Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7TgixSUe3Zd7zhbSONXdtf-rFGY.roa
File: 7TgixSUe3Zd7zhbSONXdtf-rFGY.roa (raw, json)
Hash identifier: +mhpjnjCnQRV6f9qx6V5+S32vS4RREp7/OimK1SfkOg=
Subject key identifier: ED:38:22:C5:25:1E:DD:97:7B:CE:16:D2:38:D5:DD:B5:FF:AB:14:66
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188868C28866B84EB997D7439FF5B1B4004
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7TgixSUe3Zd7zhbSONXdtf-rFGY.roa
Signing time: Sun 04 Jun 2023 13:15:12 +0000
ROA not before: Sun 04 Jun 2023 13:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 194.87.220.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:86:8c:28:86:6b:84:eb:99:7d:74:39:ff:5b:1b:40:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 4 13:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed3822c5251edd977bce16d238d5ddb5ffab1466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:01:90:94:f9:cd:43:e5:5e:ad:69:86:62:03:
6f:51:8a:2a:e4:04:09:6e:21:d7:21:58:77:1e:92:
9b:e4:9a:4d:57:09:10:48:45:41:9e:c1:fa:75:c7:
3c:10:26:ef:5e:c6:b1:da:4e:c9:4f:b0:5b:24:8c:
dd:a7:f4:f8:1e:71:dc:a0:ae:76:0a:05:65:03:fb:
7d:ce:01:31:85:f6:88:a0:8f:24:b2:4c:06:2f:9d:
3e:de:58:42:8a:44:a1:b7:f3:5c:94:77:40:7d:48:
a4:8c:85:97:3f:fb:2e:c5:c2:f8:37:19:8a:f0:bf:
cd:59:47:70:1f:31:cd:3a:80:b3:6f:ee:12:80:e1:
ad:b1:88:2a:40:c5:68:30:5a:2c:96:1b:05:f6:99:
12:f3:12:88:5b:ad:3f:63:e7:36:fd:dd:76:27:f0:
ab:a0:51:dc:2e:a3:0f:8a:ab:39:29:ae:a2:56:a5:
ee:75:34:20:c1:3f:77:20:26:7f:f1:bd:4b:46:6f:
03:65:64:7c:0c:9c:cd:1d:0e:a4:14:d4:13:8c:c5:
c5:57:a5:62:e4:eb:3c:a6:4c:10:1d:09:db:7a:86:
51:01:ce:ec:01:0f:1c:0d:5f:38:d4:82:bd:af:ab:
61:58:8b:f2:e4:f0:2d:bb:bb:d0:87:0d:cc:4a:ae:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:38:22:C5:25:1E:DD:97:7B:CE:16:D2:38:D5:DD:B5:FF:AB:14:66
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7TgixSUe3Zd7zhbSONXdtf-rFGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
194.58.58.0/24
194.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:9d:63:c4:73:9c:4b:c4:50:f5:bc:22:84:30:88:46:ad:f9:
29:68:e7:c9:9a:85:e9:27:2c:d8:2d:e9:67:16:6e:45:7d:c1:
1b:9a:fe:08:42:c8:b0:24:ae:13:5f:bd:c7:62:60:28:23:38:
01:bd:ce:e4:8c:07:25:1a:f7:7e:77:e0:ca:79:ef:a8:ff:c8:
ea:8b:f4:af:e4:a9:ed:97:68:af:15:0b:2c:5b:90:f3:03:15:
48:76:c9:48:60:55:f4:1c:14:65:0d:04:7b:8d:49:fe:3a:e5:
0e:cc:e2:d6:86:bf:b0:98:af:11:3f:6c:d0:32:66:f3:21:6b:
0f:bc:da:8c:66:16:e6:b0:27:52:0a:4a:24:b7:38:ae:16:12:
8d:22:9d:21:08:fd:da:a6:39:20:5c:78:e1:2e:7d:24:26:81:
0a:e2:ba:d6:0c:cc:71:59:cf:ad:73:ec:2c:8e:dd:66:37:5e:
7c:07:d7:30:a5:e3:8c:81:52:90:23:5a:8c:16:67:b9:44:dc:
ab:54:2d:5c:32:f7:7f:14:b0:98:e4:4c:d1:18:dd:7a:31:75:
3c:74:39:6d:20:d0:cc:02:8f:a8:c7:e7:ed:83:c4:3d:94:5b:
a8:6a:e1:cb:c1:c1:67:98:b4:de:9b:83:d1:f9:d2:22:29:98:
12:89:03:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiGjCiGa4TrmX10Of9bG0AEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA0MTMxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM4MjJjNTI1MWVkZDk3N2JjZTE2ZDIzOGQ1ZGRiNWZmYWIxNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgGQlPnNQ+VerWmGYgNvUYoq5AQJ
biHXIVh3HpKb5JpNVwkQSEVBnsH6dcc8ECbvXsax2k7JT7BbJIzdp/T4HnHcoK52
CgVlA/t9zgExhfaIoI8kskwGL50+3lhCikSht/NclHdAfUikjIWXP/suxcL4NxmK
8L/NWUdwHzHNOoCzb+4SgOGtsYgqQMVoMFoslhsF9pkS8xKIW60/Y+c2/d12J/Cr
oFHcLqMPiqs5Ka6iVqXudTQgwT93ICZ/8b1LRm8DZWR8DJzNHQ6kFNQTjMXFV6Vi
5Os8pkwQHQnbeoZRAc7sAQ8cDV841IK9r6thWIvy5PAtu7vQhw3MSq6eWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO04IsUlHt2Xe84W0jjV3bX/qxRmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN1RnaXhTVWUzWmQ3emhiU09OWGR0Zi1yRkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwtAwQA
wjo6AwQAwlfcMA0GCSqGSIb3DQEBCwUAA4IBAQAKnWPEc5xLxFD1vCKEMIhGrfkp
aOfJmoXpJyzYLelnFm5FfcEbmv4IQsiwJK4TX73HYmAoIzgBvc7kjAclGvd+d+DK
ee+o/8jqi/Sv5Kntl2ivFQssW5DzAxVIdslIYFX0HBRlDQR7jUn+OuUOzOLWhr+w
mK8RP2zQMmbzIWsPvNqMZhbmsCdSCkoktziuFhKNIp0hCP3apjkgXHjhLn0kJoEK
4rrWDMxxWc+tc+wsjt1mN158B9cwpeOMgVKQI1qMFme5RNyrVC1cMvd/FLCY5EzR
GN16MXU8dDltINDMAo+ox+ftg8Q9lFuoauHLwcFnmLTem4PR+dIiKZgSiQM/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org