Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/74frFC7GNAQ-8yDIPGbreJbGiLA.roa
File: 74frFC7GNAQ-8yDIPGbreJbGiLA.roa (raw, json)
Hash identifier: QEmHAc41CamOpI24d9l8xYcwpCf6Br1pxGl2JmKCWko=
Subject key identifier: EF:87:EB:14:2E:C6:34:04:3E:F3:20:C8:3C:66:EB:78:96:C6:88:B0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C407C93E44DC2B114A896CCAC3546B8A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/74frFC7GNAQ-8yDIPGbreJbGiLA.roa
Signing time: Wed 06 Dec 2023 18:55:55 +0000
ROA not before: Wed 06 Dec 2023 18:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.106.0/24 maxlen: 24
195.133.5.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
195.133.23.0/24 maxlen: 24
195.58.48.0/23 maxlen: 23
194.87.70.0/24 maxlen: 24
194.87.68.0/23 maxlen: 23
194.87.196.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:7c:93:e4:4d:c2:b1:14:a8:96:cc:ac:35:46:b8:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 6 18:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef87eb142ec634043ef320c83c66eb7896c688b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ce:4e:43:01:93:63:d5:4b:77:35:9a:c6:65:
cd:53:64:e5:d7:15:58:ac:87:55:fc:0d:25:69:c8:
6a:5e:f6:09:ee:c7:6b:ae:90:5d:e3:60:65:90:5a:
15:f7:3b:71:68:6e:f4:3c:b5:6d:b8:72:d2:32:31:
33:63:d0:47:69:07:f4:8c:61:a6:1e:c8:23:51:f6:
fc:3c:ae:4e:b7:08:70:67:75:f1:9d:c4:39:47:74:
e1:4c:84:f7:da:2d:48:97:ce:64:2b:f1:ef:9c:d6:
bb:8d:6b:3f:03:e6:c9:cb:55:da:b8:59:ee:bb:8b:
2e:96:8a:04:39:ed:64:52:a8:c2:8f:5e:9a:2a:dc:
95:ca:1c:8e:40:64:08:36:48:69:fb:73:a4:c5:85:
62:fa:45:53:f8:84:81:fd:08:80:51:86:a7:a7:12:
20:8d:cd:06:6f:3e:4a:b8:1b:0c:f4:09:33:24:28:
20:67:0e:77:56:22:47:56:70:e6:9a:ce:a7:91:51:
4c:8b:39:64:2f:cc:e8:38:3e:3c:51:11:56:49:49:
9e:86:92:4f:8a:2c:17:f8:ed:c6:60:0b:db:91:e9:
92:77:6d:f3:7c:7f:3e:b9:7f:2c:0c:0a:00:04:62:
23:02:a0:ba:a5:71:7c:0a:70:85:db:bc:0c:89:8f:
f1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:87:EB:14:2E:C6:34:04:3E:F3:20:C8:3C:66:EB:78:96:C6:88:B0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/74frFC7GNAQ-8yDIPGbreJbGiLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.48.0/24
194.87.68.0-194.87.70.255
194.87.106.0/24
194.87.196.0/23
195.58.48.0/23
195.133.5.0/24
195.133.23.0/24
Signature Algorithm: sha256WithRSAEncryption
79:06:a8:3b:19:42:52:63:3d:fa:1b:9e:de:4a:6e:34:84:8b:
78:9a:5e:b3:88:41:9c:7c:31:13:ed:bb:36:72:ed:d3:50:c7:
47:55:45:ca:1f:aa:bd:f0:73:c7:44:fa:72:07:25:3f:2c:af:
73:30:6b:34:b7:73:53:6d:4b:1f:81:21:29:b6:67:bf:08:0a:
c0:18:85:a5:31:f5:bc:04:4d:9e:8e:d5:14:62:ce:85:fa:a0:
9b:84:b2:96:5f:2b:9a:1a:8b:2f:49:04:55:38:94:7e:98:d9:
f4:a3:ad:05:84:a0:65:64:f3:c8:00:ad:da:35:26:df:43:86:
1e:f4:4a:3b:f6:0e:b5:40:a6:b2:84:c9:dd:00:fe:58:7e:02:
a7:2b:f0:b1:b2:42:df:07:ec:d5:21:40:0a:e9:c8:05:37:9b:
95:24:bf:00:d1:27:39:64:e7:da:c9:87:45:09:7f:89:ec:4d:
3b:25:99:f6:31:ce:5b:ec:29:2e:a8:17:75:1d:59:64:fe:3a:
c8:58:a1:0e:36:e5:45:90:43:90:1a:f2:3c:3d:90:80:62:64:
aa:c3:62:9c:df:d9:2a:bc:23:04:e6:b8:df:29:5a:ec:b5:52:
a3:bb:8f:91:3a:8c:46:b4:6e:7a:70:f6:e5:16:76:d5:06:83:
6d:50:60:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYxAfJPkTcKxFKiWzKw1RripMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA2MTg1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjg3ZWIxNDJlYzYzNDA0M2VmMzIwYzgzYzY2ZWI3ODk2YzY4OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm85OQwGTY9VLdzWaxmXNU2Tl1xVY
rIdV/A0lachqXvYJ7sdrrpBd42BlkFoV9ztxaG70PLVtuHLSMjEzY9BHaQf0jGGm
HsgjUfb8PK5OtwhwZ3XxncQ5R3ThTIT32i1Il85kK/HvnNa7jWs/A+bJy1XauFnu
u4sulooEOe1kUqjCj16aKtyVyhyOQGQINkhp+3OkxYVi+kVT+ISB/QiAUYanpxIg
jc0Gbz5KuBsM9AkzJCggZw53ViJHVnDmms6nkVFMizlkL8zoOD48URFWSUmehpJP
iiwX+O3GYAvbkemSd23zfH8+uX8sDAoABGIjAqC6pXF8CnCF27wMiY/xwQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFO+H6xQuxjQEPvMgyDxm63iWxoiwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNzRmckZDN0dOQVEtOHlESVBHYnJlSmJHaUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwXwHAwQA
wlcwMAwDBALCV0QDBADCV0YDBADCV2oDBAHCV8QDBAHDOjADBADDhQUDBADDhRcw
DQYJKoZIhvcNAQELBQADggEBAHkGqDsZQlJjPfobnt5KbjSEi3iaXrOIQZx8MRPt
uzZy7dNQx0dVRcofqr3wc8dE+nIHJT8sr3MwazS3c1NtSx+BISm2Z78ICsAYhaUx
9bwETZ6O1RRizoX6oJuEspZfK5oaiy9JBFU4lH6Y2fSjrQWEoGVk88gArdo1Jt9D
hh70Sjv2DrVAprKEyd0A/lh+Aqcr8LGyQt8H7NUhQArpyAU3m5UkvwDRJzlk59rJ
h0UJf4nsTTslmfYxzlvsKS6oF3UdWWT+OshYoQ425UWQQ5Aa8jw9kIBiZKrDYpzf
2Sq8IwTmuN8pWuy1UqO7j5E6jEa0bnpw9uUWdtUGg21QYL8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org