Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EBgH7WjgyUpGT5V201UMGrum2nA.roa
File: EBgH7WjgyUpGT5V201UMGrum2nA.roa (raw, json)
Hash identifier: ahb9MV4CYSGvfOcMt5MRpNQ2aIkbgzQRLmrQkM3LwCQ=
Subject key identifier: 10:18:07:ED:68:E0:C9:4A:46:4F:95:76:D3:55:0C:1A:BB:A6:DA:70
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018571476409A0DA9A7919E19A82C48B9AD6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EBgH7WjgyUpGT5V201UMGrum2nA.roa
Signing time: Mon 02 Jan 2023 06:59:42 +0000
ROA not before: Mon 02 Jan 2023 06:59:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:47:64:09:a0:da:9a:79:19:e1:9a:82:c4:8b:9a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 06:59:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=101807ed68e0c94a464f9576d3550c1abba6da70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:6b:d9:6c:36:bb:5f:60:58:7e:60:65:d6:
22:6d:93:82:bc:1a:0c:41:43:82:f3:9f:26:34:14:
7a:ce:f8:eb:26:07:0e:a6:98:de:7e:43:45:d5:71:
3e:98:21:2e:42:75:cd:da:89:7f:0a:4e:68:23:00:
65:a1:ce:ef:39:e1:99:33:e5:d9:3a:2d:06:a8:00:
bc:d1:8b:1e:9e:9b:f7:7e:8f:4f:48:2b:e1:3a:a7:
3b:f0:e7:68:1b:50:39:d8:7b:a1:bc:74:8d:95:ac:
9f:38:bc:6c:ba:56:06:1a:de:5d:8b:4e:c1:bb:77:
43:e2:e2:6a:f7:da:17:8f:c0:e2:28:ab:64:49:64:
26:06:3b:1d:8b:6b:b3:b2:aa:6b:77:84:95:07:f2:
2f:3f:01:db:8a:bf:d8:33:5a:4d:c2:b2:39:92:80:
36:ab:f4:08:f2:e2:5b:2c:67:79:9d:83:c4:e8:ba:
3e:53:1d:d4:3d:6b:5e:28:b6:e5:ba:04:3a:a3:99:
81:95:f8:8f:a9:d8:b6:d3:e0:11:06:f0:d3:47:d1:
39:1c:14:77:19:5a:d9:c8:81:e3:1e:78:1d:1f:a7:
42:e1:31:47:88:e5:c6:f4:ca:90:5a:a8:72:88:e1:
f7:86:f0:89:16:0c:ac:f3:f0:12:a5:78:8e:ac:f1:
f2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:18:07:ED:68:E0:C9:4A:46:4F:95:76:D3:55:0C:1A:BB:A6:DA:70
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EBgH7WjgyUpGT5V201UMGrum2nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
193.124.125.0/24
194.87.37.0/24
194.87.162.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
35:2c:da:df:1a:be:1c:bc:c1:54:04:c9:46:15:d7:c9:5c:4f:
dd:da:e7:e1:d3:07:ef:20:51:fb:4f:3b:ca:40:10:04:d8:14:
7b:f6:f9:1c:2b:e9:eb:24:14:ea:75:5f:d3:a1:20:28:f6:26:
95:c9:52:5d:2a:47:cc:c1:7e:6b:33:0d:b9:02:d7:e3:75:18:
c7:1b:5c:f2:35:e5:8a:91:ee:b2:74:2f:c6:50:1b:84:11:06:
98:45:d7:c7:e1:8e:7c:07:29:8b:b7:b6:a8:3b:c9:a2:92:7a:
26:2f:bb:d9:15:11:dd:54:79:c1:4d:f2:46:3a:52:d0:13:ee:
ce:2e:cd:aa:ff:8d:51:84:80:0a:15:64:cb:91:6d:64:0e:88:
8b:40:b7:e9:b6:4c:de:3d:73:9b:60:1f:4d:12:80:90:6d:03:
14:a3:4a:d4:11:79:0e:fd:b9:94:56:da:fe:3d:3b:f1:d8:70:
71:a7:e1:bd:71:64:41:da:f4:27:b1:9d:80:cf:ab:34:be:21:
d7:e6:e7:90:8a:b4:fa:27:c2:80:71:6f:17:cb:6f:1b:16:8e:
60:19:2c:7e:9a:c3:4a:b9:2f:5c:b7:84:ca:e5:e4:2e:cc:a1:
e6:09:98:d1:25:1b:4f:b3:f8:84:08:9b:ea:d1:23:fa:a9:7f:
f7:62:51:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxR2QJoNqaeRnhmoLEi5rWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMDY1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE4MDdlZDY4ZTBjOTRhNDY0Zjk1NzZkMzU1MGMxYWJiYTZkYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmetr2Ww2u19gWH5gZdYibZOCvBoM
QUOC858mNBR6zvjrJgcOppjefkNF1XE+mCEuQnXN2ol/Ck5oIwBloc7vOeGZM+XZ
Oi0GqAC80Ysenpv3fo9PSCvhOqc78OdoG1A52HuhvHSNlayfOLxsulYGGt5di07B
u3dD4uJq99oXj8DiKKtkSWQmBjsdi2uzsqprd4SVB/IvPwHbir/YM1pNwrI5koA2
q/QI8uJbLGd5nYPE6Lo+Ux3UPWteKLblugQ6o5mBlfiPqdi20+ARBvDTR9E5HBR3
GVrZyIHjHngdH6dC4TFHiOXG9MqQWqhyiOH3hvCJFgys8/ASpXiOrPHyTQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBAYB+1o4MlKRk+VdtNVDBq7ptpwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUJnSDdXamd5VXBHVDVWMjAxVU1HcnVtMm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwvAwQA
wXx9AwQAwlclAwQAwleiAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQA1
LNrfGr4cvMFUBMlGFdfJXE/d2ufh0wfvIFH7TzvKQBAE2BR79vkcK+nrJBTqdV/T
oSAo9iaVyVJdKkfMwX5rMw25AtfjdRjHG1zyNeWKke6ydC/GUBuEEQaYRdfH4Y58
BymLt7aoO8miknomL7vZFRHdVHnBTfJGOlLQE+7OLs2q/41RhIAKFWTLkW1kDoiL
QLfptkzePXObYB9NEoCQbQMUo0rUEXkO/bmUVtr+PTvx2HBxp+G9cWRB2vQnsZ2A
z6s0viHX5ueQirT6J8KAcW8Xy28bFo5gGSx+msNKuS9ct4TK5eQuzKHmCZjRJRtP
s/iECJvq0SP6qX/3YlEL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org