Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3yYvb5gVaQr6GlC3cArxplykAQk.roa
File: 3yYvb5gVaQr6GlC3cArxplykAQk.roa (raw, json)
Hash identifier: jfkpIaHT884vlXjT1ix75PjQ0LVQRP1bEhYoeqSnqSw=
Subject key identifier: DF:26:2F:6F:98:15:69:0A:FA:1A:50:B7:70:0A:F1:A6:5C:A4:01:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187DC01933CA42AC86F371A3BFEB58DC6E8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3yYvb5gVaQr6GlC3cArxplykAQk.roa
Signing time: Tue 02 May 2023 10:28:23 +0000
ROA not before: Tue 02 May 2023 10:28:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.58.33.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 21:05:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:01:93:3c:a4:2a:c8:6f:37:1a:3b:fe:b5:8d:c6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 2 10:28:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df262f6f9815690afa1a50b7700af1a65ca40109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ee:13:cc:e1:b2:e8:a8:59:cd:18:4c:86:92:
af:4b:75:1c:a8:c8:9a:39:c7:76:17:e6:a5:06:d7:
28:63:1d:04:e3:e0:fe:dc:c3:a8:da:b8:33:af:4f:
e1:e0:33:42:c5:d0:b3:1b:ee:48:f9:e2:b8:64:1b:
62:f4:33:ac:60:34:82:ae:11:0c:df:46:e6:32:4f:
c2:d7:35:64:df:8c:09:46:c7:73:e5:72:3d:a0:9d:
b1:7b:14:ea:0d:9f:7a:bb:1f:51:1b:cb:5f:fb:76:
59:cc:0f:d2:e2:cf:16:84:57:9d:de:51:0f:1a:92:
15:1f:12:9a:10:fb:17:28:63:f9:29:18:fd:f0:c9:
3b:c4:11:e3:7a:5a:f1:79:cf:9e:35:11:cd:9a:36:
75:ed:e9:2f:22:e3:96:af:7a:dd:de:a4:98:4d:d3:
2f:5d:bb:50:bc:c9:a9:4c:cc:a8:c8:8e:87:0d:7f:
6d:f2:94:db:8c:2b:0b:4a:60:22:e9:ba:ee:f1:60:
39:1b:62:4e:d5:af:b3:43:5e:66:18:e4:18:f5:53:
67:cb:a1:3c:cb:7a:0d:b4:95:f7:a1:a8:c6:cb:30:
28:fc:4e:5b:4f:63:e8:d9:c0:18:77:01:48:99:35:
72:eb:9f:41:bb:b5:05:0a:c3:4f:34:5a:82:56:75:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:26:2F:6F:98:15:69:0A:FA:1A:50:B7:70:0A:F1:A6:5C:A4:01:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3yYvb5gVaQr6GlC3cArxplykAQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.199.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ef:b5:9a:da:05:45:98:60:45:2a:b4:a4:8c:bb:06:2b:48:
2f:df:50:7e:fa:56:06:38:1f:2a:0f:81:1a:61:c5:71:49:49:
c9:da:65:f1:57:0f:15:16:3d:19:b3:f9:4d:f5:a2:81:dc:e5:
ef:90:71:b2:ba:c5:aa:7c:98:07:2c:a5:75:c3:35:86:7c:2c:
20:a8:84:20:a4:21:bd:ac:bd:c9:b7:ea:11:aa:65:09:f8:a8:
65:42:7b:e6:e8:49:8c:fc:0c:ac:f1:d3:79:b4:f3:8b:46:f3:
3e:12:02:ca:1b:5e:f8:02:02:68:25:af:cb:c5:cd:d2:e0:28:
31:4c:5f:15:c0:5b:a4:38:41:30:fb:79:e2:6e:20:79:e7:5b:
80:43:af:62:c8:c7:e0:44:5b:71:3d:12:30:26:6d:42:37:1e:
bc:fa:dd:e0:02:f2:99:0c:27:1c:be:85:0b:d7:81:9e:29:b4:
2a:18:e1:23:83:b4:20:32:88:dc:4e:e6:d8:19:e9:77:2a:be:
17:af:3f:06:9a:42:69:b1:b2:a9:59:94:9d:bd:a1:d4:45:eb:
ec:cc:66:09:61:b4:a8:e5:88:e5:c7:f6:3e:38:c9:d3:90:ac:
d2:6a:fa:20:9e:ed:0b:8c:39:be:78:f1:5a:03:b4:9c:2b:e2:
64:53:b4:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfcAZM8pCrIbzcaO/61jcboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTAyMTAyODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI2MmY2Zjk4MTU2OTBhZmExYTUwYjc3MDBhZjFhNjVjYTQwMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge4TzOGy6KhZzRhMhpKvS3UcqMia
Ocd2F+alBtcoYx0E4+D+3MOo2rgzr0/h4DNCxdCzG+5I+eK4ZBti9DOsYDSCrhEM
30bmMk/C1zVk34wJRsdz5XI9oJ2xexTqDZ96ux9RG8tf+3ZZzA/S4s8WhFed3lEP
GpIVHxKaEPsXKGP5KRj98Mk7xBHjelrxec+eNRHNmjZ17ekvIuOWr3rd3qSYTdMv
XbtQvMmpTMyoyI6HDX9t8pTbjCsLSmAi6bru8WA5G2JO1a+zQ15mGOQY9VNny6E8
y3oNtJX3oajGyzAo/E5bT2Po2cAYdwFImTVy659Bu7UFCsNPNFqCVnXxfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8mL2+YFWkK+hpQt3AK8aZcpAEJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM3lZdmI1Z1ZhUXI2R2xDM2NBcnhwbHlrQVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjohAwQA
wlfHAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQAM77Wa2gVFmGBFKrSkjLsGK0gv
31B++lYGOB8qD4EaYcVxSUnJ2mXxVw8VFj0Zs/lN9aKB3OXvkHGyusWqfJgHLKV1
wzWGfCwgqIQgpCG9rL3Jt+oRqmUJ+KhlQnvm6EmM/Ays8dN5tPOLRvM+EgLKG174
AgJoJa/Lxc3S4CgxTF8VwFukOEEw+3nibiB551uAQ69iyMfgRFtxPRIwJm1CNx68
+t3gAvKZDCccvoUL14GeKbQqGOEjg7QgMojcTubYGel3Kr4Xrz8GmkJpsbKpWZSd
vaHURevszGYJYbSo5Yjlx/Y+OMnTkKzSavognu0LjDm+ePFaA7ScK+JkU7Tg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:05 2024 by rpki-client on console-fra.rpki-client.org