Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Gon0pdDI91UPBZAW5T_u0NKaGA.roa
File: 7Gon0pdDI91UPBZAW5T_u0NKaGA.roa (raw, json)
Hash identifier: 4ecHih5HKUdQCgCr86P8EN2QnumdV1gnR1FaGOJuQX0=
Subject key identifier: EC:6A:27:D2:97:43:23:DD:54:3C:16:40:5B:94:FF:BB:43:4A:68:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188815F62EF7AC4536A07F68AB5D844B3AD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Gon0pdDI91UPBZAW5T_u0NKaGA.roa
Signing time: Sat 03 Jun 2023 13:08:12 +0000
ROA not before: Sat 03 Jun 2023 13:08:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:5f:62:ef:7a:c4:53:6a:07:f6:8a:b5:d8:44:b3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 3 13:08:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec6a27d2974323dd543c16405b94ffbb434a6860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5e:d7:d7:a3:fd:e5:7d:3f:63:c7:c3:a6:a6:
0f:ad:59:e2:af:2b:d9:67:39:7d:09:76:40:89:a0:
70:fd:3f:5a:d9:e6:9e:a8:d6:7a:28:94:45:04:4c:
27:5c:d0:5f:82:4e:89:de:07:56:ea:d8:2f:1e:27:
17:a3:ea:33:be:63:75:19:6a:64:c0:78:cd:60:d5:
c5:0e:19:3d:83:d9:d9:d1:57:51:3c:85:4d:7c:78:
ec:c9:07:f8:2d:52:c8:51:78:31:1b:0e:9b:0e:62:
e8:db:2a:5e:56:4d:44:66:c5:4e:e9:f2:6f:1b:2f:
a2:a0:06:7e:59:c0:72:a4:48:c1:11:ee:8b:f7:12:
f0:cd:5a:31:01:31:1f:ce:eb:03:d5:e5:df:7f:0d:
5a:9d:2d:d1:80:b5:4c:59:10:d8:b7:c6:04:2b:e6:
78:0c:88:c6:1f:6c:c2:55:82:23:14:19:40:97:43:
7e:93:66:9b:94:a1:30:5a:76:79:6f:49:eb:eb:c6:
37:fa:79:1c:d8:3f:b6:f4:4e:8c:04:c9:22:c7:74:
97:80:04:14:81:1d:00:32:71:70:18:07:be:f2:59:
f6:69:50:a4:47:cb:ee:4f:9e:46:df:c0:a4:82:b6:
5f:7a:6a:a1:6b:72:03:d0:5c:39:53:ac:ec:81:24:
93:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6A:27:D2:97:43:23:DD:54:3C:16:40:5B:94:FF:BB:43:4A:68:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Gon0pdDI91UPBZAW5T_u0NKaGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.47.0/24
194.58.46.0/24
194.87.30.0/24
194.87.42.0/24
194.87.161.0/24
194.87.163.0/24
194.87.205.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
67:fa:c9:50:81:4c:fa:99:32:87:42:85:ef:83:77:7f:f9:5e:
5d:6c:7f:95:36:a2:f9:b0:83:2c:59:ec:2b:86:e4:aa:8c:52:
2c:fc:f5:c6:92:6f:9b:cf:dc:3d:35:83:0c:e5:58:1b:d1:8c:
27:84:57:aa:92:5a:7c:46:fc:d8:0c:b4:bb:40:52:fc:4e:9a:
26:ca:81:19:95:5a:ef:cb:70:d3:f6:d6:75:e2:2f:38:f6:e1:
53:dc:5a:8f:67:bb:3d:d9:c1:82:7a:bf:cc:df:8d:2f:c3:48:
b5:ff:7b:5e:e7:b7:0c:9e:94:25:3b:fc:e5:3c:09:b5:47:d9:
dd:34:6b:21:94:2d:7e:9b:43:79:91:dd:51:88:e4:23:4b:fb:
a3:b1:0d:56:ad:6b:a4:15:40:53:24:0f:a3:6a:fc:fb:2a:6a:
fc:41:2e:5c:0d:13:52:ec:70:2d:5a:65:d0:de:80:b8:58:47:
7d:56:df:87:7a:6c:45:ec:81:eb:e4:90:cc:11:fc:25:81:54:
98:a7:a8:e2:a5:75:a1:b0:65:c6:4c:28:66:f7:d0:d2:2f:f8:
58:53:03:e7:81:75:ff:39:f4:39:9a:c5:f4:53:53:64:61:7b:
17:5c:84:df:9c:52:b4:df:0e:de:a4:d7:27:df:2c:03:a5:bb:
08:18:0e:02
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYiBX2LvesRTagf2irXYRLOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAzMTMwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzZhMjdkMjk3NDMyM2RkNTQzYzE2NDA1Yjk0ZmZiYjQzNGE2ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V7X16P95X0/Y8fDpqYPrVniryvZ
Zzl9CXZAiaBw/T9a2eaeqNZ6KJRFBEwnXNBfgk6J3gdW6tgvHicXo+ozvmN1GWpk
wHjNYNXFDhk9g9nZ0VdRPIVNfHjsyQf4LVLIUXgxGw6bDmLo2ypeVk1EZsVO6fJv
Gy+ioAZ+WcBypEjBEe6L9xLwzVoxATEfzusD1eXffw1anS3RgLVMWRDYt8YEK+Z4
DIjGH2zCVYIjFBlAl0N+k2ablKEwWnZ5b0nr68Y3+nkc2D+29E6MBMkix3SXgAQU
gR0AMnFwGAe+8ln2aVCkR8vuT55G38CkgrZfemqha3ID0Fw5U6zsgSSTLQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOxqJ9KXQyPdVDwWQFuU/7tDSmhgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0dvbjBwZERJOTFVUEJaQVc1VF91ME5LYUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwSAwQA
wXwvAwQAwjouAwQAwlceAwQAwlcqAwQAwlehAwQAwlejAwQAwlfNAwQAwlfPMA0G
CSqGSIb3DQEBCwUAA4IBAQBn+slQgUz6mTKHQoXvg3d/+V5dbH+VNqL5sIMsWewr
huSqjFIs/PXGkm+bz9w9NYMM5Vgb0YwnhFeqklp8RvzYDLS7QFL8TpomyoEZlVrv
y3DT9tZ14i849uFT3FqPZ7s92cGCer/M340vw0i1/3te57cMnpQlO/zlPAm1R9nd
NGshlC1+m0N5kd1RiOQjS/ujsQ1WrWukFUBTJA+javz7Kmr8QS5cDRNS7HAtWmXQ
3oC4WEd9Vt+HemxF7IHr5JDMEfwlgVSYp6jipXWhsGXGTChm99DSL/hYUwPngXX/
OfQ5msX0U1NkYXsXXITfnFK03w7epNcn3ywDpbsIGA4C
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org