Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYy0df0Cp2dut0QZegwTjUbV0-g.roa
File: BYy0df0Cp2dut0QZegwTjUbV0-g.roa (raw, json)
Hash identifier: W/zjU38/vwDLrRB/017VsmEoLWjA0D2x310MhkS36DI=
Subject key identifier: 05:8C:B4:75:FD:02:A7:67:6E:B7:44:19:7A:0C:13:8D:46:D5:D3:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A5D522A9027AF35CCEA6B7CAFDBBD7E9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYy0df0Cp2dut0QZegwTjUbV0-g.roa
Signing time: Thu 12 Jan 2023 11:54:46 +0000
ROA not before: Thu 12 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d5:22:a9:02:7a:f3:5c:ce:a6:b7:ca:fd:bb:d7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=058cb475fd02a7676eb744197a0c138d46d5d3e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:10:57:8c:3c:d8:6c:4e:52:ed:0b:82:6b:fa:
35:a7:5a:81:0c:ad:a5:1a:20:db:02:d7:01:49:4c:
1d:91:36:80:13:6b:f3:ff:bb:f4:8c:00:12:bd:93:
45:b8:99:52:a0:79:96:67:d4:8b:b1:51:c3:34:ad:
58:18:66:c7:85:f6:5b:09:dd:74:32:8e:14:a6:78:
4b:86:52:54:49:2b:0f:1b:de:10:13:96:7d:1b:e9:
d9:3a:59:83:01:31:d7:1f:f4:89:7b:20:54:e7:39:
e0:58:a2:78:e7:63:9b:f6:7b:f6:6e:57:30:57:93:
50:f4:78:a6:51:4f:95:3a:23:5b:f7:9c:a3:d0:7a:
f4:f7:25:9b:50:2e:a0:3a:be:8c:aa:80:88:72:d5:
b0:38:64:c4:6d:eb:0d:d7:f5:4a:99:47:40:06:fe:
02:a9:c9:0c:ed:92:82:74:22:a4:c3:5a:b7:6b:7b:
d5:69:ef:e5:cb:aa:67:f6:d5:f0:77:fe:fd:53:3c:
e7:19:68:1b:13:fe:55:14:74:fa:29:bb:25:a1:fc:
61:c4:d8:8d:eb:54:5e:c5:a2:35:c8:b8:2d:c2:d4:
76:71:23:fa:31:0e:b1:a5:7b:ac:21:d8:20:5d:c9:
03:ba:a4:b4:82:9e:ff:2e:17:1d:9f:60:87:3b:39:
ba:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8C:B4:75:FD:02:A7:67:6E:B7:44:19:7A:0C:13:8D:46:D5:D3:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYy0df0Cp2dut0QZegwTjUbV0-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.94.0/24
194.58.61.0/24
194.58.154.0/24
194.87.180.0/24
194.87.191.0/24
212.193.5.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
45:64:c6:bd:8c:d1:5b:eb:d7:12:6d:5c:33:9d:97:3c:03:64:
25:3f:54:96:fb:30:fd:34:2d:01:55:d3:9a:a9:0e:46:ee:40:
c9:3a:27:4f:81:58:4e:33:0d:eb:74:48:fa:b0:82:6d:e4:96:
bf:5a:5a:69:b7:cf:05:9b:a4:93:a8:64:d3:10:b0:71:18:83:
f8:59:17:e6:e3:27:b4:67:e6:88:51:e1:09:63:f7:67:65:58:
e7:d6:90:3c:74:f3:0f:8e:a7:07:c0:ca:68:a9:10:3d:b8:1a:
dc:c4:11:92:b6:43:c9:e3:3e:97:f4:f1:69:30:66:58:00:02:
6d:6d:4f:8b:d8:4b:a2:9c:4f:0a:67:5b:a6:2e:f8:9a:0f:eb:
44:45:95:03:94:4c:c4:4c:66:4c:e7:28:cb:d0:e7:f8:82:59:
7e:aa:e4:67:2e:1a:bc:83:e9:81:e9:89:f9:1f:47:64:d7:43:
44:2a:08:53:ed:d3:35:18:74:4d:37:ff:f8:3d:4e:76:dd:12:
54:5e:fe:64:48:c7:76:29:5f:a6:c8:20:5e:22:50:36:ea:e4:
82:44:b4:70:0c:dd:50:90:5d:fe:9f:e2:55:7d:8f:61:90:1b:
1a:ca:41:62:ad:4e:54:44:9c:36:6a:d5:ee:94:af:95:29:49:
4b:44:f4:d0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWl1SKpAnrzXM6mt8r9u9fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThjYjQ3NWZkMDJhNzY3NmViNzQ0MTk3YTBjMTM4ZDQ2ZDVkM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xBXjDzYbE5S7QuCa/o1p1qBDK2l
GiDbAtcBSUwdkTaAE2vz/7v0jAASvZNFuJlSoHmWZ9SLsVHDNK1YGGbHhfZbCd10
Mo4UpnhLhlJUSSsPG94QE5Z9G+nZOlmDATHXH/SJeyBU5zngWKJ452Ob9nv2blcw
V5NQ9HimUU+VOiNb95yj0Hr09yWbUC6gOr6MqoCIctWwOGTEbesN1/VKmUdABv4C
qckM7ZKCdCKkw1q3a3vVae/ly6pn9tXwd/79UzznGWgbE/5VFHT6KbslofxhxNiN
61RexaI1yLgtwtR2cSP6MQ6xpXusIdggXckDuqS0gp7/Lhcdn2CHOzm6kwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAWMtHX9AqdnbrdEGXoME41G1dPoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQll5MGRmMENwMmR1dDBRWmVnd1RqVWJWMC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXxeAwQA
wjo9AwQAwjqaAwQAwle0AwQAwle/AwQA1MEFAwQA1MEJMA0GCSqGSIb3DQEBCwUA
A4IBAQBFZMa9jNFb69cSbVwznZc8A2QlP1SW+zD9NC0BVdOaqQ5G7kDJOidPgVhO
Mw3rdEj6sIJt5Ja/Wlppt88Fm6STqGTTELBxGIP4WRfm4ye0Z+aIUeEJY/dnZVjn
1pA8dPMPjqcHwMpoqRA9uBrcxBGStkPJ4z6X9PFpMGZYAAJtbU+L2EuinE8KZ1um
LviaD+tERZUDlEzETGZM5yjL0Of4gll+quRnLhq8g+mB6Yn5H0dk10NEKghT7dM1
GHRNN//4PU523RJUXv5kSMd2KV+myCBeIlA26uSCRLRwDN1QkF3+n+JVfY9hkBsa
ykFirU5URJw2atXulK+VKUlLRPTQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org