Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI3K4AfJhgI2q0kq3hAU-E9ze_M.roa
File: BI3K4AfJhgI2q0kq3hAU-E9ze_M.roa (raw, json)
Hash identifier: O52ycbBgtiCcHv70yE/fC+rC7tIQqq18QV3SAkw0plU=
Subject key identifier: 04:8D:CA:E0:07:C9:86:02:36:AB:49:2A:DE:10:14:F8:4F:73:7B:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875748D0965E7A01BF2110076BFE79501A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI3K4AfJhgI2q0kq3hAU-E9ze_M.roa
Signing time: Thu 06 Apr 2023 15:56:42 +0000
ROA not before: Thu 06 Apr 2023 15:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:48:d0:96:5e:7a:01:bf:21:10:07:6b:fe:79:50:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=048dcae007c9860236ab492ade1014f84f737bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:80:ab:ef:66:b6:7a:ec:9e:07:93:9a:8b:
a7:ca:49:cf:03:2e:5f:c5:c5:2f:9e:48:cc:75:d8:
0f:7b:d7:12:4a:e0:5e:7d:44:c5:f0:6c:58:b5:bf:
1d:e4:e2:b2:65:bf:e8:8b:d9:d6:37:ff:8f:3c:e8:
02:20:b0:59:ee:a6:a0:98:e7:fb:d2:5e:d8:54:77:
87:de:9d:5b:ad:4c:c5:a6:fb:bc:f3:9a:d0:86:f7:
e6:aa:4e:b8:ff:55:58:1a:2d:17:20:90:6f:82:6c:
19:17:d5:8e:78:79:cb:54:0b:7b:92:6d:80:49:bd:
ec:da:6f:4f:11:f2:a7:0e:71:e7:e1:6a:45:7f:8e:
9c:3f:db:b6:ae:b5:c4:46:ff:cc:5f:40:ea:cc:1b:
2a:05:f6:0c:df:f8:20:66:bf:15:30:53:fd:43:e5:
4c:5f:6b:90:1a:94:f8:7c:80:37:b6:a9:4d:22:fe:
b5:cc:81:92:ce:18:e5:0a:a2:68:b7:95:2a:71:3c:
fd:6d:cc:d6:df:af:3d:1f:ac:bc:83:3e:3e:4f:44:
7e:a7:86:51:3c:20:53:9f:0e:90:b3:bb:ad:23:49:
db:4d:77:b3:6f:44:71:41:69:0e:e7:16:41:b9:f6:
cb:b2:83:b0:3b:76:46:37:11:aa:24:06:81:9c:da:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8D:CA:E0:07:C9:86:02:36:AB:49:2A:DE:10:14:F8:4F:73:7B:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BI3K4AfJhgI2q0kq3hAU-E9ze_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
41:5f:11:db:25:1c:aa:cb:6f:b0:fd:2e:5a:92:e1:6b:89:08:
e3:89:d2:6c:79:7c:dc:74:00:6b:ff:d5:c4:3a:5b:bb:96:23:
ed:3b:5e:ec:5f:62:da:48:a0:5e:85:5f:4a:4b:47:58:fe:5f:
73:07:62:c0:db:3a:10:1e:0c:e4:ee:5f:6f:a8:84:14:7a:e7:
bd:1b:24:b2:50:7f:86:b2:12:dc:83:8d:e1:75:36:c9:9e:ab:
9f:d0:c1:23:c3:8e:a3:48:91:92:8e:fc:70:35:c7:92:ce:65:
d6:d8:37:85:41:a7:93:f9:fc:9a:b1:b8:35:db:03:2a:bc:5d:
96:12:7d:c9:ff:7b:29:ee:eb:93:c1:cd:f8:3e:b4:23:95:6e:
5c:92:3c:0b:c9:d7:8b:c8:32:07:65:de:50:92:62:de:f3:9e:
a9:4d:05:64:d8:f6:83:79:fa:c2:8e:83:b8:3b:ea:fd:6b:0a:
ba:80:5e:df:df:73:ee:bb:0c:fe:79:01:57:94:54:a9:d8:22:
23:04:dd:90:7d:35:8f:b3:e1:af:36:bd:93:50:35:08:ea:bf:
d1:2d:63:23:cd:42:a8:aa:87:ab:01:76:5b:2d:a5:13:7a:a7:
89:f7:79:cc:53:f4:a7:20:a9:13:ab:ef:26:db:0c:97:b4:a4:
45:e2:86:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdXSNCWXnoBvyEQB2v+eVAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTU1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhkY2FlMDA3Yzk4NjAyMzZhYjQ5MmFkZTEwMTRmODRmNzM3YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZaAq+9mtnrsngeTmounyknPAy5f
xcUvnkjMddgPe9cSSuBefUTF8GxYtb8d5OKyZb/oi9nWN/+PPOgCILBZ7qagmOf7
0l7YVHeH3p1brUzFpvu885rQhvfmqk64/1VYGi0XIJBvgmwZF9WOeHnLVAt7km2A
Sb3s2m9PEfKnDnHn4WpFf46cP9u2rrXERv/MX0DqzBsqBfYM3/ggZr8VMFP9Q+VM
X2uQGpT4fIA3tqlNIv61zIGSzhjlCqJot5UqcTz9bczW3689H6y8gz4+T0R+p4ZR
PCBTnw6Qs7utI0nbTXezb0RxQWkO5xZBufbLsoOwO3ZGNxGqJAaBnNonjwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFASNyuAHyYYCNqtJKt4QFPhPc3vzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQkkzSzRBZkpoZ0kycTBrcTNoQVUtRTl6ZV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYAwQA1MAOMA0GCSqGSIb3DQEBCwUA
A4IBAQBBXxHbJRyqy2+w/S5akuFriQjjidJseXzcdABr/9XEOlu7liPtO17sX2La
SKBehV9KS0dY/l9zB2LA2zoQHgzk7l9vqIQUeue9GySyUH+GshLcg43hdTbJnquf
0MEjw46jSJGSjvxwNceSzmXW2DeFQaeT+fyasbg12wMqvF2WEn3J/3sp7uuTwc34
PrQjlW5ckjwLydeLyDIHZd5QkmLe856pTQVk2PaDefrCjoO4O+r9awq6gF7f33Pu
uwz+eQFXlFSp2CIjBN2QfTWPs+GvNr2TUDUI6r/RLWMjzUKoqoerAXZbLaUTeqeJ
93nMU/SnIKkTq+8m2wyXtKRF4oY1
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org