Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E9H97yrtPdgSOIPAOC2HH63Gdxs.roa
File: E9H97yrtPdgSOIPAOC2HH63Gdxs.roa (raw, json)
Hash identifier: fLg0pfWxgzQqjcELHORw1aFhsT7PSn/p4VtlsmkIv1I=
Subject key identifier: 13:D1:FD:EF:2A:ED:3D:D8:12:38:83:C0:38:2D:87:1F:AD:C6:77:1B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CF2BCFDB863D45D8A1815C3320D5D26C2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E9H97yrtPdgSOIPAOC2HH63Gdxs.roa
Signing time: Wed 10 Jan 2024 09:38:41 +0000
ROA not before: Wed 10 Jan 2024 09:38:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 212.193.14.0/24 maxlen: 24
212.192.213.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 10:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:bc:fd:b8:63:d4:5d:8a:18:15:c3:32:0d:5d:26:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 10 09:38:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13d1fdef2aed3dd8123883c0382d871fadc6771b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:83:34:25:36:69:ce:f9:2b:e7:34:59:01:99:
6b:5b:dd:51:36:a2:90:f2:b9:1c:c6:55:98:2d:3a:
39:e3:c3:1f:df:f9:58:e3:77:c5:93:8a:cf:57:60:
58:fd:5b:a8:9c:c2:2f:17:3e:d3:e8:c0:20:6d:9a:
e2:b7:9f:33:ab:38:e6:af:af:5a:98:70:77:8c:fe:
24:6e:c0:83:06:30:ec:76:25:40:d4:71:61:3d:46:
fa:43:da:a6:a7:f0:f3:d0:81:69:4f:2e:49:bf:36:
bd:82:08:86:c6:1f:16:54:d3:48:61:d9:32:f6:7d:
a9:f2:bf:af:21:14:fd:e6:28:ac:cf:73:91:89:b2:
33:d0:45:a5:ab:27:4f:85:ff:89:8d:5f:ee:e9:75:
bb:3d:56:e6:32:38:bb:d9:f5:6c:f8:55:41:e7:6e:
a6:c4:00:61:07:47:0f:47:c6:7a:ef:cc:e4:1f:b6:
80:3a:46:c2:1d:d4:79:76:79:82:48:b3:94:3a:99:
03:a3:c5:7d:25:d3:83:2d:d6:9b:94:20:46:bc:f9:
d0:f4:16:b9:ee:f7:31:97:6e:38:86:01:72:3a:ed:
1d:3d:a4:75:12:20:dc:67:f9:06:4b:b4:75:05:79:
65:bc:b0:7d:cd:d1:98:ca:45:4d:6f:cb:70:2a:ec:
d2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D1:FD:EF:2A:ED:3D:D8:12:38:83:C0:38:2D:87:1F:AD:C6:77:1B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E9H97yrtPdgSOIPAOC2HH63Gdxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
212.192.213.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
38:36:ba:34:af:d7:72:98:1a:94:c0:0f:f6:52:ad:6f:2d:89:
37:be:80:61:3b:d1:4f:08:e7:06:df:a5:87:42:ad:e2:10:2c:
1f:31:af:4d:97:a7:71:65:8b:a0:75:4d:5f:32:34:3c:4b:71:
e7:e2:1f:08:3f:ea:55:3d:26:46:da:4d:45:c8:a9:cd:93:39:
c1:4e:4c:37:4e:1b:7f:14:33:d9:41:49:89:eb:eb:5d:4f:22:
b5:09:5c:97:67:55:d1:d5:44:f6:fe:34:c2:cc:e4:3e:92:2f:
2b:7c:da:28:c4:20:cb:37:7b:c1:f0:79:ab:ee:5f:78:77:95:
1a:32:8e:f1:c0:a7:14:1a:a8:5e:59:ca:db:8c:da:ee:7e:42:
7c:de:89:db:41:28:8d:3a:ce:2c:2d:14:e3:82:a9:f7:23:fa:
ab:0a:6c:41:40:da:ea:fc:24:a4:5a:3a:12:c2:5a:81:21:37:
b9:d5:27:e4:6c:6e:23:f6:29:cd:ab:38:86:53:34:81:11:f9:
97:24:c1:ad:e9:da:5c:b4:d1:27:3a:a5:f0:37:fd:5d:f8:c1:
c8:6d:72:f1:af:8b:52:c0:de:e1:88:8e:1d:79:94:96:90:af:
99:a2:e3:c0:74:0b:2a:e8:ab:72:41:15:c1:fe:3d:e3:93:8b:
9c:6a:7d:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzyvP24Y9RdihgVwzINXSbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEwMDkzODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QxZmRlZjJhZWQzZGQ4MTIzODgzYzAzODJkODcxZmFkYzY3NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYM0JTZpzvkr5zRZAZlrW91RNqKQ
8rkcxlWYLTo548Mf3/lY43fFk4rPV2BY/VuonMIvFz7T6MAgbZrit58zqzjmr69a
mHB3jP4kbsCDBjDsdiVA1HFhPUb6Q9qmp/Dz0IFpTy5Jvza9ggiGxh8WVNNIYdky
9n2p8r+vIRT95iisz3ORibIz0EWlqydPhf+JjV/u6XW7PVbmMji72fVs+FVB526m
xABhB0cPR8Z678zkH7aAOkbCHdR5dnmCSLOUOpkDo8V9JdODLdablCBGvPnQ9Ba5
7vcxl244hgFyOu0dPaR1EiDcZ/kGS7R1BXllvLB9zdGYykVNb8twKuzSVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBPR/e8q7T3YEjiDwDgthx+txncbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRTlIOTd5cnRQZGdTT0lQQU9DMkhINjNHZHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzLAwQA
1MDVAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQA4Nro0r9dymBqUwA/2Uq1vLYk3
voBhO9FPCOcG36WHQq3iECwfMa9Nl6dxZYugdU1fMjQ8S3Hn4h8IP+pVPSZG2k1F
yKnNkznBTkw3Tht/FDPZQUmJ6+tdTyK1CVyXZ1XR1UT2/jTCzOQ+ki8rfNooxCDL
N3vB8Hmr7l94d5UaMo7xwKcUGqheWcrbjNrufkJ83onbQSiNOs4sLRTjgqn3I/qr
CmxBQNrq/CSkWjoSwlqBITe51SfkbG4j9inNqziGUzSBEfmXJMGt6dpctNEnOqXw
N/1d+MHIbXLxr4tSwN7hiI4deZSWkK+ZouPAdAsq6KtyQRXB/j3jk4ucan1L
-----END CERTIFICATE-----
Generated at Sat Jan 20 12:52:18 2024 by rpki-client on console-ams.rpki-client.org