Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G-lmGGPifSO3DFwiGf74ffUCqUg.roa
File: G-lmGGPifSO3DFwiGf74ffUCqUg.roa (raw, json)
Hash identifier: 8Sh1LPNLQzNFcLxZ07zdfPBlY0W73E+TYOcoEFT7AI8=
Subject key identifier: 1B:E9:66:18:63:E2:7D:23:B7:0C:5C:22:19:FE:F8:7D:F5:02:A9:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188B82DB6B675BA552E86CA031DDBAD0A1E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G-lmGGPifSO3DFwiGf74ffUCqUg.roa
Signing time: Wed 14 Jun 2023 04:33:03 +0000
ROA not before: Wed 14 Jun 2023 04:33:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41944
IP address blocks: 195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:2d:b6:b6:75:ba:55:2e:86:ca:03:1d:db:ad:0a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 14 04:33:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be9661863e27d23b70c5c2219fef87df502a948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9b:21:94:2b:87:ec:9a:de:ee:c2:5c:4c:e8:
9d:a7:2d:7b:ce:91:ed:b1:2d:ed:e1:68:c2:2c:24:
f4:8d:45:7a:f8:bf:93:56:f7:7a:2e:6c:df:9b:fa:
54:83:18:23:22:17:72:d7:a0:9f:4f:28:cb:ac:4d:
11:32:ec:81:72:1e:53:84:4e:a2:42:3b:62:3c:69:
8c:4f:68:86:8f:65:04:63:42:7c:d9:02:bb:02:39:
23:d1:98:74:b8:5c:5a:ee:23:f2:b7:b5:51:1d:70:
a6:d2:09:01:f3:36:a8:bb:50:e3:c9:86:fd:13:9a:
fe:49:a8:35:78:d9:35:89:f1:0e:ca:ef:f6:fb:80:
4d:a5:09:8b:46:d4:65:db:47:06:96:61:1f:92:7d:
7f:62:ae:c6:ff:bc:25:27:97:22:bc:dc:f7:23:d4:
61:45:ee:1a:ec:b5:46:f8:97:eb:fa:68:73:97:fc:
13:6b:ce:d7:56:b3:f0:bb:e5:b8:c9:20:88:33:2f:
c6:1b:a3:c6:62:7a:b5:23:c2:45:6b:32:44:ee:28:
dc:f1:09:1e:17:95:27:42:eb:bf:51:ee:d3:19:27:
10:f7:ff:9b:38:88:5a:cd:6f:b8:63:03:f1:85:1a:
53:c3:6f:03:1b:43:c5:6a:bb:2f:5d:da:5f:7f:8a:
c8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E9:66:18:63:E2:7D:23:B7:0C:5C:22:19:FE:F8:7D:F5:02:A9:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G-lmGGPifSO3DFwiGf74ffUCqUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.58.43.0/24
195.133.12.0/24
195.133.94.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:98:06:8d:fa:51:f2:e0:95:53:22:83:a3:4b:b2:a1:5c:e6:
b9:a3:df:7a:5f:95:02:b5:68:d1:62:ff:89:41:16:3f:1f:e9:
33:bc:ef:29:a3:86:e3:4b:e9:ba:21:86:48:90:a9:79:a3:ac:
a1:fb:9f:ca:c7:47:0b:50:20:02:fa:f3:d2:8a:ce:51:98:ea:
64:59:6e:58:a0:de:45:ae:64:a3:58:74:ec:18:64:cc:76:2c:
45:f3:24:43:74:82:06:ac:01:68:60:03:2f:ad:36:54:58:40:
12:55:1f:32:20:24:5c:39:9a:f6:1b:60:86:18:49:fc:ba:b5:
6f:e0:6f:b0:ee:29:18:3e:7f:c6:2d:a4:11:58:c5:07:39:3f:
40:b6:cf:02:29:96:d0:10:48:06:51:50:6f:44:ba:d1:77:d7:
b6:36:54:dd:f8:f6:98:98:2a:2f:ee:32:ac:ec:25:3f:45:17:
89:da:a4:a7:29:23:89:72:2d:a3:d0:3c:61:98:f8:68:fd:9d:
4a:98:09:40:dc:a7:b5:97:11:a6:7e:34:41:20:57:d9:0f:99:
50:c8:2f:10:95:94:dc:e9:90:3c:9a:31:d8:55:23:7d:97:b7:
66:b0:fc:c4:d3:f8:72:39:be:ff:e2:4d:37:4b:6e:d4:71:c2:
62:e7:1b:28
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYi4Lba2dbpVLobKAx3brQoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE0MDQzMzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU5NjYxODYzZTI3ZDIzYjcwYzVjMjIxOWZlZjg3ZGY1MDJhOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5shlCuH7Jre7sJcTOidpy17zpHt
sS3t4WjCLCT0jUV6+L+TVvd6Lmzfm/pUgxgjIhdy16CfTyjLrE0RMuyBch5ThE6i
QjtiPGmMT2iGj2UEY0J82QK7Ajkj0Zh0uFxa7iPyt7VRHXCm0gkB8zaou1DjyYb9
E5r+Sag1eNk1ifEOyu/2+4BNpQmLRtRl20cGlmEfkn1/Yq7G/7wlJ5civNz3I9Rh
Re4a7LVG+Jfr+mhzl/wTa87XVrPwu+W4ySCIMy/GG6PGYnq1I8JFazJE7ijc8Qke
F5UnQuu/Ue7TGScQ9/+bOIhazW+4YwPxhRpTw28DG0PFarsvXdpff4rIaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBvpZhhj4n0jtwxcIhn++H31AqlIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRy1sbUdHUGlmU08zREZ3aUdmNzRmZlVDcVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzNAwQA
wjorAwQAw4UMAwQAw4VeAwQA1MAeMA0GCSqGSIb3DQEBCwUAA4IBAQCNmAaN+lHy
4JVTIoOjS7KhXOa5o996X5UCtWjRYv+JQRY/H+kzvO8po4bjS+m6IYZIkKl5o6yh
+5/Kx0cLUCAC+vPSis5RmOpkWW5YoN5FrmSjWHTsGGTMdixF8yRDdIIGrAFoYAMv
rTZUWEASVR8yICRcOZr2G2CGGEn8urVv4G+w7ikYPn/GLaQRWMUHOT9Ats8CKZbQ
EEgGUVBvRLrRd9e2NlTd+PaYmCov7jKs7CU/RReJ2qSnKSOJci2j0DxhmPho/Z1K
mAlA3Ke1lxGmfjRBIFfZD5lQyC8QlZTc6ZA8mjHYVSN9l7dmsPzE0/hyOb7/4k03
S27UccJi5xso
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:59 2023 by rpki-client on console-fra.rpki-client.org