Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Brl3MzmIoWDf6bTiz21PVzfqNb4.roa
File: Brl3MzmIoWDf6bTiz21PVzfqNb4.roa (raw, json)
Hash identifier: aYROn4VH/7hXXcGjhjSKHyvz77QkHFNautD2wGdN5sk=
Subject key identifier: 06:B9:77:33:39:88:A1:60:DF:E9:B4:E2:CF:6D:4F:57:37:EA:35:BE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187574B8FCCEF2EC36D6C9556EADBDAEE38
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Brl3MzmIoWDf6bTiz21PVzfqNb4.roa
Signing time: Thu 06 Apr 2023 15:59:42 +0000
ROA not before: Thu 06 Apr 2023 15:59:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.87.227.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.87.67.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:4b:8f:cc:ef:2e:c3:6d:6c:95:56:ea:db:da:ee:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:59:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b977333988a160dfe9b4e2cf6d4f5737ea35be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:2e:bb:ea:62:98:18:d4:87:b4:a3:d9:e3:
7b:3f:89:80:14:c9:70:81:af:06:30:4c:c0:5b:ad:
eb:31:54:30:52:f4:89:4c:ac:39:36:3e:06:e9:47:
a0:18:82:29:c6:c3:ed:e9:a5:b6:dc:86:3f:3d:c3:
26:66:35:cc:10:1b:b8:b6:3e:f2:3c:9b:e4:bd:25:
5c:50:57:2f:cb:52:04:e4:53:72:51:48:e1:cc:22:
b4:c7:17:9f:97:e0:cc:c9:d9:03:53:f1:47:7b:ed:
b2:9c:cf:97:b7:0b:ae:3f:85:53:4a:d8:3a:45:3c:
63:17:f6:af:48:d2:06:ba:25:bc:22:f3:cb:39:af:
fa:78:8a:fc:1d:65:9e:47:35:2f:42:f7:98:f4:f9:
8a:59:70:32:6c:3e:e9:f2:54:ac:24:3a:07:c6:c1:
28:4c:14:f9:92:d0:6c:56:1f:10:5a:5c:9a:c3:f5:
bb:0e:44:35:59:86:f3:4b:db:46:50:78:bc:83:ed:
df:ed:97:61:f7:15:8b:68:ee:1d:96:69:7b:f4:68:
db:37:ef:09:6f:6d:b8:8f:0a:75:7f:ed:a6:5f:db:
24:b8:b8:25:42:21:b4:10:ce:cf:ea:7a:d5:e5:8e:
9c:54:cb:36:02:b8:70:d2:9f:73:f7:08:14:01:ec:
a8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B9:77:33:39:88:A1:60:DF:E9:B4:E2:CF:6D:4F:57:37:EA:35:BE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Brl3MzmIoWDf6bTiz21PVzfqNb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.248.0-194.85.250.255
194.87.67.0/24
194.87.227.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
36:6e:9e:b5:0c:1a:72:21:b6:e2:71:bb:11:6e:3f:aa:07:7f:
c3:83:4a:c2:e8:5f:4e:a2:17:cf:96:51:b0:cb:a6:60:9c:6f:
49:a8:06:99:19:f9:c8:19:29:a4:35:74:8e:f7:8b:4f:6f:9f:
9f:38:67:ec:1e:19:a2:1b:d3:ca:ac:30:70:00:23:90:a3:18:
1a:af:bd:d2:f4:be:2b:4f:10:8b:9d:6a:98:77:f8:c2:b4:c2:
5d:a9:d0:17:64:10:97:85:32:77:2a:1a:25:81:c3:67:ab:38:
91:d4:20:7e:8d:32:da:e4:5c:c8:4e:16:bb:f0:76:e3:5a:f1:
d6:89:2c:c5:55:f6:a0:9b:e5:87:00:c7:fb:77:4a:21:5e:48:
dc:c8:c8:f0:4c:f7:68:e4:01:d8:e6:7d:dd:92:cb:be:c5:1d:
c3:35:e2:9e:85:72:91:67:04:63:e1:1b:1c:5c:48:1d:b4:69:
d6:c9:ce:66:cf:a7:28:13:77:f0:b5:38:62:33:18:0f:20:d5:
fc:84:b3:30:66:03:01:f0:e1:56:89:28:ba:bb:60:30:42:44:
c3:c0:93:6a:14:59:53:ab:91:83:9b:eb:ff:d1:23:56:32:d4:
31:0d:8d:28:68:37:10:37:ed:fe:b4:4e:64:62:5f:6d:9b:e1:
7d:30:24:b1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYdXS4/M7y7DbWyVVurb2u44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTU1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI5NzczMzM5ODhhMTYwZGZlOWI0ZTJjZjZkNGY1NzM3ZWEzNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAMuu+pimBjUh7Sj2eN7P4mAFMlw
ga8GMEzAW63rMVQwUvSJTKw5Nj4G6UegGIIpxsPt6aW23IY/PcMmZjXMEBu4tj7y
PJvkvSVcUFcvy1IE5FNyUUjhzCK0xxefl+DMydkDU/FHe+2ynM+XtwuuP4VTStg6
RTxjF/avSNIGuiW8IvPLOa/6eIr8HWWeRzUvQveY9PmKWXAybD7p8lSsJDoHxsEo
TBT5ktBsVh8QWlyaw/W7DkQ1WYbzS9tGUHi8g+3f7Zdh9xWLaO4dlml79GjbN+8J
b224jwp1f+2mX9skuLglQiG0EM7P6nrV5Y6cVMs2Arhw0p9z9wgUAeyoyQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAa5dzM5iKFg3+m04s9tT1c36jW+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQnJsM016bUlvV0RmNmJUaXoyMVBWemZxTmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAPCVfgD
BADCVfoDBADCV0MDBADCV+MDBADDhScwDAMEANTA9QMEANTA9jANBgkqhkiG9w0B
AQsFAAOCAQEANm6etQwaciG24nG7EW4/qgd/w4NKwuhfTqIXz5ZRsMumYJxvSagG
mRn5yBkppDV0jveLT2+fnzhn7B4ZohvTyqwwcAAjkKMYGq+90vS+K08Qi51qmHf4
wrTCXanQF2QQl4UydyoaJYHDZ6s4kdQgfo0y2uRcyE4Wu/B241rx1oksxVX2oJvl
hwDH+3dKIV5I3MjI8Ez3aOQB2OZ93ZLLvsUdwzXinoVykWcEY+EbHFxIHbRp1snO
Zs+nKBN38LU4YjMYDyDV/ISzMGYDAfDhVokourtgMEJEw8CTahRZU6uRg5vr/9Ej
VjLUMQ2NKGg3EDft/rROZGJfbZvhfTAksQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org