9/k1glzowmYTGm3l3HuNJolh
yFc/PoARGT/HQt8BrVB5dF3yoj1PR/faj13DI9Hv2bMPyWqWtfZkh5mU3TldMrCE
LZiqJe6+gDVI5fzCsRFxgaRa4jcOq05pYIFL8vHJdRdW/zKW6yaCfzRvp9rlpzky
4E/E6teQLKukyHZDBV+Tyhxkr8h9rPkfJBn1vrZY4G4/XnZ+aH59nKHiWCqlcudK
8obVuH3HcL2A7cpta212QR5X5znLQCbKrpRwLI+TGkND6PUVIug0iGVs0Z7qPxWI
GK/W3fcsdciy94Xd6pRko5+zrdJegDL0Q3JJgfthhLJWhjDJTiaAPKMw9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNzZY6boWA/HIWwOD8+ahKrjVZ+1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM05sanB1aFlEOGNoYkE0UHo1cUVxdU5WbjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwvAwQA
wleiAwQAwlfIAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQBkX4vzXYg5
Omg3QYoB2++yVRTHECbOZMcU3SHvraplqGVYKm8UfPzLlTZDkLg23cvJzV54AY0M
rfWWoLvNhsn+XL1RNambzm5rXJfRWXMwni9UCadzxr22lkk+eNEi4/yzTXufPvh+
IDkvPoWCEdsDSwxkWlqTNq7h2UysC9Ye4S8JciF2GSC4MBa04Ha2X6uYj3TswV0D
gS1SU9N0j/IeyjQAs4YUnsoq7hoGgJDrGhYRRHf8JwW5IApA8lDXm3UBM32Cx5Ml
PX+fpoNe0SGwIGPsIiMr6T3CfDxWCnzevzv6xigEibrqvRAk+HE1q0ITO3rpBNog
EncfAZkmtpu3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org