Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57VK8p94uSu8Nf8Ib6k8OtO0GQ0.roa
File: 57VK8p94uSu8Nf8Ib6k8OtO0GQ0.roa (raw, json)
Hash identifier: /OtA9qDpx6XNFDj6xdodn34DCR8Q4QDygAjqt53dkgE=
Subject key identifier: E7:B5:4A:F2:9F:78:B9:2B:BC:35:FF:08:6F:A9:3C:3A:D3:B4:19:0D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BAA31E358D85ED4F9C6F13AE9B4059FD0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57VK8p94uSu8Nf8Ib6k8OtO0GQ0.roa
Signing time: Tue 07 Nov 2023 14:31:18 +0000
ROA not before: Tue 07 Nov 2023 14:31:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:31:e3:58:d8:5e:d4:f9:c6:f1:3a:e9:b4:05:9f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 7 14:31:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7b54af29f78b92bbc35ff086fa93c3ad3b4190d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:94:6f:0c:27:7f:e2:d2:10:30:14:20:0f:30:
a0:41:01:a2:8a:27:7f:4b:17:6c:bf:d8:c4:00:f2:
17:62:6d:48:f1:87:75:79:18:45:93:d0:fe:aa:d0:
83:c1:0a:d0:8d:67:14:a4:e1:2b:23:11:97:5f:f9:
cf:84:c8:1a:c0:04:b2:21:ff:eb:40:da:c1:2e:38:
ab:d0:3c:12:4e:a8:99:5c:e3:6b:40:aa:06:89:1c:
e7:5f:12:cd:a4:b3:51:6f:d9:94:2a:de:73:e3:8b:
b3:0f:c2:f8:bf:2e:6f:b7:df:ec:f3:fe:c2:94:ac:
ad:76:53:52:68:61:97:3c:61:71:fc:06:4e:90:72:
19:91:d8:1e:c7:4a:ec:2d:0d:ba:f7:b1:ca:b5:48:
79:06:26:8d:3c:83:a6:04:16:5c:da:ee:91:3d:07:
d4:d7:e9:3c:d3:d0:97:67:3e:f6:76:54:da:aa:06:
e8:9a:66:c8:bb:d8:0d:9e:ba:04:73:68:ee:39:17:
11:9a:32:c7:f9:3d:c1:02:3b:cc:f5:c3:5d:55:f6:
b6:48:d2:00:00:6a:c9:50:49:8b:44:cd:34:01:df:
bb:06:4b:d7:39:20:d0:cb:66:9e:56:53:ef:f9:24:
bf:ef:b7:de:9f:74:46:62:10:af:71:70:ef:45:ed:
04:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B5:4A:F2:9F:78:B9:2B:BC:35:FF:08:6F:A9:3C:3A:D3:B4:19:0D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/57VK8p94uSu8Nf8Ib6k8OtO0GQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
12:71:f6:12:73:43:70:ae:08:eb:00:49:31:98:2e:02:b2:b4:
a0:90:fd:68:38:db:ba:24:3b:a3:f7:f1:8d:ee:72:8d:e5:8e:
0f:13:6b:bb:66:49:b4:72:94:6b:70:3f:71:6c:b9:fd:55:59:
bb:c5:fc:4c:b5:08:27:8e:7c:08:0c:b8:62:23:a1:a8:21:41:
1c:9b:e6:8b:3b:3b:6f:ff:17:3b:6c:af:40:83:f8:f1:5a:66:
84:ba:d6:5e:ad:8f:a8:89:d8:8a:e6:cf:4f:0b:f9:f7:54:70:
5b:b5:0d:38:88:85:05:15:68:c2:d8:0a:dd:9c:82:e1:1d:da:
68:3e:5b:20:c9:97:d9:80:a9:d1:85:ce:06:4c:6e:a5:25:13:
8b:b2:ac:b4:2c:29:e0:fc:d4:65:32:e4:b0:74:71:1d:3f:a0:
cd:5b:79:bb:41:08:91:9e:5c:72:a9:76:3a:88:57:7c:15:6f:
ef:79:aa:68:8a:68:87:19:5c:1a:79:b7:b6:d2:7a:d1:42:5e:
c7:0d:b6:01:09:22:20:f2:d0:e3:97:61:ee:57:7e:fe:03:4f:
0b:f4:56:f8:38:e1:13:da:23:3b:27:63:43:a2:5e:3e:ad:a0:
a9:58:fa:78:52:dc:2b:38:7b:d2:37:31:e7:b8:3c:26:2a:38:
3c:c0:23:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuqMeNY2F7U+cbxOum0BZ/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA3MTQzMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2I1NGFmMjlmNzhiOTJiYmMzNWZmMDg2ZmE5M2MzYWQzYjQxOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipRvDCd/4tIQMBQgDzCgQQGiiid/
Sxdsv9jEAPIXYm1I8Yd1eRhFk9D+qtCDwQrQjWcUpOErIxGXX/nPhMgawASyIf/r
QNrBLjir0DwSTqiZXONrQKoGiRznXxLNpLNRb9mUKt5z44uzD8L4vy5vt9/s8/7C
lKytdlNSaGGXPGFx/AZOkHIZkdgex0rsLQ2697HKtUh5BiaNPIOmBBZc2u6RPQfU
1+k809CXZz72dlTaqgbommbIu9gNnroEc2juORcRmjLH+T3BAjvM9cNdVfa2SNIA
AGrJUEmLRM00Ad+7BkvXOSDQy2aeVlPv+SS/77fen3RGYhCvcXDvRe0E4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOe1SvKfeLkrvDX/CG+pPDrTtBkNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNTdWSzhwOTR1U3U4TmY4SWI2azhPdE8wR1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHy1AwQA
wHy+AwQAwHzRAwQA1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQAScfYSc0NwrgjrAEkx
mC4CsrSgkP1oONu6JDuj9/GN7nKN5Y4PE2u7Zkm0cpRrcD9xbLn9VVm7xfxMtQgn
jnwIDLhiI6GoIUEcm+aLOztv/xc7bK9Ag/jxWmaEutZerY+oidiK5s9PC/n3VHBb
tQ04iIUFFWjC2ArdnILhHdpoPlsgyZfZgKnRhc4GTG6lJROLsqy0LCng/NRlMuSw
dHEdP6DNW3m7QQiRnlxyqXY6iFd8FW/veapoimiHGVwaebe20nrRQl7HDbYBCSIg
8tDjl2HuV37+A08L9Fb4OOET2iM7J2NDol4+raCpWPp4UtwrOHvSNzHnuDwmKjg8
wCPw
-----END CERTIFICATE-----
Generated at Tue Nov 21 16:20:52 2023 by rpki-client on console-ams.rpki-client.org