Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CpKPttpnkTKl0G2oRi3Hiyvf6EI.roa
File: CpKPttpnkTKl0G2oRi3Hiyvf6EI.roa (raw, json)
Hash identifier: DYTot7V/tw6rd2Pbd1TIkCYTW5zTK+GijbjH0rVnVaI=
Subject key identifier: 0A:92:8F:B6:DA:67:91:32:A5:D0:6D:A8:46:2D:C7:8B:2B:DF:E8:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B13E456C72BBA8AF31180D4D140FB22F2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CpKPttpnkTKl0G2oRi3Hiyvf6EI.roa
Signing time: Mon 09 Oct 2023 10:03:33 +0000
ROA not before: Mon 09 Oct 2023 10:03:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.135.105.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
195.133.62.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:e4:56:c7:2b:ba:8a:f3:11:80:d4:d1:40:fb:22:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 10:03:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a928fb6da679132a5d06da8462dc78b2bdfe842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0f:92:88:da:5f:47:41:a9:a6:28:07:3e:62:
bd:ff:65:64:e6:ef:60:68:6d:e1:ea:1a:d2:3a:17:
31:99:70:24:e5:6e:da:6b:68:05:4a:ac:df:64:72:
0e:98:77:fb:08:5c:7f:9a:16:82:d8:03:d5:6a:a4:
1d:30:5e:a3:38:03:2f:26:91:a3:ce:68:28:58:cf:
61:c0:6c:a8:d7:26:95:a3:50:e2:fb:8b:c1:0d:eb:
ad:6b:89:2d:92:51:ef:83:57:e1:46:f9:ee:81:1b:
8e:cb:be:e0:7f:ca:cd:18:91:8a:c2:6f:d3:fd:8c:
11:76:46:f6:f6:ca:45:78:75:7a:ce:06:05:a6:00:
67:fd:cc:f7:eb:18:d6:3c:9e:1e:b7:c6:31:6a:e1:
80:8e:8c:8b:79:9c:e9:f0:f0:24:96:57:2e:ef:dd:
6a:25:88:f3:95:5a:18:82:28:34:db:d2:db:24:ab:
58:2c:90:57:fe:c3:36:32:99:2c:6f:ed:e7:54:86:
3b:2a:7c:d9:39:1d:40:75:b2:27:77:8c:ef:fd:a3:
d4:35:d9:d6:e4:4a:fc:cb:ae:68:a2:c7:ab:e7:7c:
b6:d9:e6:bc:b3:0f:f8:2a:ef:a9:8a:70:c8:64:0b:
f5:fc:17:b1:e8:13:61:b5:1e:c9:11:06:ab:fa:69:
f2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:92:8F:B6:DA:67:91:32:A5:D0:6D:A8:46:2D:C7:8B:2B:DF:E8:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CpKPttpnkTKl0G2oRi3Hiyvf6EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.52.0/24
194.87.87.0/24
194.135.105.0/24
195.133.8.0/24
195.133.41.0/24
195.133.60.0/24
195.133.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:f2:bf:e1:ba:06:ee:52:76:e7:2a:14:f1:73:5f:bf:7f:55:
51:f6:00:b5:71:8c:0f:d1:38:b5:8a:a7:4f:10:a2:e1:75:3c:
73:46:86:56:2e:bd:40:39:a2:f0:a0:b4:4b:3e:20:8f:52:92:
a0:bf:31:46:8b:4b:eb:9b:f6:93:71:92:4b:39:7f:b9:d2:d4:
72:1d:32:80:a0:78:2b:c1:d2:9c:34:c7:1f:5a:01:67:6c:1c:
a8:7b:81:43:db:c4:dd:55:20:b0:bf:a8:3f:a6:b8:4d:ee:92:
a3:55:ce:2d:33:43:cb:9f:d4:fd:4b:61:05:4f:4e:86:06:ec:
77:bb:79:db:b2:4a:01:50:c1:79:65:2c:b7:36:d8:07:3a:8a:
2a:29:bf:b9:ff:5c:e7:9c:87:ff:bf:50:77:e1:65:0a:58:1c:
5d:80:49:3f:6a:ea:47:bc:28:54:16:f1:4d:f0:96:1c:a6:c1:
a0:26:45:57:af:53:c4:e8:ea:39:78:20:14:8d:94:9b:45:91:
ae:d7:77:73:59:78:81:cb:19:b3:52:8c:f0:5f:8c:7d:1d:ac:
7f:09:be:60:0a:01:e8:02:e4:6e:c3:f3:09:6e:df:ea:b1:7d:
ab:22:52:84:7c:0e:13:e4:5e:6f:60:70:ae:7f:f3:c6:e1:92:
0b:05:76:bf
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYsT5FbHK7qK8xGA1NFA+yLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MTAwMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkyOGZiNmRhNjc5MTMyYTVkMDZkYTg0NjJkYzc4YjJiZGZlODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g+SiNpfR0GppigHPmK9/2Vk5u9g
aG3h6hrSOhcxmXAk5W7aa2gFSqzfZHIOmHf7CFx/mhaC2APVaqQdMF6jOAMvJpGj
zmgoWM9hwGyo1yaVo1Di+4vBDeuta4ktklHvg1fhRvnugRuOy77gf8rNGJGKwm/T
/YwRdkb29spFeHV6zgYFpgBn/cz36xjWPJ4et8YxauGAjoyLeZzp8PAkllcu791q
JYjzlVoYgig029LbJKtYLJBX/sM2Mpksb+3nVIY7KnzZOR1AdbInd4zv/aPUNdnW
5Er8y65ooser53y22ea8sw/4Ku+pinDIZAv1/Bex6BNhtR7JEQar+mnySQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAqSj7baZ5EypdBtqEYtx4sr3+hCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ3BLUHR0cG5rVEtsMEcyb1JpM0hpeXZmNkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlc0AwQA
wldXAwQAwodpAwQAw4UIAwQAw4UpAwQAw4U8AwQAw4U+MA0GCSqGSIb3DQEBCwUA
A4IBAQA+8r/hugbuUnbnKhTxc1+/f1VR9gC1cYwP0Ti1iqdPEKLhdTxzRoZWLr1A
OaLwoLRLPiCPUpKgvzFGi0vrm/aTcZJLOX+50tRyHTKAoHgrwdKcNMcfWgFnbByo
e4FD28TdVSCwv6g/prhN7pKjVc4tM0PLn9T9S2EFT06GBux3u3nbskoBUMF5ZSy3
NtgHOooqKb+5/1znnIf/v1B34WUKWBxdgEk/aupHvChUFvFN8JYcpsGgJkVXr1PE
6Oo5eCAUjZSbRZGu13dzWXiByxmzUozwX4x9Hax/Cb5gCgHoAuRuw/MJbt/qsX2r
IlKEfA4T5F5vYHCuf/PG4ZILBXa/
-----END CERTIFICATE-----
Generated at Wed Oct 11 13:07:14 2023 by rpki-client on console-ams.rpki-client.org