Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8JcXXx0fvonttLFADVPXfVBBW-4.roa
File: 8JcXXx0fvonttLFADVPXfVBBW-4.roa (raw, json)
Hash identifier: 2on4wVK8R7n3qWWfBr7mYnW6N/sqdaaoonxpJI+kp4c=
Subject key identifier: F0:97:17:5F:1D:1F:BE:89:ED:B4:B1:40:0D:53:D7:7D:50:41:5B:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C32F6744E4D12DD0FB33374918D942B17
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8JcXXx0fvonttLFADVPXfVBBW-4.roa
Signing time: Mon 04 Dec 2023 03:54:21 +0000
ROA not before: Mon 04 Dec 2023 03:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 18:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:32:f6:74:4e:4d:12:dd:0f:b3:33:74:91:8d:94:2b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 4 03:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f097175f1d1fbe89edb4b1400d53d77d50415bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e2:1e:a3:de:28:96:7b:6d:fe:6d:72:54:6f:
c3:fd:3c:2f:28:1c:bd:a6:b5:64:88:8a:83:dd:d0:
11:a8:bc:7b:1c:bf:06:f1:ef:cc:cb:b5:8d:c2:68:
43:45:1e:66:1e:01:b7:b5:e6:36:f6:ee:f4:36:c1:
93:94:cc:de:af:fd:7f:82:7f:f0:34:31:d3:fb:6e:
39:7b:84:db:27:1b:af:d0:36:9c:56:ed:ab:f9:b0:
b1:55:61:7a:1f:09:e7:28:e9:c0:79:4c:2c:4b:ab:
de:7f:d6:8a:3c:38:fb:82:cd:cf:19:92:eb:7f:e6:
b4:7c:e2:79:8a:24:82:a8:c4:51:bb:0b:b7:ab:06:
7f:cf:67:01:9a:76:bd:5e:db:9e:43:e8:b4:48:8f:
8c:06:09:41:29:9f:6e:02:56:1b:3e:70:a5:b8:c0:
2a:a0:b9:9d:aa:32:29:99:a6:1e:90:a4:48:b7:37:
ea:85:1d:17:6d:5e:a9:9d:d8:05:31:c8:93:c1:ed:
a4:a7:ea:76:14:e0:62:f8:05:68:56:d5:3a:d9:73:
ec:ec:86:75:a4:59:9a:73:77:56:3b:59:02:f3:02:
25:6d:d4:bf:b2:9d:8e:14:13:30:6d:56:4c:98:4f:
7d:9b:db:23:ac:22:dd:09:f8:3d:6f:e0:c8:4f:ae:
65:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:97:17:5F:1D:1F:BE:89:ED:B4:B1:40:0D:53:D7:7D:50:41:5B:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8JcXXx0fvonttLFADVPXfVBBW-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
195.133.81.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:d9:05:61:0a:36:3d:39:76:20:db:75:e0:0c:44:61:86:e9:
49:77:c9:1e:30:63:3e:58:af:a1:3b:fb:d8:14:2f:c7:58:91:
93:1f:82:cb:47:85:7a:b4:68:a2:d1:74:0b:5c:b1:fc:7e:fe:
89:65:77:00:07:4b:cd:65:df:76:45:07:e0:d0:86:7e:6f:34:
bf:9d:e5:c9:fe:2c:b7:1d:3a:3a:1a:ce:01:f1:58:7d:7c:01:
77:37:bb:7e:47:48:15:4b:68:7f:1c:18:3b:ce:ed:d2:9c:93:
2a:f4:14:40:a8:c6:55:77:86:53:77:e4:24:4d:51:34:cb:b8:
d8:16:f1:ec:75:24:a7:0c:84:16:e3:9e:0c:04:38:37:43:d4:
0a:c9:68:a8:08:b1:a8:39:15:34:ce:47:50:6f:68:97:49:17:
ca:84:37:f2:94:6e:6f:14:7e:2b:f9:cd:fa:70:bb:dd:2c:bc:
1b:dd:2f:55:a4:91:33:cc:36:c1:2c:41:de:f5:61:fb:a1:2b:
56:31:12:c0:4c:4b:77:8a:2f:e0:53:96:2e:34:8c:8c:37:80:
15:53:37:0c:4f:aa:0c:d5:a5:58:40:8c:5d:b9:94:43:a2:c3:
9c:dc:fb:32:db:15:c1:65:7e:75:ef:2d:2b:dc:f7:d8:96:db:
65:4c:22:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwy9nROTRLdD7MzdJGNlCsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA0MDM1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDk3MTc1ZjFkMWZiZTg5ZWRiNGIxNDAwZDUzZDc3ZDUwNDE1YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Ieo94olntt/m1yVG/D/TwvKBy9
prVkiIqD3dARqLx7HL8G8e/My7WNwmhDRR5mHgG3teY29u70NsGTlMzer/1/gn/w
NDHT+245e4TbJxuv0DacVu2r+bCxVWF6HwnnKOnAeUwsS6vef9aKPDj7gs3PGZLr
f+a0fOJ5iiSCqMRRuwu3qwZ/z2cBmna9XtueQ+i0SI+MBglBKZ9uAlYbPnCluMAq
oLmdqjIpmaYekKRItzfqhR0XbV6pndgFMciTwe2kp+p2FOBi+AVoVtU62XPs7IZ1
pFmac3dWO1kC8wIlbdS/sp2OFBMwbVZMmE99m9sjrCLdCfg9b+DIT65l8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPCXF18dH76J7bSxQA1T131QQVvuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOEpjWFh4MGZ2b250dExGQURWUFhmVkJCVy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzKAwQA
w4VRAwQA1MENMA0GCSqGSIb3DQEBCwUAA4IBAQA92QVhCjY9OXYg23XgDERhhulJ
d8keMGM+WK+hO/vYFC/HWJGTH4LLR4V6tGii0XQLXLH8fv6JZXcAB0vNZd92RQfg
0IZ+bzS/neXJ/iy3HTo6Gs4B8Vh9fAF3N7t+R0gVS2h/HBg7zu3SnJMq9BRAqMZV
d4ZTd+QkTVE0y7jYFvHsdSSnDIQW454MBDg3Q9QKyWioCLGoORU0zkdQb2iXSRfK
hDfylG5vFH4r+c36cLvdLLwb3S9VpJEzzDbBLEHe9WH7oStWMRLATEt3ii/gU5Yu
NIyMN4AVUzcMT6oM1aVYQIxduZRDosOc3Psy2xXBZX517y0r3PfYlttlTCIB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org