Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EgqUwhdyL8PCUeIQPiNMtJFqib8.roa
File: EgqUwhdyL8PCUeIQPiNMtJFqib8.roa (raw, json)
Hash identifier: D4kbBpPZ2Uaf5e6uNpB8Zk+bgf8knqn56V2apyj1iH8=
Subject key identifier: 12:0A:94:C2:17:72:2F:C3:C2:51:E2:10:3E:23:4C:B4:91:6A:89:BF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185B49651F540E1BF67E58B479E374782BE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EgqUwhdyL8PCUeIQPiNMtJFqib8.roa
Signing time: Sun 15 Jan 2023 08:40:28 +0000
ROA not before: Sun 15 Jan 2023 08:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400536
IP address blocks: 194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b4:96:51:f5:40:e1:bf:67:e5:8b:47:9e:37:47:82:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 15 08:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=120a94c217722fc3c251e2103e234cb4916a89bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:8d:a8:c0:22:79:13:bf:b1:e0:da:a7:dc:
38:22:b6:27:a5:11:ca:d9:68:73:3c:f6:63:8d:ee:
1a:78:b3:52:d4:39:43:bf:5f:e2:db:6c:e9:6c:3c:
f8:8d:b5:e7:6e:af:15:a5:68:64:8b:42:e8:c9:64:
c6:3e:5d:c1:e6:3d:59:97:70:6d:16:24:d4:dc:8f:
36:a2:f9:50:83:a8:68:d4:e6:68:34:4b:41:af:db:
ee:da:33:7d:79:64:51:b8:74:b2:1e:89:1b:04:6d:
8b:d0:95:c9:0c:35:1a:72:f1:81:2f:c1:02:1d:ae:
97:73:92:e8:02:91:ce:dd:96:86:b6:e9:9e:6e:bc:
df:76:c1:bd:3f:9f:aa:1c:40:1d:7a:44:ad:40:ee:
4e:c8:31:43:a6:17:e7:85:33:7c:67:7c:8f:e1:99:
7a:24:87:4a:43:18:5a:26:59:07:51:94:df:b6:69:
02:1a:86:77:c6:6e:ae:f9:7d:9d:ec:b0:be:33:b9:
6d:bc:6e:f2:22:9b:dd:cc:d6:c1:ff:92:69:d8:28:
da:fe:bb:98:38:f3:32:23:2d:dd:43:8d:3d:05:d3:
e9:cb:05:e1:cb:25:b5:fa:94:fa:95:31:f6:7d:48:
7b:fa:41:67:bc:70:07:15:87:9a:36:00:76:b5:3c:
b2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0A:94:C2:17:72:2F:C3:C2:51:E2:10:3E:23:4C:B4:91:6A:89:BF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EgqUwhdyL8PCUeIQPiNMtJFqib8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.223.0/24
194.87.38.0/24
194.87.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:22:7b:a8:c9:48:a3:66:2a:b1:19:c6:44:14:45:84:64:ef:
9c:07:03:13:2d:14:8e:da:81:e6:3b:21:75:af:ac:16:eb:75:
03:35:24:d9:f5:63:8b:2d:6b:b9:ac:1e:72:67:f3:77:0d:e3:
4b:b8:c3:e9:27:3b:d0:8d:0e:82:9b:e2:5f:97:2c:a8:33:a4:
61:b3:2d:52:16:e2:a9:0e:00:05:17:31:ac:67:df:bc:fb:8a:
4c:65:5e:90:9f:c5:9c:2f:92:ac:1e:02:3a:71:26:9a:1c:f0:
82:c1:46:cf:6b:79:f6:47:d6:72:b3:a4:de:58:b7:40:54:37:
7a:32:ef:cf:10:c9:52:82:48:95:ff:9a:d5:3b:4f:0f:fd:20:
1d:d4:f4:34:47:3a:6b:1c:bf:8f:9b:d2:89:10:bc:07:e7:17:
67:16:2f:bd:99:53:51:b0:1b:10:bb:70:ea:ba:c8:87:3f:e4:
e5:f0:0e:cc:e8:02:f0:8c:9a:59:62:f4:62:ee:67:16:20:37:
2e:8b:f8:85:b5:43:e7:52:37:05:aa:08:b8:bc:79:32:08:dd:
ed:48:13:60:ef:e2:30:46:8b:c3:48:36:12:98:9d:fd:5e:1f:
af:10:7f:0c:c1:ff:4b:cc:fb:d6:0c:5b:e6:b1:ec:5a:5b:da:
bb:7d:0b:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYW0llH1QOG/Z+WLR543R4K+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE1MDg0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjBhOTRjMjE3NzIyZmMzYzI1MWUyMTAzZTIzNGNiNDkxNmE4OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMqNqMAieRO/seDap9w4IrYnpRHK
2WhzPPZjje4aeLNS1DlDv1/i22zpbDz4jbXnbq8VpWhki0LoyWTGPl3B5j1Zl3Bt
FiTU3I82ovlQg6ho1OZoNEtBr9vu2jN9eWRRuHSyHokbBG2L0JXJDDUacvGBL8EC
Ha6Xc5LoApHO3ZaGtumebrzfdsG9P5+qHEAdekStQO5OyDFDphfnhTN8Z3yP4Zl6
JIdKQxhaJlkHUZTftmkCGoZ3xm6u+X2d7LC+M7ltvG7yIpvdzNbB/5Jp2Cja/ruY
OPMyIy3dQ409BdPpywXhyyW1+pT6lTH2fUh7+kFnvHAHFYeaNgB2tTyyWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBIKlMIXci/DwlHiED4jTLSRaom/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRWdxVXdoZHlMOFBDVWVJUVBpTk10SkZxaWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjrfAwQA
wlcmAwQAwld7MA0GCSqGSIb3DQEBCwUAA4IBAQAuInuoyUijZiqxGcZEFEWEZO+c
BwMTLRSO2oHmOyF1r6wW63UDNSTZ9WOLLWu5rB5yZ/N3DeNLuMPpJzvQjQ6Cm+Jf
lyyoM6Rhsy1SFuKpDgAFFzGsZ9+8+4pMZV6Qn8WcL5KsHgI6cSaaHPCCwUbPa3n2
R9Zys6TeWLdAVDd6Mu/PEMlSgkiV/5rVO08P/SAd1PQ0RzprHL+Pm9KJELwH5xdn
Fi+9mVNRsBsQu3DqusiHP+Tl8A7M6ALwjJpZYvRi7mcWIDcui/iFtUPnUjcFqgi4
vHkyCN3tSBNg7+IwRovDSDYSmJ39Xh+vEH8Mwf9LzPvWDFvmsexaW9q7fQvb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org