Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9HM81vwCXp0RKIU-FJwi6135ir0.roa
File: 9HM81vwCXp0RKIU-FJwi6135ir0.roa (raw, json)
Hash identifier: pp2gLbpYbnyEWJBqwxvEdRYRV+ESY7nwX2Q8oAuAfkc=
Subject key identifier: F4:73:3C:D6:FC:02:5E:9D:11:28:85:3E:14:9C:22:EB:5D:F9:8A:BD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B23E77F6372EFF51568E4F6E607396E85
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9HM81vwCXp0RKIU-FJwi6135ir0.roa
Signing time: Thu 12 Oct 2023 12:40:55 +0000
ROA not before: Thu 12 Oct 2023 12:40:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:e7:7f:63:72:ef:f5:15:68:e4:f6:e6:07:39:6e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 12 12:40:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4733cd6fc025e9d1128853e149c22eb5df98abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6b:ed:ff:4f:aa:36:70:f2:08:ef:3b:f9:18:
b7:22:86:35:9d:f5:cc:3e:86:9e:df:3b:0a:0f:b6:
c4:a0:06:7b:99:aa:4d:e4:67:1a:a6:b4:37:14:cf:
64:b9:3b:06:42:8d:3a:33:de:91:d9:1f:c3:9e:56:
67:13:fe:e1:26:04:cc:09:cc:dd:f0:15:d8:bd:86:
54:03:ed:3b:90:75:94:e5:14:f6:da:e1:ed:e6:b5:
76:51:ad:d3:a7:f9:63:ce:fd:55:e3:1f:6c:83:46:
ee:69:e3:e8:64:7a:2c:8d:83:de:77:11:01:4e:17:
9c:81:a1:55:ea:e1:aa:35:46:dc:4c:47:54:1f:89:
a0:53:bd:3c:49:1e:86:19:24:ad:d1:fe:9f:e5:66:
cf:43:e8:88:b7:bb:f1:1d:f5:e5:a1:f0:f9:4b:37:
e2:a7:a0:a9:c9:80:79:76:c9:4a:75:e9:c5:17:dc:
2a:73:46:ac:03:df:cc:96:26:24:b5:6b:8a:ce:ba:
34:53:2b:e1:bc:0c:20:0e:b5:8c:6b:a2:d4:4c:9f:
10:5e:cb:44:f3:0c:c0:36:ef:17:60:61:71:3b:cd:
a7:cf:aa:af:75:c8:80:d4:59:b6:1c:6c:ca:ba:2b:
46:cc:65:3f:56:57:33:f3:80:eb:a6:55:20:4b:50:
07:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:73:3C:D6:FC:02:5E:9D:11:28:85:3E:14:9C:22:EB:5D:F9:8A:BD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9HM81vwCXp0RKIU-FJwi6135ir0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.143.0/24
212.192.215.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8c:08:53:88:2a:74:86:9d:cc:d3:09:37:c2:65:7a:ab:c3:
b7:0f:e6:77:92:7f:07:a6:c8:f6:10:be:0f:89:91:0c:ae:1c:
eb:8b:37:08:e9:d6:9e:08:94:44:2f:7d:b6:7e:fb:cd:f5:26:
b8:0a:b4:39:5e:5e:4d:33:b8:f0:02:f2:ab:6c:cd:8d:d7:17:
04:54:77:2e:ec:75:8c:77:a3:c3:b0:52:a0:9f:2e:23:2b:b6:
49:bf:39:53:05:80:15:34:7a:45:90:0f:a2:a4:6c:9a:f2:9d:
65:86:9c:b6:8b:47:e3:bb:bb:c1:92:7c:9c:04:72:4a:0c:4b:
93:69:8c:04:f9:1d:8b:02:87:97:b8:b2:fd:7a:2f:6f:cf:6d:
f6:6e:95:42:5d:36:89:30:ba:e7:17:9b:4f:81:94:9a:57:4d:
87:c0:b9:5e:35:07:1c:dd:89:f3:95:f2:11:5d:46:18:c2:53:
9d:b5:89:a0:3e:74:39:4c:96:8a:a1:a8:00:6b:50:72:24:96:
f1:21:45:d9:7b:26:c5:6f:64:f1:4f:d1:b7:6a:4d:8d:7b:2a:
70:72:c0:2f:e1:61:d9:84:97:71:38:8e:29:7b:15:e1:45:cb:
30:67:70:d6:f4:14:20:60:02:a8:54:48:f8:42:11:94:d7:04:
10:0d:c4:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsj539jcu/1FWjk9uYHOW6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEyMTI0MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDczM2NkNmZjMDI1ZTlkMTEyODg1M2UxNDljMjJlYjVkZjk4YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32vt/0+qNnDyCO87+Ri3IoY1nfXM
Poae3zsKD7bEoAZ7mapN5GcaprQ3FM9kuTsGQo06M96R2R/DnlZnE/7hJgTMCczd
8BXYvYZUA+07kHWU5RT22uHt5rV2Ua3Tp/ljzv1V4x9sg0buaePoZHosjYPedxEB
ThecgaFV6uGqNUbcTEdUH4mgU708SR6GGSSt0f6f5WbPQ+iIt7vxHfXlofD5Szfi
p6CpyYB5dslKdenFF9wqc0asA9/MliYktWuKzro0UyvhvAwgDrWMa6LUTJ8QXstE
8wzANu8XYGFxO82nz6qvdciA1Fm2HGzKuitGzGU/Vlcz84DrplUgS1AHUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPRzPNb8Al6dESiFPhScIutd+Yq9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOUhNODF2d0NYcDBSS0lVLUZKd2k2MTM1aXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlePAwQA
1MDXAwQA1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQBHjAhTiCp0hp3M0wk3wmV6q8O3
D+Z3kn8Hpsj2EL4PiZEMrhzrizcI6daeCJREL322fvvN9Sa4CrQ5Xl5NM7jwAvKr
bM2N1xcEVHcu7HWMd6PDsFKgny4jK7ZJvzlTBYAVNHpFkA+ipGya8p1lhpy2i0fj
u7vBknycBHJKDEuTaYwE+R2LAoeXuLL9ei9vz232bpVCXTaJMLrnF5tPgZSaV02H
wLleNQcc3YnzlfIRXUYYwlOdtYmgPnQ5TJaKoagAa1ByJJbxIUXZeybFb2TxT9G3
ak2NeypwcsAv4WHZhJdxOI4pexXhRcswZ3DW9BQgYAKoVEj4QhGU1wQQDcS2
-----END CERTIFICATE-----
Generated at Thu Oct 12 14:29:06 2023 by rpki-client on console-ams.rpki-client.org