Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6Vt0U41QG3TtjNkAgYvWjsY5lk0.roa
File: 6Vt0U41QG3TtjNkAgYvWjsY5lk0.roa (raw, json)
Hash identifier: 5WZkY8HTcluu0jizF7GQFydk58uHMKCIOcJcGnxedBY=
Subject key identifier: E9:5B:74:53:8D:50:1B:74:ED:8C:D9:00:81:8B:D6:8E:C6:39:96:4D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875731026009CC06038DC76FBF14BD6A7D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6Vt0U41QG3TtjNkAgYvWjsY5lk0.roa
Signing time: Thu 06 Apr 2023 15:30:42 +0000
ROA not before: Thu 06 Apr 2023 15:30:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:31:02:60:09:cc:06:03:8d:c7:6f:bf:14:bd:6a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:30:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e95b74538d501b74ed8cd900818bd68ec639964d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7d:f5:6e:61:37:72:14:27:80:c2:cb:3c:ec:
ee:bc:b4:b4:63:db:64:cb:ed:7f:0c:1c:68:68:ab:
0b:e2:7f:dc:3f:98:78:04:2c:c2:80:6b:0e:4f:49:
95:1d:05:90:ff:8d:40:44:0b:42:4c:42:0a:c8:df:
3a:f0:73:77:f9:f3:c6:1d:3f:ac:b9:d1:ae:cf:78:
cc:20:3a:7b:7f:19:7d:70:85:1d:a0:9d:8f:83:75:
bf:13:d9:49:f9:e0:57:55:6f:7f:6e:f6:90:71:9d:
c0:1d:77:fd:61:09:b2:ff:28:26:23:ec:99:5e:95:
b8:eb:ae:20:58:c5:9e:17:21:c6:08:04:a7:be:d8:
90:d4:85:83:9e:77:83:95:64:4a:5f:91:86:17:76:
f2:25:3f:ad:12:92:aa:7f:2c:d5:ef:99:ee:0a:b0:
5b:15:49:0f:20:f3:1d:d6:39:e4:93:a1:2a:76:79:
68:35:63:4f:8b:bf:85:5b:9a:54:9f:f2:a1:13:18:
56:f8:5e:9e:95:ae:55:ba:36:0c:ba:d7:1a:ba:2b:
2f:c4:4b:de:73:8b:33:e5:97:11:5e:6b:1b:e7:05:
ec:40:db:58:e7:1f:09:b8:42:d3:de:80:32:ae:27:
fb:b8:37:ea:8d:fa:50:e3:4a:73:68:98:fc:92:01:
49:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5B:74:53:8D:50:1B:74:ED:8C:D9:00:81:8B:D6:8E:C6:39:96:4D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6Vt0U41QG3TtjNkAgYvWjsY5lk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.45.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
33:fe:48:30:a9:5f:c6:a8:9b:d9:8f:dd:2b:01:b4:70:38:4a:
af:2c:cb:ba:b3:ec:05:3d:b4:e5:4a:ad:50:ca:72:8c:7c:fa:
78:09:d7:35:0f:28:01:1a:e0:0b:2e:5f:07:30:16:a9:f4:e9:
1b:86:b3:d8:e0:87:a3:25:72:84:a9:2b:11:bd:a3:37:cd:c0:
a6:88:5a:e1:4a:b2:73:a8:ad:f7:21:10:10:4d:e4:70:4a:39:
d2:ab:0b:39:4d:a3:60:b5:92:1c:19:d9:d5:c1:75:87:bb:a9:
c8:53:fa:a8:70:29:b0:71:02:91:79:d3:12:8f:da:f6:86:a4:
0e:3e:81:f2:1c:51:0a:5b:69:2e:ee:1d:c9:50:c4:e0:8b:29:
f9:05:75:d1:87:6e:e9:54:81:2a:5f:c3:61:d1:f1:c1:5a:73:
fa:25:8f:87:c0:83:08:09:e7:bf:8e:ab:39:65:9f:82:70:0f:
de:4e:ff:9b:f4:2a:19:5a:a3:79:ec:bc:3e:a0:13:f4:f5:e1:
31:89:04:95:59:51:3f:87:d5:c9:73:ba:47:26:b2:93:ea:92:
67:e0:ec:46:4e:12:aa:c0:de:51:01:a5:79:97:da:50:c2:76:
d1:b2:79:b7:72:70:ca:03:7e:99:3c:d8:81:c9:12:51:bb:80:
6b:24:42:92
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdXMQJgCcwGA43Hb78UvWp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTUzMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTViNzQ1MzhkNTAxYjc0ZWQ4Y2Q5MDA4MThiZDY4ZWM2Mzk5NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n31bmE3chQngMLLPOzuvLS0Y9tk
y+1/DBxoaKsL4n/cP5h4BCzCgGsOT0mVHQWQ/41ARAtCTEIKyN868HN3+fPGHT+s
udGuz3jMIDp7fxl9cIUdoJ2Pg3W/E9lJ+eBXVW9/bvaQcZ3AHXf9YQmy/ygmI+yZ
XpW4664gWMWeFyHGCASnvtiQ1IWDnneDlWRKX5GGF3byJT+tEpKqfyzV75nuCrBb
FUkPIPMd1jnkk6EqdnloNWNPi7+FW5pUn/KhExhW+F6ela5VujYMutcauisvxEve
c4sz5ZcRXmsb5wXsQNtY5x8JuELT3oAyrif7uDfqjfpQ40pzaJj8kgFJ0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOlbdFONUBt07YzZAIGL1o7GOZZNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNlZ0MFU0MVFHM1R0ak5rQWdZdldqc1k1bGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlctAwQA
wlfYAwQAwlfaAwQAw4VYAwQA1MAOMA0GCSqGSIb3DQEBCwUAA4IBAQAz/kgwqV/G
qJvZj90rAbRwOEqvLMu6s+wFPbTlSq1QynKMfPp4Cdc1DygBGuALLl8HMBap9Okb
hrPY4IejJXKEqSsRvaM3zcCmiFrhSrJzqK33IRAQTeRwSjnSqws5TaNgtZIcGdnV
wXWHu6nIU/qocCmwcQKRedMSj9r2hqQOPoHyHFEKW2ku7h3JUMTgiyn5BXXRh27p
VIEqX8Nh0fHBWnP6JY+HwIMICee/jqs5ZZ+CcA/eTv+b9CoZWqN57Lw+oBP09eEx
iQSVWVE/h9XJc7pHJrKT6pJn4OxGThKqwN5RAaV5l9pQwnbRsnm3cnDKA36ZPNiB
yRJRu4BrJEKS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org