Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DOTpdDgoqggrUzHYreqWLBFEkMo.roa
File: DOTpdDgoqggrUzHYreqWLBFEkMo.roa (raw, json)
Hash identifier: bA9JQddB5gGXejwA6kue523rHW/2rjIdgrcG0q3YExs=
Subject key identifier: 0C:E4:E9:74:38:28:AA:08:2B:53:31:D8:AD:EA:96:2C:11:44:90:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AAC753D7F4FA2D7AEC6CD12B2DE581600
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DOTpdDgoqggrUzHYreqWLBFEkMo.roa
Signing time: Tue 19 Sep 2023 08:01:19 +0000
ROA not before: Tue 19 Sep 2023 08:01:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 193.124.47.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:75:3d:7f:4f:a2:d7:ae:c6:cd:12:b2:de:58:16:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 19 08:01:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ce4e9743828aa082b5331d8adea962c114490ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:b0:0f:c1:f2:69:58:d7:7e:00:74:9f:01:
16:3f:da:a5:77:8f:32:31:55:28:86:59:81:3b:3d:
3a:65:c2:ce:89:00:7d:7e:b1:1e:49:1f:8e:22:0a:
a5:82:09:a9:d8:03:df:52:11:c2:c3:76:c9:08:dd:
14:a0:3f:9f:87:09:45:e5:e8:48:da:6e:40:95:73:
70:ad:f1:9a:e5:61:4e:92:6f:78:50:8c:c8:c9:20:
5a:3d:89:66:0e:86:eb:34:1c:fd:89:95:d3:23:e8:
cd:45:c9:6e:7c:c5:23:ee:ab:dc:70:b2:47:79:c4:
46:cc:b4:d6:38:fe:c9:34:72:6f:41:5d:ca:92:ac:
f3:1d:79:4a:fb:46:16:41:7a:b4:74:08:b8:84:66:
93:de:9c:5a:c0:a2:45:de:aa:38:48:e4:f3:5f:17:
72:07:78:dc:a3:5b:8f:7a:2e:ed:c4:88:fe:a6:45:
fa:61:0f:45:cf:7a:7b:05:83:21:2d:15:e5:de:ee:
96:16:1d:7d:2c:d3:33:4b:e0:79:ff:49:18:d3:34:
f1:1f:74:f0:a5:ea:95:4e:14:39:c5:2f:f7:e4:2a:
c2:65:1e:34:72:33:3e:40:db:df:c9:be:da:11:e1:
d9:cc:ab:0d:88:58:4a:28:eb:4d:8c:bc:ae:8b:fd:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E4:E9:74:38:28:AA:08:2B:53:31:D8:AD:EA:96:2C:11:44:90:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DOTpdDgoqggrUzHYreqWLBFEkMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.149.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ee:ec:a0:af:8b:ed:49:03:30:58:df:2a:5f:d1:68:c5:4a:
23:30:18:ec:ba:bb:d4:47:af:e0:2b:3a:8a:8a:51:1e:d6:4b:
16:d5:e5:93:85:0c:2f:dd:7a:9d:a2:55:6e:66:51:be:6a:9b:
a4:05:ba:54:f1:c9:89:2a:6c:df:86:c5:0b:37:7d:09:4b:e0:
f0:02:0d:88:20:01:3a:a7:42:30:5d:54:0c:77:cd:30:f6:40:
4a:03:c7:db:06:c5:30:34:e7:25:01:0a:19:a6:e6:4e:6a:7b:
8c:ec:cc:29:fa:c1:99:ed:57:1a:0f:ec:93:58:47:cd:9b:f5:
f5:c6:f5:6c:e5:ab:b6:6c:5a:3e:6c:da:4e:a3:f8:b7:c1:49:
7e:2f:5b:f9:1e:04:8c:bc:52:fd:6a:d9:e0:db:85:5e:a9:0b:
72:6b:05:cf:22:74:0e:27:07:99:d9:f8:70:2f:34:cf:ce:f1:
78:8f:1b:22:b8:fb:cf:3e:0b:73:a5:a1:50:f4:86:7c:1c:02:
14:7c:1b:0f:da:04:a7:64:bf:8b:01:a1:11:6d:ce:fb:57:3e:
8b:1c:03:c7:a4:17:94:aa:13:86:d0:0d:73:ab:3d:ff:89:ca:
79:c4:de:b5:01:d8:c1:6c:43:75:01:08:c2:d7:d3:31:ca:5f:
46:50:90:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqsdT1/T6LXrsbNErLeWBYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE5MDgwMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U0ZTk3NDM4MjhhYTA4MmI1MzMxZDhhZGVhOTYyYzExNDQ5MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNOwD8HyaVjXfgB0nwEWP9qld48y
MVUohlmBOz06ZcLOiQB9frEeSR+OIgqlggmp2APfUhHCw3bJCN0UoD+fhwlF5ehI
2m5AlXNwrfGa5WFOkm94UIzIySBaPYlmDobrNBz9iZXTI+jNRclufMUj7qvccLJH
ecRGzLTWOP7JNHJvQV3KkqzzHXlK+0YWQXq0dAi4hGaT3pxawKJF3qo4SOTzXxdy
B3jco1uPei7txIj+pkX6YQ9Fz3p7BYMhLRXl3u6WFh19LNMzS+B5/0kY0zTxH3Tw
peqVThQ5xS/35CrCZR40cjM+QNvfyb7aEeHZzKsNiFhKKOtNjLyui/2kgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAzk6XQ4KKoIK1Mx2K3qliwRRJDKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRE9UcGREZ29xZ2dyVXpIWXJlcVdMQkZFa01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXwvAwQA
wleVMA0GCSqGSIb3DQEBCwUAA4IBAQBR7uygr4vtSQMwWN8qX9FoxUojMBjsurvU
R6/gKzqKilEe1ksW1eWThQwv3XqdolVuZlG+apukBbpU8cmJKmzfhsULN30JS+Dw
Ag2IIAE6p0IwXVQMd80w9kBKA8fbBsUwNOclAQoZpuZOanuM7Mwp+sGZ7VcaD+yT
WEfNm/X1xvVs5au2bFo+bNpOo/i3wUl+L1v5HgSMvFL9atng24VeqQtyawXPInQO
JweZ2fhwLzTPzvF4jxsiuPvPPgtzpaFQ9IZ8HAIUfBsP2gSnZL+LAaERbc77Vz6L
HAPHpBeUqhOG0A1zqz3/icp5xN61AdjBbEN1AQjC19Mxyl9GUJBQ
-----END CERTIFICATE-----
Generated at Mon Oct 16 05:05:44 2023 by rpki-client on console-ams.rpki-client.org