Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sksMYPhqP0DDdxp6wbrg5oq6yI.roa
File: 4sksMYPhqP0DDdxp6wbrg5oq6yI.roa (raw, json)
Hash identifier: cf0vs5EXjMpwI6Uyx+Ql3ubvPM5C7KPt3NU8kEaKAn8=
Subject key identifier: E2:C9:2C:31:83:E1:A8:FD:03:0D:DC:69:EB:06:EB:83:9A:2A:EB:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B4C1302EE3822F28FB5E01D545134D282
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sksMYPhqP0DDdxp6wbrg5oq6yI.roa
Signing time: Fri 20 Oct 2023 07:53:16 +0000
ROA not before: Fri 20 Oct 2023 07:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 212.193.25.0/24 maxlen: 24
212.193.27.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:13:02:ee:38:22:f2:8f:b5:e0:1d:54:51:34:d2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 20 07:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2c92c3183e1a8fd030ddc69eb06eb839a2aeb22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9e:bb:0b:01:23:61:95:3a:0f:21:b8:3a:29:
a6:73:1c:a6:b1:c3:f8:c8:66:99:3d:38:7b:13:2f:
bc:78:64:c9:97:5d:41:b8:12:8b:47:38:18:ff:c0:
c7:06:5e:40:e0:0b:c1:04:04:42:68:94:a3:07:92:
06:0c:0b:98:00:be:f3:bb:6b:b7:a4:eb:f3:4b:11:
10:9e:a7:5f:c3:34:74:de:20:ef:3e:29:59:d5:c8:
ec:52:b8:a8:56:7b:a6:ca:60:b8:54:a2:25:50:7b:
3a:df:2f:14:16:dc:22:a2:db:95:49:7c:9c:07:e3:
74:b0:de:c7:cf:2e:0a:9e:ad:f2:19:5e:b0:87:10:
1b:57:f1:d7:1d:62:16:e6:4f:07:0c:42:3c:c4:f0:
ae:46:c1:97:ad:05:c9:6e:43:bc:7a:be:8d:8c:3a:
a0:4b:54:f3:70:72:b8:27:ad:0b:ef:d4:59:5a:6b:
f4:40:8c:00:70:61:57:7e:7b:cf:d7:2d:f6:34:b1:
3a:04:5f:08:3a:5b:ea:d6:77:93:80:25:f0:39:a8:
c6:d0:9f:46:fc:4e:e4:95:76:4d:02:12:b3:05:2f:
a3:a3:34:fc:82:05:ae:cf:c6:f1:90:a6:cd:62:ff:
0d:ae:aa:44:10:7f:99:0c:7f:66:4d:fb:a4:3e:17:
82:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C9:2C:31:83:E1:A8:FD:03:0D:DC:69:EB:06:EB:83:9A:2A:EB:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sksMYPhqP0DDdxp6wbrg5oq6yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.188.0/24
194.135.38.0/24
212.192.1.0/24
212.193.25.0/24
212.193.27.0/24
Signature Algorithm: sha256WithRSAEncryption
20:da:c1:85:98:e0:56:ee:3e:55:56:30:76:ac:f9:a2:3a:38:
4f:e5:b2:1e:2e:d2:9b:e2:5d:03:a7:08:b6:b7:23:ac:ec:d5:
c8:31:11:f3:6a:d3:ed:c0:55:c5:dc:1b:7c:5a:a4:68:73:0a:
48:3f:06:3a:b4:23:fe:c8:f5:30:5c:ac:15:2e:5d:1c:1d:de:
de:07:1d:2d:69:74:d9:97:9c:a8:c3:64:20:c8:d9:85:70:1e:
8d:b4:29:47:2b:33:22:11:35:37:e5:8e:78:c2:7d:6f:ca:f5:
88:ff:b2:a1:71:1f:86:1b:e0:fb:2d:cd:4a:59:c5:53:1c:9c:
12:dd:ae:28:dc:22:c5:36:76:2c:51:be:86:5a:65:2e:26:af:
90:f8:04:f0:a5:4e:2a:f0:e7:41:03:1e:44:7f:6e:83:e7:b3:
15:20:5a:f1:e6:e9:e3:d5:12:af:42:25:52:16:ba:d2:6a:90:
b4:22:30:ab:e1:90:2e:8e:b3:cc:d0:bf:6c:b1:2a:c0:9d:9c:
f8:c0:a1:89:7a:d5:a4:28:fe:00:5d:84:61:a4:dc:21:18:0a:
df:6a:04:51:ac:4d:f9:14:bf:92:5a:ee:66:5d:ab:47:96:bc:
63:c8:48:eb:d6:a4:20:ff:c1:97:b0:13:4c:10:a7:f5:82:2d:
1b:d4:cc:d3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtMEwLuOCLyj7XgHVRRNNKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDIwMDc1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM5MmMzMTgzZTFhOGZkMDMwZGRjNjllYjA2ZWI4MzlhMmFlYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Z67CwEjYZU6DyG4OimmcxymscP4
yGaZPTh7Ey+8eGTJl11BuBKLRzgY/8DHBl5A4AvBBARCaJSjB5IGDAuYAL7zu2u3
pOvzSxEQnqdfwzR03iDvPilZ1cjsUrioVnumymC4VKIlUHs63y8UFtwiotuVSXyc
B+N0sN7Hzy4Knq3yGV6whxAbV/HXHWIW5k8HDEI8xPCuRsGXrQXJbkO8er6NjDqg
S1TzcHK4J60L79RZWmv0QIwAcGFXfnvP1y32NLE6BF8IOlvq1neTgCXwOajG0J9G
/E7klXZNAhKzBS+jozT8ggWuz8bxkKbNYv8NrqpEEH+ZDH9mTfukPheCZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOLJLDGD4aj9Aw3caesG64OaKusiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHNrc01ZUGhxUDBERGR4cDZ3YnJnNW9xNnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgKAwQA
wHy8AwQAwocmAwQA1MABAwQA1MEZAwQA1MEbMA0GCSqGSIb3DQEBCwUAA4IBAQAg
2sGFmOBW7j5VVjB2rPmiOjhP5bIeLtKb4l0Dpwi2tyOs7NXIMRHzatPtwFXF3Bt8
WqRocwpIPwY6tCP+yPUwXKwVLl0cHd7eBx0taXTZl5yow2QgyNmFcB6NtClHKzMi
ETU35Y54wn1vyvWI/7KhcR+GG+D7Lc1KWcVTHJwS3a4o3CLFNnYsUb6GWmUuJq+Q
+ATwpU4q8OdBAx5Ef26D57MVIFrx5unj1RKvQiVSFrrSapC0IjCr4ZAujrPM0L9s
sSrAnZz4wKGJetWkKP4AXYRhpNwhGArfagRRrE35FL+SWu5mXatHlrxjyEjr1qQg
/8GXsBNMEKf1gi0b1MzT
-----END CERTIFICATE-----
Generated at Thu Oct 26 14:17:58 2023 by rpki-client on console-fra.rpki-client.org