Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ea1vQvqynPczw9l6mjRrj12ZcRo.roa
File: Ea1vQvqynPczw9l6mjRrj12ZcRo.roa (raw, json)
Hash identifier: skLcsfafDFbb/+q4m1rub3W6A7K264+NICX06c1DtYM=
Subject key identifier: 11:AD:6F:42:FA:B2:9C:F7:33:C3:D9:7A:9A:34:6B:8F:5D:99:71:1A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189436D6F7A69B1E8951FD2D47D2521DA16
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ea1vQvqynPczw9l6mjRrj12ZcRo.roa
Signing time: Tue 11 Jul 2023 05:29:52 +0000
ROA not before: Tue 11 Jul 2023 05:29:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 212.192.208.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:6d:6f:7a:69:b1:e8:95:1f:d2:d4:7d:25:21:da:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 05:29:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11ad6f42fab29cf733c3d97a9a346b8f5d99711a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:07:0e:55:42:5e:8d:b7:dc:a6:52:90:14:32:
0e:c3:0d:9d:b9:8b:68:e8:91:42:ba:79:4e:eb:77:
2d:8a:9d:cb:f5:d8:25:e9:7e:d6:0a:84:9b:cd:dc:
a2:14:a3:e6:13:f5:da:c5:b0:2a:b4:88:ca:7e:3d:
73:9f:b7:36:cb:96:60:e3:07:5c:87:d5:4f:15:08:
ec:28:f6:d2:d4:ce:39:34:e7:10:27:91:78:cc:12:
a6:81:49:03:5a:47:1c:d3:9c:a2:5d:02:68:c7:89:
c8:fc:40:8c:14:00:34:21:8d:7b:11:7b:60:2c:b1:
ba:47:d2:63:91:5c:50:14:63:bf:ac:11:59:a0:0d:
be:16:97:ee:bb:6d:ab:f5:8a:ca:20:69:4e:8c:51:
ac:6b:10:0d:74:5d:68:d1:09:05:bd:80:15:3e:11:
63:63:62:b6:08:48:11:c9:de:a8:b4:d5:b9:c8:b2:
3f:aa:bf:39:d5:f9:35:f4:0c:e3:c6:8d:76:c8:93:
c1:b6:75:d8:62:01:d7:d4:01:70:ff:22:b3:79:f3:
1e:0e:1b:94:c3:1d:06:8b:3f:3b:f2:69:25:f0:40:
3c:9c:b7:f5:bf:9c:b4:65:03:f4:3b:85:aa:93:2c:
e0:80:51:27:0d:52:74:9a:c1:4b:0c:92:e9:2e:f8:
26:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AD:6F:42:FA:B2:9C:F7:33:C3:D9:7A:9A:34:6B:8F:5D:99:71:1A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ea1vQvqynPczw9l6mjRrj12ZcRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.190.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
54:93:d4:f0:e7:15:02:fb:d5:02:7f:7a:75:9e:ff:8a:d7:60:
35:f6:ba:7e:ce:a1:1f:ee:1c:ae:fd:f8:04:28:f3:e7:aa:62:
e2:fd:25:6a:c3:17:d6:74:92:5a:2b:c2:9f:36:3b:e2:c3:7f:
dd:b0:a7:e8:26:31:cf:5a:c0:c7:30:78:58:8e:7c:f9:22:01:
4f:19:f6:e8:cb:f0:69:0d:81:f9:3a:8a:d4:e3:29:23:55:60:
68:db:c2:59:78:40:55:9d:1f:0e:25:ee:a8:6a:76:4a:4f:5a:
cd:34:f0:bf:20:11:5f:e3:a5:62:8b:90:a2:81:64:97:16:50:
f2:9c:cd:98:c3:63:29:df:4b:2b:ee:f6:e9:10:a3:cb:ac:06:
5a:32:ea:98:ea:15:6a:19:ee:82:9a:86:62:a9:cb:4d:46:a7:
e1:89:e9:7e:3a:c9:a6:aa:6e:25:20:6c:63:ea:40:ae:be:78:
79:3c:c6:05:2c:7f:c1:82:fe:57:07:87:ec:55:8c:83:a9:4c:
df:c2:1c:f9:29:1a:52:a5:25:f5:62:9c:29:80:43:c3:80:8a:
50:3c:a7:e0:6b:a8:00:8d:20:7c:ab:30:9f:05:eb:03:5c:07:
98:14:fe:34:a9:12:3a:b4:8f:12:5b:9e:55:6f:2c:38:a0:fe:
13:34:e6:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlDbW96abHolR/S1H0lIdoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMDUyOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWFkNmY0MmZhYjI5Y2Y3MzNjM2Q5N2E5YTM0NmI4ZjVkOTk3MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgcOVUJejbfcplKQFDIOww2duYto
6JFCunlO63ctip3L9dgl6X7WCoSbzdyiFKPmE/XaxbAqtIjKfj1zn7c2y5Zg4wdc
h9VPFQjsKPbS1M45NOcQJ5F4zBKmgUkDWkcc05yiXQJox4nI/ECMFAA0IY17EXtg
LLG6R9JjkVxQFGO/rBFZoA2+Fpfuu22r9YrKIGlOjFGsaxANdF1o0QkFvYAVPhFj
Y2K2CEgRyd6otNW5yLI/qr851fk19Azjxo12yJPBtnXYYgHX1AFw/yKzefMeDhuU
wx0Giz878mkl8EA8nLf1v5y0ZQP0O4WqkyzggFEnDVJ0msFLDJLpLvgmwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBGtb0L6spz3M8PZepo0a49dmXEaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRWExdlF2cXluUGN6dzlsNm1qUnJqMTJaY1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy+AwQA
1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQBUk9Tw5xUC+9UCf3p1nv+K12A19rp+zqEf
7hyu/fgEKPPnqmLi/SVqwxfWdJJaK8KfNjviw3/dsKfoJjHPWsDHMHhYjnz5IgFP
Gfboy/BpDYH5OorU4ykjVWBo28JZeEBVnR8OJe6oanZKT1rNNPC/IBFf46Vii5Ci
gWSXFlDynM2Yw2Mp30sr7vbpEKPLrAZaMuqY6hVqGe6CmoZiqctNRqfhiel+Osmm
qm4lIGxj6kCuvnh5PMYFLH/Bgv5XB4fsVYyDqUzfwhz5KRpSpSX1YpwpgEPDgIpQ
PKfga6gAjSB8qzCfBesDXAeYFP40qRI6tI8SW55Vbyw4oP4TNOYR
-----END CERTIFICATE-----
Generated at Thu Jul 27 16:18:55 2023 by rpki-client on console-fra.rpki-client.org