Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FdfNh4qfaXjEhbwc7bLpSg8JYac.roa
File: FdfNh4qfaXjEhbwc7bLpSg8JYac.roa (raw, json)
Hash identifier: bVcdGzDQ7hgVRLWDz88vNo6h1jpzHPt5mYth9x/+OhM=
Subject key identifier: 15:D7:CD:87:8A:9F:69:78:C4:85:BC:1C:ED:B2:E9:4A:0F:09:61:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875241C43D3104BDC64CFB574B7022D550
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FdfNh4qfaXjEhbwc7bLpSg8JYac.roa
Signing time: Wed 05 Apr 2023 16:30:54 +0000
ROA not before: Wed 05 Apr 2023 16:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.151.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:41:c4:3d:31:04:bd:c6:4c:fb:57:4b:70:22:d5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15d7cd878a9f6978c485bc1cedb2e94a0f0961a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:e7:b4:39:81:e9:74:3b:10:04:ad:b0:ba:
4b:91:c3:42:40:55:e4:18:ad:46:2a:40:72:e0:4c:
bb:d2:bb:91:1d:e6:1d:f1:de:a0:1a:d6:14:72:f3:
42:85:1d:6e:65:85:e8:5e:65:1d:48:17:32:33:2a:
87:f6:77:fc:87:59:53:3a:f1:e6:ac:a7:c1:b9:a8:
cf:88:1d:f0:97:91:8f:2d:ec:41:98:bf:d7:35:f5:
ce:8c:99:99:61:cb:e4:01:73:54:17:6f:9f:00:ea:
5b:d2:fe:87:b3:87:99:7b:c4:cb:ef:fe:79:74:69:
dc:db:07:cc:79:7d:99:d8:3a:89:5b:ef:c0:62:f2:
70:25:0f:17:e3:bb:72:ba:70:a4:4c:45:4a:f3:80:
f6:fb:c3:5b:2f:5b:db:d6:aa:37:5c:f8:f1:6c:94:
ab:d7:e9:7f:d5:dd:b3:7b:77:eb:00:9b:27:bd:c9:
d5:98:6e:04:3a:53:7c:15:e8:8a:57:e3:69:bb:b3:
0d:94:9d:b5:7b:70:6d:e5:7d:74:e3:b4:16:8d:1d:
33:f5:21:71:52:7b:d8:7d:02:6e:db:de:7b:5d:c4:
dc:dd:93:a2:00:3f:37:d1:be:82:39:45:95:f7:5f:
6b:25:9b:a5:34:9b:03:37:a8:03:b1:af:11:d7:83:
c0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D7:CD:87:8A:9F:69:78:C4:85:BC:1C:ED:B2:E9:4A:0F:09:61:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FdfNh4qfaXjEhbwc7bLpSg8JYac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
194.87.151.0/24
195.133.18.0/24
212.192.241.0-212.192.242.255
Signature Algorithm: sha256WithRSAEncryption
41:0a:60:22:ab:79:cf:e2:13:2c:d2:04:49:25:19:9c:63:16:
b0:6c:97:8b:07:91:63:41:45:f5:45:d3:b6:d9:9b:20:c7:65:
3c:59:4e:70:98:9c:e7:3d:c3:fc:c3:6a:b7:f2:ae:9a:9c:53:
c2:ef:4f:ba:00:46:22:b7:0d:62:a6:eb:d5:1a:06:ce:8a:56:
93:88:66:fe:ca:f9:2f:fd:09:d6:dc:1f:bb:45:5b:9a:23:dc:
90:57:48:17:4c:0e:3a:77:94:ac:34:c5:0a:73:7f:8e:f4:a5:
64:01:d4:60:82:b4:00:65:e4:95:5c:90:cd:3f:81:5f:78:06:
39:82:82:09:5a:4f:f1:b7:32:a2:fa:f0:f8:5e:68:e1:62:22:
bc:b8:e2:5a:5a:b9:8f:c0:43:c6:c8:43:70:68:55:fc:d3:10:
c1:2a:84:cf:31:64:de:41:2b:19:1c:81:21:f1:d7:54:c8:60:
e9:10:96:6a:4d:e6:01:39:a4:c0:6d:64:a0:9a:33:9d:59:23:
a1:98:06:53:70:14:fb:3b:ec:f4:3c:ba:4c:31:41:5e:06:c3:
1c:3c:d3:94:2f:ac:f6:48:ad:0a:68:63:d4:9f:c7:9e:d5:d8:
b7:4e:57:1e:d0:1f:80:d2:cc:73:68:5f:14:7a:a8:25:e7:86:
54:ab:e8:c5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdSQcQ9MQS9xkz7V0twItVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTYzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWQ3Y2Q4NzhhOWY2OTc4YzQ4NWJjMWNlZGIyZTk0YTBmMDk2MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhjntDmB6XQ7EAStsLpLkcNCQFXk
GK1GKkBy4Ey70ruRHeYd8d6gGtYUcvNChR1uZYXoXmUdSBcyMyqH9nf8h1lTOvHm
rKfBuajPiB3wl5GPLexBmL/XNfXOjJmZYcvkAXNUF2+fAOpb0v6Hs4eZe8TL7/55
dGnc2wfMeX2Z2DqJW+/AYvJwJQ8X47tyunCkTEVK84D2+8NbL1vb1qo3XPjxbJSr
1+l/1d2ze3frAJsnvcnVmG4EOlN8FeiKV+Npu7MNlJ21e3Bt5X1047QWjR0z9SFx
UnvYfQJu2957XcTc3ZOiAD830b6COUWV919rJZulNJsDN6gDsa8R14PAHQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBXXzYeKn2l4xIW8HO2y6UoPCWGnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRmRmTmg0cWZhWGpFaGJ3YzdiTHBTZzhKWWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCwldUAwQA
wleXAwQAw4USMAwDBADUwPEDBADUwPIwDQYJKoZIhvcNAQELBQADggEBAEEKYCKr
ec/iEyzSBEklGZxjFrBsl4sHkWNBRfVF07bZmyDHZTxZTnCYnOc9w/zDarfyrpqc
U8LvT7oARiK3DWKm69UaBs6KVpOIZv7K+S/9CdbcH7tFW5oj3JBXSBdMDjp3lKw0
xQpzf470pWQB1GCCtABl5JVckM0/gV94BjmCgglaT/G3MqL68PheaOFiIry44lpa
uY/AQ8bIQ3BoVfzTEMEqhM8xZN5BKxkcgSHx11TIYOkQlmpN5gE5pMBtZKCaM51Z
I6GYBlNwFPs77PQ8ukwxQV4Gwxw805QvrPZIrQpoY9Sfx57V2LdOVx7QH4DSzHNo
XxR6qCXnhlSr6MU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org