Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4amtPrSnnpQtVP-iXTTEk5oO6eo.roa
File: 4amtPrSnnpQtVP-iXTTEk5oO6eo.roa (raw, json)
Hash identifier: agMGs7B0JQJEq74rGp2wOaHm+keTAl/UufnhqWyEV+o=
Subject key identifier: E1:A9:AD:3E:B4:A7:9E:94:2D:54:FF:A2:5D:34:C4:93:9A:0E:E9:EA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188E3366E362FB0CB1164965EBA26FDD5BC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4amtPrSnnpQtVP-iXTTEk5oO6eo.roa
Signing time: Thu 22 Jun 2023 13:06:15 +0000
ROA not before: Thu 22 Jun 2023 13:06:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.82.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e3:36:6e:36:2f:b0:cb:11:64:96:5e:ba:26:fd:d5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 22 13:06:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a9ad3eb4a79e942d54ffa25d34c4939a0ee9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9b:3e:9d:5c:22:26:b4:4c:e2:ca:eb:b7:4a:
59:8d:fa:5f:21:67:59:09:06:76:aa:74:c6:51:d4:
1c:1e:2f:82:3e:e1:8f:30:e2:c1:59:0f:4e:64:47:
05:18:34:81:4f:5f:a2:4f:3d:f3:3e:ec:73:dc:84:
a6:15:3c:07:50:46:83:4e:19:47:65:08:32:fe:8e:
d2:05:97:46:31:8f:fb:9f:17:fc:13:84:ab:0e:36:
61:71:f2:74:1f:f0:af:15:c6:0e:58:8a:f4:16:cb:
18:28:a8:74:65:d8:16:84:52:15:e1:4b:ca:9d:89:
3a:b7:14:fe:ef:e2:79:c2:29:02:85:50:54:2c:a5:
0a:8d:19:89:63:56:2d:64:1c:f6:29:94:7e:0e:cf:
91:ae:09:6a:5c:ab:f4:dc:b4:d4:fc:9a:70:8f:10:
b8:86:04:4c:51:e9:76:b8:88:2e:46:37:5a:27:1b:
19:ea:9a:91:56:72:9b:38:c7:9a:de:c5:d7:7b:19:
ca:19:5c:f7:f4:6e:8f:1d:a7:de:4b:37:ad:ef:88:
f7:8c:25:66:aa:4f:67:7c:8f:bd:5f:81:48:3f:2d:
4f:75:f6:2d:d4:d3:5e:ed:ef:81:62:32:29:9f:31:
dc:1b:a9:5b:e3:b0:28:ef:dd:57:15:e0:58:d0:2e:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A9:AD:3E:B4:A7:9E:94:2D:54:FF:A2:5D:34:C4:93:9A:0E:E9:EA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4amtPrSnnpQtVP-iXTTEk5oO6eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
193.124.45.0/24
194.58.58.0/24
194.87.44.0/24
194.87.121.0/24
194.87.165.0/24
195.133.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:ff:d8:6c:b3:32:57:3c:e6:40:44:f2:06:31:3b:c0:93:0b:
b1:79:ac:e5:c9:f1:46:57:ab:78:f8:d2:12:b1:20:02:23:bb:
17:b7:38:47:cb:36:48:4e:bb:06:ff:f6:74:21:8b:c0:7a:27:
4e:d7:c2:01:3b:39:6f:6b:b9:7d:45:24:bd:91:de:17:fd:79:
54:ab:4e:de:fe:b4:40:de:74:cb:9b:1b:93:70:eb:37:38:b4:
c4:40:a2:c5:91:13:67:e2:db:75:ff:9c:31:fd:b7:5f:79:18:
3a:e7:c1:91:d2:82:63:a2:9f:b9:e1:03:cd:64:f4:39:2d:2e:
4a:c9:aa:d0:b9:13:5a:27:a2:86:85:b4:76:0b:67:20:c4:09:
1f:78:28:02:1a:0f:41:af:ec:c2:ed:80:53:4c:c6:24:25:59:
5a:96:2c:52:fc:ec:03:ed:dc:9d:aa:f0:8d:18:ff:4d:97:eb:
d2:f5:8c:c1:cb:f9:fe:68:38:23:ef:d9:b7:f8:f3:14:d5:43:
b8:3a:d5:60:81:c7:83:a0:46:f7:b6:3d:1b:c0:96:39:aa:a4:
e1:be:3d:ca:fe:42:82:27:7c:a0:67:66:cc:ef:aa:28:62:dc:
33:9e:46:1d:69:4c:a4:ad:40:e7:66:81:32:90:50:67:e8:7d:
40:12:64:8b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYjjNm42L7DLEWSWXrom/dW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIyMTMwNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE5YWQzZWI0YTc5ZTk0MmQ1NGZmYTI1ZDM0YzQ5MzlhMGVlOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJs+nVwiJrRM4srrt0pZjfpfIWdZ
CQZ2qnTGUdQcHi+CPuGPMOLBWQ9OZEcFGDSBT1+iTz3zPuxz3ISmFTwHUEaDThlH
ZQgy/o7SBZdGMY/7nxf8E4SrDjZhcfJ0H/CvFcYOWIr0FssYKKh0ZdgWhFIV4UvK
nYk6txT+7+J5wikChVBULKUKjRmJY1YtZBz2KZR+Ds+RrglqXKv03LTU/JpwjxC4
hgRMUel2uIguRjdaJxsZ6pqRVnKbOMea3sXXexnKGVz39G6PHafeSzet74j3jCVm
qk9nfI+9X4FIPy1PdfYt1NNe7e+BYjIpnzHcG6lb47Ao791XFeBY0C6cAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOGprT60p56ULVT/ol00xJOaDunqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNGFtdFByU25ucFF0VlAtaVhUVEVrNW9PNmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwHy3AwQA
wXwtAwQAwjo6AwQAwlcsAwQAwld5AwQAwlelAwQAw4VSMA0GCSqGSIb3DQEBCwUA
A4IBAQCP/9hsszJXPOZARPIGMTvAkwuxeazlyfFGV6t4+NISsSACI7sXtzhHyzZI
TrsG//Z0IYvAeidO18IBOzlva7l9RSS9kd4X/XlUq07e/rRA3nTLmxuTcOs3OLTE
QKLFkRNn4tt1/5wx/bdfeRg658GR0oJjop+54QPNZPQ5LS5KyarQuRNaJ6KGhbR2
C2cgxAkfeCgCGg9Br+zC7YBTTMYkJVlalixS/OwD7dydqvCNGP9Nl+vS9YzBy/n+
aDgj79m3+PMU1UO4OtVggceDoEb3tj0bwJY5qqThvj3K/kKCJ3ygZ2bM76ooYtwz
nkYdaUykrUDnZoEykFBn6H1AEmSL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org