Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CmehLoDu_vYWgtfYKsCRftKuh4U.roa
File: CmehLoDu_vYWgtfYKsCRftKuh4U.roa (raw, json)
Hash identifier: i6JTWmKUDKsq4SFjJ/UYc2hX7nxbifx4Pj0BRi1snf4=
Subject key identifier: 0A:67:A1:2E:80:EE:FE:F6:16:82:D7:D8:2A:C0:91:7E:D2:AE:87:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01887A393F1B8E01636B294333FF92AC771D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CmehLoDu_vYWgtfYKsCRftKuh4U.roa
Signing time: Fri 02 Jun 2023 03:49:12 +0000
ROA not before: Fri 02 Jun 2023 03:49:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.129.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 06:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7a:39:3f:1b:8e:01:63:6b:29:43:33:ff:92:ac:77:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 2 03:49:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a67a12e80eefef61682d7d82ac0917ed2ae8785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:30:05:0d:58:43:ca:0a:a4:83:9d:f1:5a:53:
1c:85:db:78:d9:2e:6a:87:0a:20:8b:f5:8f:04:37:
a1:28:e5:30:b1:8f:b3:d6:7e:09:f9:54:ab:60:16:
27:c6:94:9e:61:c6:c5:78:30:5d:70:1e:ed:d5:e1:
5a:a4:6c:c1:dd:05:d5:06:9d:68:69:9e:cd:6d:74:
a2:9b:45:79:5b:1b:0d:3e:35:93:95:bd:fc:d5:9f:
ba:15:f1:a5:c7:99:09:6e:79:3d:c2:b8:92:1c:16:
dd:5c:2f:0b:9c:c8:97:1c:d0:18:14:9b:06:52:e4:
ff:63:0d:cf:97:b9:f1:68:17:b4:43:13:4c:3e:d6:
0e:d5:d0:49:13:ae:6e:f0:de:2d:18:87:d6:de:0d:
23:d6:72:43:28:4a:32:2f:96:cc:d2:d0:b0:f2:bc:
3a:4c:7c:49:57:4b:25:2e:36:c6:d2:0c:24:bf:4e:
94:35:d8:59:6a:63:c9:b7:52:84:2a:be:30:b3:d6:
c1:19:10:5e:a5:d6:48:c5:24:49:d9:77:9e:3f:47:
a4:09:b7:b2:17:97:b8:a8:71:a4:f6:7a:8a:4c:6b:
1b:15:5a:85:24:84:53:92:7c:dd:92:f2:01:51:7e:
49:89:73:5d:dd:5d:a6:1a:f5:3a:00:dd:73:10:3f:
17:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:67:A1:2E:80:EE:FE:F6:16:82:D7:D8:2A:C0:91:7E:D2:AE:87:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CmehLoDu_vYWgtfYKsCRftKuh4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.81.0/24
194.87.129.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e6:4b:0c:e9:f3:3f:0a:0f:b0:9a:42:86:87:5b:69:29:89:
0e:f4:3e:06:96:2e:b2:6d:69:bf:35:ee:d7:6d:09:05:6a:89:
bb:cb:15:b2:a5:65:37:78:e6:ca:83:e5:a8:f3:fe:75:02:47:
34:a3:d3:e8:9e:fd:9a:e2:f8:49:1f:7a:3e:ce:f1:80:c3:11:
3c:ac:9e:29:35:7b:a5:76:ec:58:11:9c:1a:51:18:62:c1:0f:
1d:fb:34:a2:f2:94:e1:01:9b:b6:cc:43:4b:76:2a:b2:99:3a:
db:e6:82:b7:0a:8a:cf:18:b1:4f:28:d8:90:45:cc:b7:7a:62:
cf:86:71:fe:f0:f8:ed:62:b9:4a:c1:c4:c7:b3:ab:cd:07:90:
68:67:34:d1:92:58:c3:dc:71:ea:71:f3:f5:4c:c0:06:fd:27:
d7:08:da:4f:b9:ed:15:e8:9c:51:21:9f:a6:e8:84:1f:fb:d7:
ee:d8:14:c1:20:b0:f9:1d:f5:e5:f2:8d:42:58:a9:88:90:24:
ba:f9:35:a2:ea:31:90:30:6b:40:e3:5a:30:d0:26:16:7c:16:
7a:76:15:1d:cc:40:d4:4c:50:13:27:8a:69:2e:bf:d3:24:d7:
9e:b4:e6:07:7d:78:80:3f:fc:6f:3c:a0:ef:7d:a9:f3:53:4c:
a4:60:3b:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh6OT8bjgFjaylDM/+SrHcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAyMDM0OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY3YTEyZTgwZWVmZWY2MTY4MmQ3ZDgyYWMwOTE3ZWQyYWU4Nzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTAFDVhDygqkg53xWlMchdt42S5q
hwogi/WPBDehKOUwsY+z1n4J+VSrYBYnxpSeYcbFeDBdcB7t1eFapGzB3QXVBp1o
aZ7NbXSim0V5WxsNPjWTlb381Z+6FfGlx5kJbnk9wriSHBbdXC8LnMiXHNAYFJsG
UuT/Yw3Pl7nxaBe0QxNMPtYO1dBJE65u8N4tGIfW3g0j1nJDKEoyL5bM0tCw8rw6
THxJV0slLjbG0gwkv06UNdhZamPJt1KEKr4ws9bBGRBepdZIxSRJ2XeeP0ekCbey
F5e4qHGk9nqKTGsbFVqFJIRTknzdkvIBUX5JiXNd3V2mGvU6AN1zED8XYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFApnoS6A7v72FoLX2CrAkX7SroeFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ21laExvRHVfdllXZ3RmWUtzQ1JmdEt1aDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwldRAwQA
wleBAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQAO5ksM6fM/Cg+wmkKGh1tpKYkO
9D4Gli6ybWm/Ne7XbQkFaom7yxWypWU3eObKg+Wo8/51Akc0o9Ponv2a4vhJH3o+
zvGAwxE8rJ4pNXulduxYEZwaURhiwQ8d+zSi8pThAZu2zENLdiqymTrb5oK3CorP
GLFPKNiQRcy3emLPhnH+8PjtYrlKwcTHs6vNB5BoZzTRkljD3HHqcfP1TMAG/SfX
CNpPue0V6JxRIZ+m6IQf+9fu2BTBILD5HfXl8o1CWKmIkCS6+TWi6jGQMGtA41ow
0CYWfBZ6dhUdzEDUTFATJ4ppLr/TJNeetOYHfXiAP/xvPKDvfanzU0ykYDu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org