Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9UKUokQ1apYUr2cn9Hdyh3dOVOA.roa
File: 9UKUokQ1apYUr2cn9Hdyh3dOVOA.roa (raw, json)
Hash identifier: 0LYNiy3mzdwdUeIOhUH8LeVjyOYmVFkKe9zlxdA0BJE=
Subject key identifier: F5:42:94:A2:44:35:6A:96:14:AF:67:27:F4:77:72:87:77:4E:54:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186348C7FE015EB4BE45629CF5814FF629C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9UKUokQ1apYUr2cn9Hdyh3dOVOA.roa
Signing time: Thu 09 Feb 2023 05:01:08 +0000
ROA not before: Thu 09 Feb 2023 05:01:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 195.133.84.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:8c:7f:e0:15:eb:4b:e4:56:29:cf:58:14:ff:62:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 9 05:01:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f54294a244356a9614af6727f4777287774e54e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:dc:9b:15:24:b7:7a:94:d8:13:20:0e:4c:b9:
90:38:9b:81:8a:29:32:06:26:9d:70:40:4b:66:d5:
1e:5e:52:58:b9:c6:cc:e4:6f:b2:8c:79:59:60:80:
c6:f7:ec:07:c8:ec:f0:c5:44:db:b2:cd:b2:f9:2d:
63:7a:99:8f:8c:9c:f0:59:e0:d2:23:d8:bc:90:ee:
88:ac:d1:db:9b:0d:78:f0:35:d5:1d:9b:0a:9d:f5:
f7:17:87:55:0f:8f:0a:3a:bf:65:cd:3d:1a:92:be:
0b:3e:a3:4c:7b:05:71:f2:ed:a4:8b:5b:0b:e3:bd:
75:be:68:96:99:f9:c9:7b:09:18:89:26:f2:3d:6c:
10:e8:fe:3d:27:2c:e0:4e:fa:21:63:69:f2:83:b9:
eb:dd:ca:cc:c2:51:25:40:a0:bd:b3:8f:5e:92:a0:
7f:8c:1a:15:d9:17:b0:fc:06:12:99:ec:90:99:8e:
04:f1:0a:ff:5f:0e:41:c5:e0:98:94:02:b5:7d:27:
be:56:7a:b1:72:c3:3c:f8:a7:42:3a:0c:55:1c:cc:
f9:4e:01:1b:df:63:59:5b:e8:74:e3:06:99:85:fa:
45:ef:d0:86:98:71:0c:1e:f1:93:15:58:6b:5e:b6:
ec:e8:12:c1:21:cc:44:bf:d2:55:4a:57:d7:e9:3e:
d8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:42:94:A2:44:35:6A:96:14:AF:67:27:F4:77:72:87:77:4E:54:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9UKUokQ1apYUr2cn9Hdyh3dOVOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
193.124.94.0/24
194.58.58.0/24
194.58.67.0/24
194.87.220.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:7b:ed:70:76:6c:ae:bd:f9:f9:a5:a5:f3:b9:95:24:8a:ef:
3d:e9:76:9f:e2:2d:7e:5a:b7:eb:c8:1f:1c:98:c0:1d:f3:67:
d8:5b:c7:75:3c:27:1f:d5:96:2f:a1:a4:e1:c7:4c:f0:e3:cb:
34:d6:ba:9d:ed:4a:98:2f:e8:6d:74:24:ca:c9:2b:f6:e9:7e:
b0:4d:d8:fc:6f:3c:46:fe:af:b7:8b:0c:7d:2b:a6:25:73:c4:
0d:13:02:0f:a3:28:0a:2c:7d:39:83:9c:58:ba:67:98:09:e3:
ba:1d:06:82:7f:03:61:01:06:bd:9c:eb:2a:7b:57:b2:cd:32:
f2:ba:9e:a9:a7:d8:d4:34:c8:24:92:0e:65:50:9c:04:32:d3:
e9:91:94:d4:7a:43:20:fa:b5:89:3e:0d:09:d5:c7:d8:28:04:
c4:29:5a:05:41:e6:5d:39:7b:1a:0d:e6:19:e1:48:2a:da:1a:
d1:cf:26:a8:67:d3:00:70:51:03:65:e8:03:56:76:6e:e1:33:
5a:26:59:42:40:96:74:e0:98:5d:7d:52:70:69:aa:97:52:c7:
83:ab:be:1c:1f:b8:c3:e2:a0:ef:3e:dd:25:ba:74:a4:da:7f:
4f:50:df:68:8f:ba:26:d0:15:1a:ba:a6:ba:1f:bc:2f:52:ad:
83:1a:d1:9d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYY0jH/gFetL5FYpz1gU/2KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA5MDUwMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQyOTRhMjQ0MzU2YTk2MTRhZjY3MjdmNDc3NzI4Nzc3NGU1NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNybFSS3epTYEyAOTLmQOJuBiiky
BiadcEBLZtUeXlJYucbM5G+yjHlZYIDG9+wHyOzwxUTbss2y+S1jepmPjJzwWeDS
I9i8kO6IrNHbmw148DXVHZsKnfX3F4dVD48KOr9lzT0akr4LPqNMewVx8u2ki1sL
4711vmiWmfnJewkYiSbyPWwQ6P49JyzgTvohY2nyg7nr3crMwlElQKC9s49ekqB/
jBoV2Rew/AYSmeyQmY4E8Qr/Xw5BxeCYlAK1fSe+VnqxcsM8+KdCOgxVHMz5TgEb
32NZW+h04waZhfpF79CGmHEMHvGTFVhrXrbs6BLBIcxEv9JVSlfX6T7Y5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPVClKJENWqWFK9nJ/R3cod3TlTgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOVVLVW9rUTFhcFlVcjJjbjlIZHloM2RPVk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwtAwQA
wXxeAwQAwjo6AwQAwjpDAwQAwlfcAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQCO
e+1wdmyuvfn5paXzuZUkiu896Xaf4i1+WrfryB8cmMAd82fYW8d1PCcf1ZYvoaTh
x0zw48s01rqd7UqYL+htdCTKySv26X6wTdj8bzxG/q+3iwx9K6Ylc8QNEwIPoygK
LH05g5xYumeYCeO6HQaCfwNhAQa9nOsqe1eyzTLyup6pp9jUNMgkkg5lUJwEMtPp
kZTUekMg+rWJPg0J1cfYKATEKVoFQeZdOXsaDeYZ4Ugq2hrRzyaoZ9MAcFEDZegD
VnZu4TNaJllCQJZ04JhdfVJwaaqXUseDq74cH7jD4qDvPt0lunSk2n9PUN9oj7om
0BUauqa6H7wvUq2DGtGd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org