Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9R7Oo7Km-8mK-YI0FpgBP10HVDI.roa
File: 9R7Oo7Km-8mK-YI0FpgBP10HVDI.roa (raw, json)
Hash identifier: 6YB9CTfFHN2QslhuKVPQzcMx8EUaFAVwSWlj+4UKB78=
Subject key identifier: F5:1E:CE:A3:B2:A6:FB:C9:8A:F9:82:34:16:98:01:3F:5D:07:54:32
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187572B84797F346E562B8525C6AADF8858
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9R7Oo7Km-8mK-YI0FpgBP10HVDI.roa
Signing time: Thu 06 Apr 2023 15:24:42 +0000
ROA not before: Thu 06 Apr 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:2b:84:79:7f:34:6e:56:2b:85:25:c6:aa:df:88:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f51ecea3b2a6fbc98af982341698013f5d075432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:48:2a:97:40:78:15:bf:47:58:1a:12:69:3b:
e6:df:9b:86:4d:b6:6d:88:85:eb:50:4d:ea:c8:07:
1c:79:a4:1c:35:ea:fe:48:59:44:c8:c5:29:10:0a:
f9:65:86:73:43:0a:34:be:f7:1a:b7:e1:9b:26:25:
57:e7:5e:85:f3:b7:44:a9:d3:38:94:83:a3:87:59:
1f:d5:3c:be:ba:03:d3:8c:52:ca:eb:7a:66:29:c5:
44:4c:d8:89:5d:25:89:ae:6b:e0:a7:b8:4d:b8:26:
90:17:06:66:24:97:9f:f2:8b:34:de:8d:ec:41:ff:
16:33:97:43:7b:2c:8a:4c:59:9e:7b:ab:24:0a:50:
1d:32:5e:eb:07:ef:49:c3:dc:ac:b4:06:e5:4f:eb:
dd:04:86:7c:67:82:e8:e3:7b:24:98:e4:51:65:3a:
14:4b:1f:03:2a:55:cc:8e:fb:17:77:89:64:2c:62:
7a:53:02:72:53:67:5b:e6:1b:78:da:fe:51:73:de:
81:ca:a7:f3:f5:ae:00:15:1d:81:c1:40:f8:29:c1:
1c:85:ae:20:44:13:95:25:bc:b4:11:7e:89:ef:29:
1b:27:44:88:11:b4:8a:d8:4c:91:5f:ab:28:da:fd:
ce:bf:d1:95:bc:2b:8c:8e:dc:0f:83:d1:b8:91:16:
1c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1E:CE:A3:B2:A6:FB:C9:8A:F9:82:34:16:98:01:3F:5D:07:54:32
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9R7Oo7Km-8mK-YI0FpgBP10HVDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.45.0/24
194.87.216.0/24
195.133.88.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a1:5d:6b:b9:41:94:dd:83:6f:84:c7:ab:d9:d4:b1:60:84:
1b:82:1f:a2:a1:db:60:2b:b9:e5:8c:e2:93:72:44:17:e7:2f:
0f:bf:f1:3b:72:ec:c8:5a:e6:77:d6:a4:9f:3c:16:10:0e:75:
54:1c:2a:60:ae:fd:86:85:e5:f2:3c:ef:9a:86:6b:aa:37:a0:
d0:03:b4:d7:36:64:92:28:02:b3:f2:ad:07:b8:d0:11:0c:e1:
23:87:7d:18:57:6e:94:79:ad:4b:e2:69:5a:48:c9:24:77:5c:
2a:30:cb:cb:de:29:44:dd:06:6a:63:f5:24:3e:bf:ec:40:af:
6a:4e:af:02:18:ff:dd:cf:10:c3:ef:88:4f:cf:9d:98:f9:e7:
92:ba:7b:ca:00:c0:17:e8:e4:ab:12:ab:2f:89:1e:78:84:7b:
71:21:24:18:b3:94:1f:26:b1:18:a0:f6:3b:0b:66:dd:15:f3:
ff:f2:52:75:9f:8f:12:4e:2a:d0:ba:00:c5:db:ed:79:11:01:
94:46:c6:d0:07:72:fb:1f:17:a4:48:9a:c3:07:c9:da:fe:44:
fe:80:1c:0b:9f:9c:39:2b:1d:b4:23:71:d0:78:c1:48:4e:29:
f2:35:2d:80:8b:ca:3d:7d:ae:57:08:49:43:e3:ab:7d:a0:34:
09:f1:cf:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdXK4R5fzRuViuFJcaq34hYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFlY2VhM2IyYTZmYmM5OGFmOTgyMzQxNjk4MDEzZjVkMDc1NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEgql0B4Fb9HWBoSaTvm35uGTbZt
iIXrUE3qyAcceaQcNer+SFlEyMUpEAr5ZYZzQwo0vvcat+GbJiVX516F87dEqdM4
lIOjh1kf1Ty+ugPTjFLK63pmKcVETNiJXSWJrmvgp7hNuCaQFwZmJJef8os03o3s
Qf8WM5dDeyyKTFmee6skClAdMl7rB+9Jw9ystAblT+vdBIZ8Z4Lo43skmORRZToU
Sx8DKlXMjvsXd4lkLGJ6UwJyU2db5ht42v5Rc96Byqfz9a4AFR2BwUD4KcEcha4g
RBOVJby0EX6J7ykbJ0SIEbSK2EyRX6so2v3Ov9GVvCuMjtwPg9G4kRYcvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPUezqOypvvJivmCNBaYAT9dB1QyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOVI3T283S20tOG1LLVlJMEZwZ0JQMTBIVkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlctAwQA
wlfYAwQAw4VYMA0GCSqGSIb3DQEBCwUAA4IBAQCFoV1ruUGU3YNvhMer2dSxYIQb
gh+iodtgK7nljOKTckQX5y8Pv/E7cuzIWuZ31qSfPBYQDnVUHCpgrv2GheXyPO+a
hmuqN6DQA7TXNmSSKAKz8q0HuNARDOEjh30YV26Uea1L4mlaSMkkd1wqMMvL3ilE
3QZqY/UkPr/sQK9qTq8CGP/dzxDD74hPz52Y+eeSunvKAMAX6OSrEqsviR54hHtx
ISQYs5QfJrEYoPY7C2bdFfP/8lJ1n48STirQugDF2+15EQGURsbQB3L7HxekSJrD
B8na/kT+gBwLn5w5Kx20I3HQeMFITinyNS2Ai8o9fa5XCElD46t9oDQJ8c+K
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:57 2023 by rpki-client on console-fra.rpki-client.org