Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7KunZ5zJQ4Y60ctSnZj_KTCLi3M.roa
File: 7KunZ5zJQ4Y60ctSnZj_KTCLi3M.roa (raw, json)
Hash identifier: KHzaetmTpQ3fMvHEGo4+JaURWJjtbH9YwCtsKklxLmE=
Subject key identifier: EC:AB:A7:67:9C:C9:43:86:3A:D1:CB:52:9D:98:FF:29:30:8B:8B:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F670DC78A60584D4EEF3579823E06C6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7KunZ5zJQ4Y60ctSnZj_KTCLi3M.roa
Signing time: Sun 01 Jan 2023 22:15:02 +0000
ROA not before: Sun 01 Jan 2023 22:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210352
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:0d:c7:8a:60:58:4d:4e:ef:35:79:82:3e:06:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecaba7679cc943863ad1cb529d98ff29308b8b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:29:01:00:e7:4d:4f:a3:70:d5:dc:47:14:9b:
35:d9:e5:79:3b:fa:1f:2d:c6:0a:9b:c5:ae:f9:4c:
2c:68:ea:29:3b:35:47:f7:89:73:0a:fa:c7:bb:87:
b6:d6:25:87:c6:a8:cc:9e:08:14:15:32:90:ef:76:
e4:d4:c6:85:17:c4:7e:0c:32:d7:0a:04:46:0c:ee:
57:09:57:ef:45:ab:3c:1c:21:06:8c:9a:7b:34:cd:
e1:e3:9e:0b:a5:1c:23:7d:74:98:22:97:97:97:41:
71:13:21:3e:e5:a4:df:d5:fd:3a:28:60:01:1e:64:
db:6e:11:19:c4:29:f6:39:86:5a:8b:8b:36:9c:d6:
60:98:9f:bb:5e:36:88:53:1d:79:bd:02:54:77:cf:
c8:f0:f7:a8:1b:ba:e2:28:38:d0:f8:d4:57:8c:87:
cf:f5:58:c4:ec:54:db:4c:0a:c2:c1:e6:db:6d:0b:
b6:55:6b:f1:94:c1:d4:3a:91:b3:b9:3c:b2:29:7c:
c2:07:05:9c:2e:48:db:33:4d:4d:bd:89:b4:7d:ab:
dc:36:fa:21:a3:1d:1a:8f:a7:43:7a:2a:70:fa:ea:
b2:3f:0b:30:77:98:da:8f:9d:dc:c9:e4:0f:cf:50:
50:19:80:d1:1f:76:ae:a8:48:8b:72:c6:23:9a:34:
cf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AB:A7:67:9C:C9:43:86:3A:D1:CB:52:9D:98:FF:29:30:8B:8B:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7KunZ5zJQ4Y60ctSnZj_KTCLi3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:52:c5:eb:b0:e0:1d:e6:f9:e0:66:26:d8:08:92:2a:6b:6a:
7a:df:23:80:01:89:e9:4f:26:4b:4e:06:07:8c:dd:3f:94:1d:
ea:4c:74:53:5f:f0:85:07:e5:bd:c5:3a:66:2c:f7:1d:b0:43:
ea:0f:be:a8:3a:9d:86:85:29:42:46:af:6b:eb:76:dc:94:16:
eb:19:3c:19:da:e3:25:c8:84:a1:c6:6d:a7:d1:a0:2a:1a:61:
0e:15:3f:cd:49:dd:87:47:5a:c8:a8:56:da:96:94:5d:3f:3b:
f3:dc:f7:15:1d:2c:a3:48:cc:ab:1e:d6:14:3b:ac:11:15:71:
ec:4a:c8:64:15:32:8d:a2:45:ed:9a:9b:80:ca:ed:3e:27:6c:
be:70:95:e1:d2:7f:49:d4:4b:af:97:ac:bc:8b:ff:b7:7f:68:
60:b1:82:a9:9d:36:64:41:3a:67:f9:f2:7f:60:01:ff:e2:8e:
4d:08:7e:10:4b:44:7b:f8:20:98:2b:33:04:f3:9b:e7:c1:4d:
1d:6f:26:01:59:58:ff:b6:1b:bd:e2:bd:03:f0:c4:08:0d:72:
0a:f3:99:93:8b:5e:f5:89:02:05:5c:ee:cb:6c:5c:16:5d:85:
f4:73:da:62:33:38:82:67:7d:e5:0e:a6:17:88:01:7e:79:60:
1c:2d:a4:f2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvZw3HimBYTU7vNXmCPgbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FiYTc2NzljYzk0Mzg2M2FkMWNiNTI5ZDk4ZmYyOTMwOGI4YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkykBAOdNT6Nw1dxHFJs12eV5O/of
LcYKm8Wu+UwsaOopOzVH94lzCvrHu4e21iWHxqjMnggUFTKQ73bk1MaFF8R+DDLX
CgRGDO5XCVfvRas8HCEGjJp7NM3h454LpRwjfXSYIpeXl0FxEyE+5aTf1f06KGAB
HmTbbhEZxCn2OYZai4s2nNZgmJ+7XjaIUx15vQJUd8/I8PeoG7riKDjQ+NRXjIfP
9VjE7FTbTArCwebbbQu2VWvxlMHUOpGzuTyyKXzCBwWcLkjbM01NvYm0favcNvoh
ox0aj6dDeipw+uqyPwswd5jaj53cyeQPz1BQGYDRH3auqEiLcsYjmjTPTwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOyrp2ecyUOGOtHLUp2Y/ykwi4tzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0t1blo1ekpRNFk2MGN0U25aal9LVENMaTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQA1MAOMA0GCSqGSIb3DQEBCwUAA4IBAQBt
UsXrsOAd5vngZibYCJIqa2p63yOAAYnpTyZLTgYHjN0/lB3qTHRTX/CFB+W9xTpm
LPcdsEPqD76oOp2GhSlCRq9r63bclBbrGTwZ2uMlyIShxm2n0aAqGmEOFT/NSd2H
R1rIqFbalpRdPzvz3PcVHSyjSMyrHtYUO6wRFXHsSshkFTKNokXtmpuAyu0+J2y+
cJXh0n9J1Euvl6y8i/+3f2hgsYKpnTZkQTpn+fJ/YAH/4o5NCH4QS0R7+CCYKzME
85vnwU0dbyYBWVj/thu94r0D8MQIDXIK85mTi171iQIFXO7LbFwWXYX0c9piMziC
Z33lDqYXiAF+eWAcLaTy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org