Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BqSxzXic4B_ZfaiD2_W7N8EDXzU.roa
File: BqSxzXic4B_ZfaiD2_W7N8EDXzU.roa (raw, json)
Hash identifier: msCFHwpaX8ZpHiyxFndGv4WMb+NtOaTxosdvFklaXWw=
Subject key identifier: 06:A4:B1:CD:78:9C:E0:1F:D9:7D:A8:83:DB:F5:BB:37:C1:03:5F:35
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187E199ABA3178EF0F19F45F6D92707ABB6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BqSxzXic4B_ZfaiD2_W7N8EDXzU.roa
Signing time: Wed 03 May 2023 12:32:37 +0000
ROA not before: Wed 03 May 2023 12:32:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 194.87.228.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:99:ab:a3:17:8e:f0:f1:9f:45:f6:d9:27:07:ab:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 3 12:32:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06a4b1cd789ce01fd97da883dbf5bb37c1035f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b6:a6:3e:0f:76:94:e2:9f:3d:05:a9:e4:8a:
4e:4b:b7:71:b1:57:c8:7c:37:0d:4f:2e:25:a3:75:
41:71:34:80:16:0f:ca:42:9d:f2:61:d9:18:c5:95:
2a:a5:f6:81:0e:50:b9:17:bc:22:a9:48:6e:0f:01:
d9:3e:fb:b9:7b:bc:fe:5d:9b:cb:f4:6c:14:e6:87:
c6:e0:2f:7f:c6:79:00:fa:f6:39:04:c2:ec:5e:c1:
75:17:7f:59:32:6b:d4:d7:c9:f6:ea:df:66:24:6d:
02:cb:f3:c1:c6:c9:81:9b:94:5f:bd:1d:0b:55:00:
35:a1:df:54:b6:78:f9:9d:b3:d5:1d:52:fd:d8:ce:
6f:fa:72:a9:a4:61:b8:69:34:1a:0d:bd:31:9a:de:
29:bd:f7:18:74:9a:12:cc:36:f4:85:73:ce:3a:88:
41:b6:5d:22:98:c7:d2:de:4d:af:5d:d4:e6:c9:9e:
70:51:b7:12:d2:20:67:e8:50:c5:0c:42:4f:fc:53:
a7:fc:be:33:8d:f4:a0:4e:e1:48:f6:c0:bc:e8:ee:
13:66:1f:d0:ef:1b:00:47:52:a4:19:be:65:92:dd:
02:0d:5d:ed:bd:f9:67:68:3d:58:18:5e:27:4d:c6:
1d:94:64:44:80:7b:b1:e2:f8:54:d1:16:44:59:cb:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A4:B1:CD:78:9C:E0:1F:D9:7D:A8:83:DB:F5:BB:37:C1:03:5F:35
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BqSxzXic4B_ZfaiD2_W7N8EDXzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
194.87.228.0/24
195.58.55.0/24
195.133.25.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:1f:50:78:5c:28:be:ca:2a:75:53:e0:3f:d2:a4:75:fa:57:
60:30:07:ee:07:39:9c:fc:86:12:7a:14:01:67:cd:6a:aa:90:
33:4d:91:ca:6b:d0:96:25:fc:23:f0:59:46:e3:e9:30:ec:25:
61:c1:7a:a2:44:b1:54:be:27:46:aa:bd:71:2a:4e:34:ed:06:
e9:70:17:a8:ac:1c:14:72:4e:31:44:e9:64:b8:9d:cc:d7:eb:
58:c7:b9:e4:3e:aa:54:58:e9:be:75:c2:39:3b:bc:4a:06:b1:
57:fd:e5:31:dc:14:2d:da:4d:f6:0b:29:b4:3e:da:e1:db:a1:
be:cb:f2:6e:ac:36:ee:98:45:b3:96:4e:c3:0a:61:6a:b9:62:
79:72:63:69:fe:8f:e0:67:1d:36:f9:46:ce:14:a0:07:84:dc:
77:5c:97:11:b8:dd:5c:93:2b:c1:f6:bf:cb:70:fd:c1:11:d7:
f4:ff:03:f1:84:41:4a:78:a7:df:24:d0:92:d4:86:e8:71:62:
51:6c:ae:6a:d3:eb:ed:36:65:ef:27:fa:e8:7c:32:02:30:35:
dd:dc:0c:b3:bc:86:77:9e:67:a6:d6:07:12:5c:bb:45:42:44:
29:0e:ec:7b:3e:4e:02:7d:0e:a6:c0:83:bf:a2:69:3a:9c:70:
e2:e5:cd:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYfhmaujF47w8Z9F9tknB6u2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTAzMTIzMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE0YjFjZDc4OWNlMDFmZDk3ZGE4ODNkYmY1YmIzN2MxMDM1ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmramPg92lOKfPQWp5IpOS7dxsVfI
fDcNTy4lo3VBcTSAFg/KQp3yYdkYxZUqpfaBDlC5F7wiqUhuDwHZPvu5e7z+XZvL
9GwU5ofG4C9/xnkA+vY5BMLsXsF1F39ZMmvU18n26t9mJG0Cy/PBxsmBm5RfvR0L
VQA1od9Utnj5nbPVHVL92M5v+nKppGG4aTQaDb0xmt4pvfcYdJoSzDb0hXPOOohB
tl0imMfS3k2vXdTmyZ5wUbcS0iBn6FDFDEJP/FOn/L4zjfSgTuFI9sC86O4TZh/Q
7xsAR1KkGb5lkt0CDV3tvflnaD1YGF4nTcYdlGREgHux4vhU0RZEWctTYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAaksc14nOAf2X2og9v1uzfBA181MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQnFTeHpYaWM0Ql9aZmFpRDJfVzdOOEVEWHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXxbAwQA
wXxfAwQAwlfkAwQAwzo3AwQAw4UZAwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQBa
H1B4XCi+yip1U+A/0qR1+ldgMAfuBzmc/IYSehQBZ81qqpAzTZHKa9CWJfwj8FlG
4+kw7CVhwXqiRLFUvidGqr1xKk407QbpcBeorBwUck4xROlkuJ3M1+tYx7nkPqpU
WOm+dcI5O7xKBrFX/eUx3BQt2k32Cym0Ptrh26G+y/JurDbumEWzlk7DCmFquWJ5
cmNp/o/gZx02+UbOFKAHhNx3XJcRuN1ckyvB9r/LcP3BEdf0/wPxhEFKeKffJNCS
1IbocWJRbK5q0+vtNmXvJ/rofDICMDXd3AyzvIZ3nmem1gcSXLtFQkQpDux7Pk4C
fQ6mwIO/omk6nHDi5c0X
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org