Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FmhUx0Z0uzw1Hhoajx0q8u0bysY.roa
File: FmhUx0Z0uzw1Hhoajx0q8u0bysY.roa (raw, json)
Hash identifier: spvVAZNUehZKf0dZIkfyKfoYpnN6bHJn/zNNtfc9gBg=
Subject key identifier: 16:68:54:C7:46:74:BB:3C:35:1E:1A:1A:8F:1D:2A:F2:ED:1B:CA:C6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01896D3F5FB6E0C8CE06B1E742D00493999F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FmhUx0Z0uzw1Hhoajx0q8u0bysY.roa
Signing time: Wed 19 Jul 2023 08:23:37 +0000
ROA not before: Wed 19 Jul 2023 08:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206216
IP address blocks: 194.87.169.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:3f:5f:b6:e0:c8:ce:06:b1:e7:42:d0:04:93:99:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 19 08:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=166854c74674bb3c351e1a1a8f1d2af2ed1bcac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:d4:fb:84:09:79:c1:fc:04:3e:30:74:57:
06:ba:f5:1e:42:00:de:b0:ca:71:07:fd:f9:e1:a3:
2e:2a:88:8f:b2:b9:80:5d:74:c8:c7:d3:f9:4d:81:
d1:1f:16:5d:1d:4f:b7:40:58:d1:f3:b5:ac:cd:d4:
2e:b1:eb:a4:79:5c:e0:cf:76:2a:8c:89:52:e0:a2:
7f:16:21:32:d8:fc:59:5b:4a:ef:d9:a4:92:20:b2:
c9:d3:71:54:06:5a:fe:5c:b1:7b:41:e9:a6:e4:af:
65:24:59:58:a9:cc:05:05:f7:84:7c:e4:a2:00:21:
05:3f:93:c9:9a:c8:77:bc:b3:6c:0b:72:be:e4:e4:
6c:56:8b:11:d7:ee:1f:a8:49:a3:03:e1:cf:25:b5:
42:82:c1:19:cc:d1:7c:8b:5c:be:30:18:0b:60:8d:
a4:0c:90:77:2a:39:18:27:88:18:f9:3e:6c:d9:cd:
28:e2:29:a2:1a:b1:4b:9f:d4:68:d8:96:c3:e3:c2:
86:e7:c3:9d:f3:a4:5f:87:6f:e1:e0:02:5c:bb:f6:
3c:96:7c:7f:f1:d6:73:d1:ad:46:ef:ba:c6:c9:72:
56:29:26:2f:41:d7:24:bd:ad:54:0b:c9:68:2a:ba:
9f:9a:5b:b1:52:d2:de:19:51:3f:fb:8a:d0:4e:1a:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:68:54:C7:46:74:BB:3C:35:1E:1A:1A:8F:1D:2A:F2:ED:1B:CA:C6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FmhUx0Z0uzw1Hhoajx0q8u0bysY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.87.169.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:85:4e:93:bf:76:81:86:e4:ee:56:1e:ab:5e:d9:f8:f5:4c:
a2:33:c3:bb:6d:65:d9:77:81:f7:82:9f:63:c4:ab:ca:27:71:
04:7f:a5:21:3b:76:25:28:a8:b0:ab:c7:e0:32:9f:f5:4b:17:
66:dd:cd:ad:cf:b6:2e:73:e4:ab:77:ef:6a:02:4c:db:ce:c1:
d7:f7:07:cd:89:05:28:43:f5:9b:e1:15:c7:cd:5e:86:40:05:
6d:5f:e9:8c:2c:af:84:49:30:1b:4e:1c:d6:fe:2f:38:50:3f:
bd:b2:4b:b3:c8:68:20:7e:2e:15:a8:44:59:b3:04:11:9b:c8:
1f:8b:aa:5a:61:28:a5:fb:31:db:22:1f:6c:97:f9:4c:45:2f:
b1:4c:a3:21:a4:e3:52:8f:61:98:37:78:1b:0c:2b:ce:a5:4e:
f9:4b:28:f7:5d:84:a0:d3:24:07:fc:f2:a4:5e:67:4d:4d:09:
c0:25:79:9c:5c:c8:19:af:f7:ef:c0:6e:27:f6:51:94:1e:c0:
e7:13:23:21:c1:e1:12:8e:f9:57:c4:17:da:eb:5e:fe:93:97:
fa:c9:81:e0:7f:77:2f:02:c9:01:f2:bb:f3:bc:e9:f5:d5:27:
ac:80:63:0b:f7:00:79:a4:23:56:ad:19:b2:e6:9f:c4:05:ed:
58:f3:3b:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYltP1+24MjOBrHnQtAEk5mfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE5MDgyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjY4NTRjNzQ2NzRiYjNjMzUxZTFhMWE4ZjFkMmFmMmVkMWJjYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPnU+4QJecH8BD4wdFcGuvUeQgDe
sMpxB/354aMuKoiPsrmAXXTIx9P5TYHRHxZdHU+3QFjR87WszdQuseukeVzgz3Yq
jIlS4KJ/FiEy2PxZW0rv2aSSILLJ03FUBlr+XLF7Qemm5K9lJFlYqcwFBfeEfOSi
ACEFP5PJmsh3vLNsC3K+5ORsVosR1+4fqEmjA+HPJbVCgsEZzNF8i1y+MBgLYI2k
DJB3KjkYJ4gY+T5s2c0o4imiGrFLn9Ro2JbD48KG58Od86Rfh2/h4AJcu/Y8lnx/
8dZz0a1G77rGyXJWKSYvQdckva1UC8loKrqfmluxUtLeGVE/+4rQThoyMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBZoVMdGdLs8NR4aGo8dKvLtG8rGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRm1oVXgwWjB1encxSGhvYWp4MHE4dTBieXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzLAwQA
wlepAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQCPhU6Tv3aBhuTuVh6rXtn49Uyi
M8O7bWXZd4H3gp9jxKvKJ3EEf6UhO3YlKKiwq8fgMp/1Sxdm3c2tz7Yuc+Srd+9q
AkzbzsHX9wfNiQUoQ/Wb4RXHzV6GQAVtX+mMLK+ESTAbThzW/i84UD+9skuzyGgg
fi4VqERZswQRm8gfi6paYSil+zHbIh9sl/lMRS+xTKMhpONSj2GYN3gbDCvOpU75
Syj3XYSg0yQH/PKkXmdNTQnAJXmcXMgZr/fvwG4n9lGUHsDnEyMhweESjvlXxBfa
617+k5f6yYHgf3cvAskB8rvzvOn11SesgGML9wB5pCNWrRmy5p/EBe1Y8zvm
-----END CERTIFICATE-----
Generated at Wed Sep 6 06:36:04 2023 by rpki-client on console-ams.rpki-client.org