Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8diak7kAYTXP6fwJ54CNZ2keN2w.roa
File: 8diak7kAYTXP6fwJ54CNZ2keN2w.roa (raw, json)
Hash identifier: A4JLCNJHtH8mwf3NdTGcvCBiotWSaCcmdW9jBukxqps=
Subject key identifier: F1:D8:9A:93:B9:00:61:35:CF:E9:FC:09:E7:80:8D:67:69:1E:37:6C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018894A17766602C7AB4262FADC09979A251
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8diak7kAYTXP6fwJ54CNZ2keN2w.roa
Signing time: Wed 07 Jun 2023 06:53:09 +0000
ROA not before: Wed 07 Jun 2023 06:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:a1:77:66:60:2c:7a:b4:26:2f:ad:c0:99:79:a2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 7 06:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1d89a93b9006135cfe9fc09e7808d67691e376c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:60:2e:1e:83:2f:24:db:f0:7b:86:2a:ef:e0:
97:f4:0a:20:e9:e1:d2:36:86:b8:12:86:e3:71:ae:
7c:fc:06:c2:d6:dc:73:3c:a0:c3:89:27:e2:d2:6e:
b0:25:78:9e:f4:50:1e:16:87:2a:e4:61:71:09:4b:
31:85:c5:ec:3c:6d:8c:70:54:9e:1d:2b:28:af:11:
05:48:42:ba:4a:f3:08:3e:ee:46:5a:f5:53:6d:c8:
14:91:55:db:b9:78:c8:48:a2:58:8a:b4:fa:c5:bf:
70:bb:78:ed:6e:12:3d:59:12:8a:4d:28:f6:8d:5f:
e9:81:74:03:a2:9f:2a:88:41:90:af:ed:04:bd:fe:
25:35:cf:d0:e0:bc:3d:3f:2f:81:77:f0:da:75:06:
fb:3a:78:e3:ae:8d:14:45:81:89:cd:65:1f:74:05:
fe:36:fd:eb:52:e5:d1:13:03:9f:1c:8f:89:7b:ec:
ee:bb:e8:0e:80:61:f9:e3:d5:c7:80:2b:c2:e1:2c:
b9:1f:7e:59:2e:a8:2a:63:5a:8b:4c:f8:d9:eb:5d:
fc:d6:d6:31:96:27:89:6b:8e:61:40:ac:82:cb:e8:
70:6e:39:5d:8c:0c:4f:93:3f:41:23:74:75:fb:3b:
12:da:cf:d2:c8:bb:1a:db:fd:1f:0c:a3:ab:ed:d4:
cb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D8:9A:93:B9:00:61:35:CF:E9:FC:09:E7:80:8D:67:69:1E:37:6C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8diak7kAYTXP6fwJ54CNZ2keN2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.87.34.0/24
194.87.42.0/24
194.87.86.0/24
194.87.91.0/24
194.87.104.0/24
194.87.188.0/24
195.58.56.0/24
195.58.59.0/24
195.58.61.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:98:cb:50:99:eb:df:27:88:a3:43:3a:86:cd:b0:c1:b7:99:
2c:32:fe:0f:96:74:e7:6f:54:0b:bc:8b:38:5d:c3:2e:e4:54:
b3:b4:a0:2d:f7:c0:14:28:3b:54:da:36:a4:ed:12:52:85:96:
db:1e:7e:54:f1:74:a4:a4:00:27:76:c2:d9:29:67:77:71:ea:
01:e5:6e:6c:d6:c9:9f:ae:ac:67:d9:e5:57:f8:df:81:26:39:
4a:61:ce:c2:ce:92:8b:7a:78:35:84:56:21:3c:0a:17:1d:2c:
ed:1e:51:f2:40:0e:96:d1:6d:04:37:99:d3:a8:5a:1e:53:c0:
a2:7a:b9:b5:ba:85:15:5b:fc:2f:bd:25:c4:30:65:a9:d6:9a:
35:14:1b:d5:20:a8:ac:5f:49:73:41:27:0c:ee:ec:c9:31:9c:
ba:9c:60:02:54:29:99:05:ac:e4:d4:ab:ad:f1:d0:40:ec:f5:
4b:be:2c:72:12:fa:80:18:a3:14:94:49:74:cf:ed:e7:aa:69:
39:85:8c:ed:b0:10:21:9a:48:0c:ee:84:b3:8d:74:47:b8:1a:
08:cf:c9:ae:cd:8e:e6:b9:86:cb:2b:78:dc:bc:96:c5:2e:72:
be:aa:c0:a5:5a:9c:39:b3:e7:ac:e1:11:f2:7a:60:62:ff:96:
29:d9:72:aa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYiUoXdmYCx6tCYvrcCZeaJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA3MDY1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ4OWE5M2I5MDA2MTM1Y2ZlOWZjMDllNzgwOGQ2NzY5MWUzNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2AuHoMvJNvwe4Yq7+CX9Aog6eHS
Noa4Eobjca58/AbC1txzPKDDiSfi0m6wJXie9FAeFocq5GFxCUsxhcXsPG2McFSe
HSsorxEFSEK6SvMIPu5GWvVTbcgUkVXbuXjISKJYirT6xb9wu3jtbhI9WRKKTSj2
jV/pgXQDop8qiEGQr+0Evf4lNc/Q4Lw9Py+Bd/DadQb7Onjjro0URYGJzWUfdAX+
Nv3rUuXREwOfHI+Je+zuu+gOgGH549XHgCvC4Sy5H35ZLqgqY1qLTPjZ61381tYx
lieJa45hQKyCy+hwbjldjAxPkz9BI3R1+zsS2s/SyLsa2/0fDKOr7dTL0wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPHYmpO5AGE1z+n8CeeAjWdpHjdsMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOGRpYWs3a0FZVFhQNmZ3SjU0Q05aMmtlTjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAPkziAwQA
wlciAwQAwlcqAwQAwldWAwQAwldbAwQAwldoAwQAwle8AwQAwzo4AwQAwzo7AwQA
wzo9AwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQAqmMtQmevfJ4ijQzqGzbDBt5ks
Mv4PlnTnb1QLvIs4XcMu5FSztKAt98AUKDtU2jak7RJShZbbHn5U8XSkpAAndsLZ
KWd3ceoB5W5s1smfrqxn2eVX+N+BJjlKYc7CzpKLeng1hFYhPAoXHSztHlHyQA6W
0W0EN5nTqFoeU8Cierm1uoUVW/wvvSXEMGWp1po1FBvVIKisX0lzQScM7uzJMZy6
nGACVCmZBazk1Kut8dBA7PVLvixyEvqAGKMUlEl0z+3nqmk5hYztsBAhmkgM7oSz
jXRHuBoIz8muzY7muYbLK3jcvJbFLnK+qsClWpw5s+es4RHyemBi/5Yp2XKq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org