Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EQhR5f5_QjtjpE7hzs5TPoxopKA.roa
File: EQhR5f5_QjtjpE7hzs5TPoxopKA.roa (raw, json)
Hash identifier: tVifJny0vniuEEFFkzHc7eS4CQFJCOHa19aFkyNBjgs=
Subject key identifier: 11:08:51:E5:FE:7F:42:3B:63:A4:4E:E1:CE:CE:53:3E:8C:68:A4:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018925759B12ACF559A2A5EA7DF0174BE5B3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EQhR5f5_QjtjpE7hzs5TPoxopKA.roa
Signing time: Wed 05 Jul 2023 09:50:11 +0000
ROA not before: Wed 05 Jul 2023 09:50:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 62.76.235.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:75:9b:12:ac:f5:59:a2:a5:ea:7d:f0:17:4b:e5:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 5 09:50:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=110851e5fe7f423b63a44ee1cece533e8c68a4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:17:e0:93:61:da:de:b7:6b:dc:ae:11:48:
71:8f:8a:ed:d8:8f:c6:f4:e6:fb:7c:31:da:70:72:
e2:9c:d1:d3:eb:87:e7:64:08:33:29:a7:1c:89:4a:
c7:42:3a:c1:ea:3f:ed:b3:7c:ea:06:a6:ef:12:95:
38:4d:1a:f7:da:94:09:49:a0:8c:b8:01:df:2f:87:
f3:13:33:c5:37:96:23:02:38:a6:63:7a:ba:4e:f5:
20:57:37:fb:25:62:68:a0:9c:40:19:fa:f9:cc:ec:
d5:e9:97:de:02:b7:6b:bd:94:a9:a3:25:be:fc:78:
58:67:4f:91:e2:3a:9c:a4:69:07:5c:1e:27:fc:9e:
51:2d:91:19:d4:c8:f2:34:ee:d2:65:73:c1:6e:ba:
78:4e:d8:ec:e3:fe:df:e9:09:71:3f:53:92:c7:5e:
16:9a:70:33:36:2b:9f:c9:ef:b3:07:2c:00:a2:32:
50:00:a9:4a:f7:19:0d:5e:b3:93:7d:9c:15:d4:6b:
ce:6a:c5:ac:4a:9d:79:df:29:af:07:89:0c:7d:09:
7a:ae:23:5e:43:1b:04:c4:99:4a:1b:e2:b0:b6:4e:
6d:75:21:e9:b2:1b:23:37:13:55:ac:24:59:78:e6:
ff:69:df:fd:02:1e:d8:42:4a:17:d9:b2:c4:51:d0:
95:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:08:51:E5:FE:7F:42:3B:63:A4:4E:E1:CE:CE:53:3E:8C:68:A4:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EQhR5f5_QjtjpE7hzs5TPoxopKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.49.0/24
194.87.53.0/24
194.87.243.0/24
194.135.23.0/24
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a9:e5:14:4f:ba:4f:73:42:0d:6f:67:cf:b3:ec:e9:cf:ec:
c7:78:1a:c9:d4:35:1b:a2:7d:a0:a7:a8:0b:2a:3c:3e:65:eb:
e1:ea:5f:1f:7c:b6:07:75:78:97:20:7b:fb:4b:05:73:c1:b8:
d5:5b:bd:c2:45:a2:1f:54:94:29:bc:0d:93:f8:6e:ac:61:5d:
33:e9:57:16:01:42:0a:53:2b:3b:d2:b7:5e:ca:e9:ee:1a:8d:
87:ca:19:22:24:2a:69:10:54:19:6e:e3:ca:b0:98:0d:eb:7c:
d1:ca:76:88:75:95:dd:da:cd:b1:c2:b0:9a:48:f1:a6:8e:0d:
09:f1:40:07:5b:5b:5e:7e:e2:8b:fe:9c:1e:6c:73:bf:ba:65:
6f:8c:75:e4:16:27:ae:66:83:89:a7:fe:19:ce:1e:c6:26:40:
db:f0:05:97:76:9f:6f:d3:6e:01:40:9a:63:64:ef:11:11:4a:
22:91:49:8d:08:58:e5:61:a2:49:bb:19:6b:45:a4:a2:95:4f:
b9:7e:4a:ec:b1:ac:ab:d4:c0:2f:46:73:26:1f:04:34:bd:db:
02:42:98:02:0a:fb:1d:f2:77:68:2d:a6:d0:8f:af:37:08:f2:
56:ca:e7:dc:71:bc:d7:bf:8b:da:da:8a:27:22:34:56:4b:93:
4e:66:5a:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkldZsSrPVZoqXqffAXS+WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA1MDk1MDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTA4NTFlNWZlN2Y0MjNiNjNhNDRlZTFjZWNlNTMzZThjNjhhNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7YX4JNh2t63a9yuEUhxj4rt2I/G
9Ob7fDHacHLinNHT64fnZAgzKacciUrHQjrB6j/ts3zqBqbvEpU4TRr32pQJSaCM
uAHfL4fzEzPFN5YjAjimY3q6TvUgVzf7JWJooJxAGfr5zOzV6ZfeArdrvZSpoyW+
/HhYZ0+R4jqcpGkHXB4n/J5RLZEZ1MjyNO7SZXPBbrp4Ttjs4/7f6QlxP1OSx14W
mnAzNiufye+zBywAojJQAKlK9xkNXrOTfZwV1GvOasWsSp153ymvB4kMfQl6riNe
QxsExJlKG+Kwtk5tdSHpshsjNxNVrCRZeOb/ad/9Ah7YQkoX2bLEUdCVYQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBEIUeX+f0I7Y6RO4c7OUz6MaKSgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRVFoUjVmNV9RanRqcEU3aHpzNVRQb3hvcEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzrAwQA
wXwxAwQAwlc1AwQAwlfzAwQAwocXAwQAw4UlMA0GCSqGSIb3DQEBCwUAA4IBAQA2
qeUUT7pPc0INb2fPs+zpz+zHeBrJ1DUbon2gp6gLKjw+Zevh6l8ffLYHdXiXIHv7
SwVzwbjVW73CRaIfVJQpvA2T+G6sYV0z6VcWAUIKUys70rdeyunuGo2HyhkiJCpp
EFQZbuPKsJgN63zRynaIdZXd2s2xwrCaSPGmjg0J8UAHW1tefuKL/pwebHO/umVv
jHXkFieuZoOJp/4Zzh7GJkDb8AWXdp9v024BQJpjZO8REUoikUmNCFjlYaJJuxlr
RaSilU+5fkrssayr1MAvRnMmHwQ0vdsCQpgCCvsd8ndoLabQj683CPJWyufccbzX
v4va2oonIjRWS5NOZlqO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org