Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5y2XWkRIe0KnrF_xg4dMOYJZevM.roa
File: 5y2XWkRIe0KnrF_xg4dMOYJZevM.roa (raw, json)
Hash identifier: 6ADd9K4JQm4g1E68HHTUJYMZDGSsCU05oGU2uaJgVSk=
Subject key identifier: E7:2D:97:5A:44:48:7B:42:A7:AC:5F:F1:83:87:4C:39:82:59:7A:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BAA67E7158DECF1979CDB30C02A504235
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5y2XWkRIe0KnrF_xg4dMOYJZevM.roa
Signing time: Tue 07 Nov 2023 15:30:17 +0000
ROA not before: Tue 07 Nov 2023 15:30:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:67:e7:15:8d:ec:f1:97:9c:db:30:c0:2a:50:42:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 7 15:30:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e72d975a44487b42a7ac5ff183874c3982597af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:60:f2:e8:a0:22:af:5d:97:1a:99:24:b3:79:
8b:03:53:d6:fd:df:c0:99:c2:5a:87:8a:fc:d6:c2:
68:68:e9:c0:4a:5c:47:24:c2:54:fb:7c:a5:a9:c3:
9b:c5:84:8b:f6:56:68:34:69:76:73:08:22:39:37:
c9:8e:d5:a2:7d:90:2d:b3:07:14:1e:a8:25:8d:46:
ed:17:42:f3:e3:21:cc:14:41:63:f1:ce:a9:da:2d:
62:65:14:dc:c7:44:75:74:77:80:ae:17:7e:a3:4d:
c9:46:74:36:85:3d:c9:e9:d6:cd:5e:5f:a8:5d:6e:
ea:56:d5:21:2f:b5:58:4b:2e:f3:ff:d2:4a:a1:c3:
e4:58:14:1a:e4:cf:6e:73:81:ff:d7:a4:fa:33:8d:
90:d2:ea:2c:09:f0:7c:23:9f:92:68:93:83:25:72:
d2:40:c5:dc:cd:fd:dc:5f:0e:48:80:0f:b2:ad:36:
6f:f2:1b:f0:81:af:68:c0:98:de:4d:71:34:16:0e:
4a:4c:fc:dc:a2:b0:6a:a3:16:f9:b7:24:d7:ef:71:
42:10:da:06:50:be:f4:06:d4:c3:39:07:2a:11:87:
fd:ce:63:53:d7:7d:b8:99:5e:ae:ac:56:74:dd:66:
b4:03:23:f9:7a:75:54:f2:ce:61:b9:72:7b:44:ad:
98:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2D:97:5A:44:48:7B:42:A7:AC:5F:F1:83:87:4C:39:82:59:7A:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5y2XWkRIe0KnrF_xg4dMOYJZevM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:55:42:07:e8:7d:fa:f0:5b:8c:9b:36:58:bf:7e:42:9f:24:
00:09:ef:86:23:3c:cf:1b:2d:9e:23:35:48:6c:8a:df:2b:fa:
82:16:aa:5f:cf:9c:1f:2d:73:51:a0:55:ae:92:02:03:41:1f:
dc:d3:dd:63:75:55:7d:2c:b2:2b:33:f0:49:1e:da:31:f1:14:
3a:36:33:d4:e3:a5:c8:6f:ae:f1:57:2c:ce:af:bc:18:cb:f4:
2a:d9:26:2e:65:43:43:04:b0:00:a6:12:7d:70:ae:62:4e:0f:
fd:50:4f:d9:29:cf:26:ea:3c:84:a6:f0:99:43:8e:75:7f:12:
e5:bc:74:f1:6c:dc:b1:12:a7:6b:01:75:bc:70:48:27:59:6a:
e9:c4:c3:0a:f8:e4:da:14:05:bf:08:6b:ff:c9:2b:a4:4f:55:
d9:45:98:73:bf:ec:99:2c:82:3e:68:c5:95:17:57:67:8a:43:
f7:fc:9e:6d:5d:fb:94:db:d4:90:62:0e:29:2d:2d:5c:da:6c:
0a:5b:af:8b:69:28:54:bf:91:a3:82:2c:cb:2e:c7:fc:23:df:
7a:fd:c1:bc:d4:2e:43:45:30:82:05:6f:d0:0f:fc:5c:89:28:
c3:ea:8c:76:3d:1c:35:a8:08:96:fa:57:d3:62:0b:d8:a6:7f:
46:96:54:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuqZ+cVjezxl5zbMMAqUEI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA3MTUzMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzJkOTc1YTQ0NDg3YjQyYTdhYzVmZjE4Mzg3NGMzOTgyNTk3YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmDy6KAir12XGpkks3mLA1PW/d/A
mcJah4r81sJoaOnASlxHJMJU+3ylqcObxYSL9lZoNGl2cwgiOTfJjtWifZAtswcU
HqgljUbtF0Lz4yHMFEFj8c6p2i1iZRTcx0R1dHeArhd+o03JRnQ2hT3J6dbNXl+o
XW7qVtUhL7VYSy7z/9JKocPkWBQa5M9uc4H/16T6M42Q0uosCfB8I5+SaJODJXLS
QMXczf3cXw5IgA+yrTZv8hvwga9owJjeTXE0Fg5KTPzcorBqoxb5tyTX73FCENoG
UL70BtTDOQcqEYf9zmNT1324mV6urFZ03Wa0AyP5enVU8s5huXJ7RK2YVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOctl1pESHtCp6xf8YOHTDmCWXrzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNXkyWFdrUkllMEtuckZfeGc0ZE1PWUpaZXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHy1AwQA
wHy+AwQAwHzRAwQA1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQA/VUIH6H368FuMmzZY
v35CnyQACe+GIzzPGy2eIzVIbIrfK/qCFqpfz5wfLXNRoFWukgIDQR/c091jdVV9
LLIrM/BJHtox8RQ6NjPU46XIb67xVyzOr7wYy/Qq2SYuZUNDBLAAphJ9cK5iTg/9
UE/ZKc8m6jyEpvCZQ451fxLlvHTxbNyxEqdrAXW8cEgnWWrpxMMK+OTaFAW/CGv/
ySukT1XZRZhzv+yZLII+aMWVF1dnikP3/J5tXfuU29SQYg4pLS1c2mwKW6+LaShU
v5GjgizLLsf8I996/cG81C5DRTCCBW/QD/xciSjD6ox2PRw1qAiW+lfTYgvYpn9G
llSt
-----END CERTIFICATE-----
Generated at Tue Nov 21 16:59:27 2023 by rpki-client on console-ams.rpki-client.org