Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D_y1VkZabI9jOLmwwZtsOu2UOF8.roa
File: D_y1VkZabI9jOLmwwZtsOu2UOF8.roa (raw, json)
Hash identifier: X3zTc3a95oHP7ynu0VakYhq6leWeU0tpSklv5GK4Jxk=
Subject key identifier: 0F:FC:B5:56:46:5A:6C:8F:63:38:B9:B0:C1:9B:6C:3A:ED:94:38:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189E37DC95E4D3EFC692462BD3A441E8E1A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D_y1VkZabI9jOLmwwZtsOu2UOF8.roa
Signing time: Fri 11 Aug 2023 07:26:58 +0000
ROA not before: Fri 11 Aug 2023 07:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210974
IP address blocks: 212.192.2.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:7d:c9:5e:4d:3e:fc:69:24:62:bd:3a:44:1e:8e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 07:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ffcb556465a6c8f6338b9b0c19b6c3aed94385f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:55:83:95:02:fe:a2:51:42:25:7a:aa:a6:46:
96:55:83:97:e9:a0:91:ca:fd:c3:a7:9c:43:46:12:
4c:01:f6:d4:9a:7d:03:c7:dd:18:21:c7:df:14:3f:
71:b6:cc:2c:73:f0:0f:6f:67:5c:9a:71:78:69:62:
cc:b5:7d:5c:52:c9:2a:65:60:50:79:a9:00:04:28:
44:25:e0:ee:d4:72:d1:ee:9e:fb:46:3e:b7:04:e9:
60:6d:c6:8c:03:de:91:fe:6b:f9:a2:7e:66:e2:6b:
15:12:21:11:6b:b8:73:a4:3b:ef:72:d0:2a:01:c0:
64:09:ec:9d:76:6c:79:6f:d3:57:5f:87:03:ab:df:
39:f3:b2:1f:9f:da:ab:7e:70:70:32:f3:fe:42:a6:
ac:84:66:1c:8e:7e:63:18:36:aa:ca:85:ea:97:20:
d8:e0:f4:4a:67:fd:56:d1:e3:68:00:db:1a:b6:ba:
25:80:61:e3:5c:cb:bd:14:af:f4:97:ae:1a:2b:53:
7c:55:ac:a6:c5:40:32:bb:06:71:6b:02:0b:7b:dd:
8e:e9:8f:7d:07:3b:4b:6e:c7:79:52:57:39:87:eb:
e5:a3:32:bf:3e:f4:c3:1c:87:37:c5:f5:2a:93:7f:
a9:ee:af:bb:ad:2c:89:7f:f2:4d:fe:ba:10:9d:a0:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FC:B5:56:46:5A:6C:8F:63:38:B9:B0:C1:9B:6C:3A:ED:94:38:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D_y1VkZabI9jOLmwwZtsOu2UOF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.60.0/24
212.192.2.0/23
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
10:83:c8:a0:df:67:60:3e:4c:a4:7c:19:54:b2:fe:5d:b3:26:
b1:1a:9a:c6:61:87:1c:9e:a9:88:37:00:f1:f5:a0:d0:1f:42:
1a:ae:66:72:c1:0d:ef:c7:8c:f3:5c:ef:4c:48:e7:e3:f5:fe:
3c:fd:fe:d1:eb:91:5d:86:d7:0e:82:6e:18:9f:00:fa:63:d9:
40:a6:ab:e8:8c:47:ec:81:95:96:ec:a6:57:53:dd:f4:9f:6b:
85:b2:0e:d7:c4:d2:15:59:9b:73:72:30:75:35:f3:4d:34:88:
b4:33:9c:92:94:b0:03:c1:ce:6e:fb:ce:52:3b:77:13:20:3a:
2d:55:16:14:08:3e:ea:86:cb:b7:ee:66:a3:85:52:99:3e:df:
00:2a:6f:26:c6:87:61:1d:c1:b3:05:da:67:10:99:f2:14:5f:
0f:b3:bb:6d:5c:57:59:c8:71:5a:61:b7:0a:d2:3d:33:cc:99:
b0:89:77:0c:be:22:16:9b:04:bc:6b:51:13:90:99:3a:c4:10:
ea:87:9d:4b:f7:3e:1e:38:0c:c0:41:8f:b7:41:cb:c0:ef:93:
0c:24:75:3c:32:1f:a2:68:fb:e4:fc:18:98:d3:c2:78:2b:a8:
42:62:e7:56:9d:f4:b9:ae:3b:54:f9:aa:bd:47:a0:56:ca:e9:
03:d1:7f:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnjfcleTT78aSRivTpEHo4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODExMDcyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmZjYjU1NjQ2NWE2YzhmNjMzOGI5YjBjMTliNmMzYWVkOTQzODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VWDlQL+olFCJXqqpkaWVYOX6aCR
yv3Dp5xDRhJMAfbUmn0Dx90YIcffFD9xtswsc/APb2dcmnF4aWLMtX1cUskqZWBQ
eakABChEJeDu1HLR7p77Rj63BOlgbcaMA96R/mv5on5m4msVEiERa7hzpDvvctAq
AcBkCeyddmx5b9NXX4cDq98587Ifn9qrfnBwMvP+QqashGYcjn5jGDaqyoXqlyDY
4PRKZ/1W0eNoANsatrolgGHjXMu9FK/0l64aK1N8VaymxUAyuwZxawILe92O6Y99
BztLbsd5Ulc5h+vlozK/PvTDHIc3xfUqk3+p7q+7rSyJf/JN/roQnaDKWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA/8tVZGWmyPYzi5sMGbbDrtlDhfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRF95MVZrWmFiSTlqT0xtd3dadHNPdTJVT0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwzo8AwQB
1MACAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQAQg8ig32dgPkykfBlUsv5dsyax
GprGYYccnqmINwDx9aDQH0IarmZywQ3vx4zzXO9MSOfj9f48/f7R65FdhtcOgm4Y
nwD6Y9lApqvojEfsgZWW7KZXU930n2uFsg7XxNIVWZtzcjB1NfNNNIi0M5ySlLAD
wc5u+85SO3cTIDotVRYUCD7qhsu37majhVKZPt8AKm8mxodhHcGzBdpnEJnyFF8P
s7ttXFdZyHFaYbcK0j0zzJmwiXcMviIWmwS8a1ETkJk6xBDqh51L9z4eOAzAQY+3
QcvA75MMJHU8Mh+iaPvk/BiY08J4K6hCYudWnfS5rjtU+aq9R6BWyukD0X/z
-----END CERTIFICATE-----
Generated at Tue Sep 26 06:38:34 2023 by rpki-client on console-ams.rpki-client.org