Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7F7cEks4L6vHmfPSj5Soe-O7L-w.roa
File: 7F7cEks4L6vHmfPSj5Soe-O7L-w.roa (raw, json)
Hash identifier: VJLCpp9bvjsbBRxwrDcqmeuHxxUtSlTt45SQ1WDsVY4=
Subject key identifier: EC:5E:DC:12:4B:38:2F:AB:C7:99:F3:D2:8F:94:A8:7B:E3:BB:2F:EC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188AFB7E72FCE80B720692DDD28D9A7A636
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7F7cEks4L6vHmfPSj5Soe-O7L-w.roa
Signing time: Mon 12 Jun 2023 13:07:25 +0000
ROA not before: Mon 12 Jun 2023 13:07:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.82.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:b7:e7:2f:ce:80:b7:20:69:2d:dd:28:d9:a7:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 13:07:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec5edc124b382fabc799f3d28f94a87be3bb2fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9a:47:38:98:d6:8e:7b:6a:bb:85:93:bd:6e:
0b:c5:25:c6:86:5f:74:e3:56:64:5c:ff:28:b9:f6:
75:bd:58:bf:e0:36:1a:26:24:d4:78:3b:9b:18:ec:
ef:02:73:69:97:d3:ca:0f:ca:b4:e6:95:c0:a3:43:
db:4c:5f:05:e7:2f:21:2f:27:22:64:16:4e:06:ff:
c1:10:ad:a2:10:22:6b:9c:f8:1f:53:33:97:c2:cf:
8c:d5:57:16:d1:60:2c:eb:ad:37:0f:f2:e2:a9:aa:
ba:be:a8:a0:86:62:26:89:e9:c9:cc:af:09:0c:ef:
16:8c:8c:d2:a9:2a:d2:29:2e:5f:33:15:1d:67:89:
2e:90:9d:9b:96:57:aa:1c:b9:1a:be:5f:da:84:91:
fa:a5:67:c0:af:9d:89:23:df:88:c0:75:da:58:23:
6b:80:83:02:32:c0:02:c4:bb:8a:0b:ee:dc:a7:7b:
ce:9f:16:04:94:d5:06:aa:2b:00:5c:b5:2e:ef:0c:
6b:05:ef:0a:8b:94:fe:f5:99:d7:b5:56:67:ba:ae:
9d:7f:bd:02:1d:35:cd:67:6c:37:f7:ee:2a:e4:0b:
ba:ca:9f:1a:71:a8:2a:ce:79:40:fb:fc:ce:40:10:
41:ee:a6:57:3f:30:9f:ac:10:a5:3d:9a:18:e0:75:
8d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5E:DC:12:4B:38:2F:AB:C7:99:F3:D2:8F:94:A8:7B:E3:BB:2F:EC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7F7cEks4L6vHmfPSj5Soe-O7L-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
194.87.44.0/24
194.87.121.0/24
194.87.165.0/24
194.87.171.0/24
195.133.82.0/24
Signature Algorithm: sha256WithRSAEncryption
04:24:e0:f3:3d:4f:ed:56:43:d7:10:08:de:4c:12:3b:9f:17:
36:4a:bf:fb:ed:97:c0:5f:d5:78:22:b7:19:8a:34:6f:df:53:
31:2a:a0:a4:69:4d:1b:a0:3b:c0:29:9c:b4:1d:be:c0:3b:21:
bc:12:3c:e6:4d:41:a7:1b:df:e7:af:0d:6f:b0:b0:76:9e:89:
a2:1a:3f:1b:2d:dc:7f:eb:82:e8:b6:18:cd:9f:84:4c:85:24:
ae:5d:bf:a2:b2:59:01:25:ec:78:6d:2d:08:16:0d:78:88:14:
4e:3a:69:5f:a6:05:2d:fc:ab:a0:78:44:04:b4:26:56:51:d2:
0c:a2:cc:5a:ff:e1:5f:7f:f3:9f:46:a8:48:96:25:d5:87:31:
ad:78:2b:51:82:48:88:d2:9e:2e:d6:26:33:b3:f0:59:b7:3e:
16:68:c8:0a:a9:95:4c:92:91:eb:52:c4:6b:29:8d:0b:0d:da:
d5:ea:41:52:b6:29:c8:86:0e:e5:60:9d:2e:ca:58:1f:fb:90:
01:79:26:82:6a:26:3f:7a:37:70:12:f0:9d:e9:3b:1b:51:1d:
e6:97:c9:e4:be:7d:da:86:5a:9c:c2:80:f3:94:fd:67:80:90:
31:48:0f:86:e3:1b:e0:3f:7d:dd:c0:88:73:f1:55:52:09:71:
b2:9e:e0:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYivt+cvzoC3IGkt3SjZp6Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEyMTMwNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzVlZGMxMjRiMzgyZmFiYzc5OWYzZDI4Zjk0YTg3YmUzYmIyZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZpHOJjWjntqu4WTvW4LxSXGhl90
41ZkXP8oufZ1vVi/4DYaJiTUeDubGOzvAnNpl9PKD8q05pXAo0PbTF8F5y8hLyci
ZBZOBv/BEK2iECJrnPgfUzOXws+M1VcW0WAs6603D/Liqaq6vqighmImienJzK8J
DO8WjIzSqSrSKS5fMxUdZ4kukJ2blleqHLkavl/ahJH6pWfAr52JI9+IwHXaWCNr
gIMCMsACxLuKC+7cp3vOnxYElNUGqisAXLUu7wxrBe8Ki5T+9ZnXtVZnuq6df70C
HTXNZ2w39+4q5Au6yp8acagqznlA+/zOQBBB7qZXPzCfrBClPZoY4HWN3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOxe3BJLOC+rx5nz0o+UqHvjuy/sMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0Y3Y0VrczRMNnZIbWZQU2o1U29lLU83TC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwHy3AwQA
wlcsAwQAwld5AwQAwlelAwQAwlerAwQAw4VSMA0GCSqGSIb3DQEBCwUAA4IBAQAE
JODzPU/tVkPXEAjeTBI7nxc2Sr/77ZfAX9V4IrcZijRv31MxKqCkaU0boDvAKZy0
Hb7AOyG8EjzmTUGnG9/nrw1vsLB2nomiGj8bLdx/64LothjNn4RMhSSuXb+islkB
Jex4bS0IFg14iBROOmlfpgUt/KugeEQEtCZWUdIMosxa/+Fff/OfRqhIliXVhzGt
eCtRgkiI0p4u1iYzs/BZtz4WaMgKqZVMkpHrUsRrKY0LDdrV6kFStinIhg7lYJ0u
ylgf+5ABeSaCaiY/ejdwEvCd6TsbUR3ml8nkvn3ahlqcwoDzlP1ngJAxSA+G4xvg
P33dwIhz8VVSCXGynuBG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org