Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G7tUoC3rK9lVIKhf2oVq0G9b1BA.roa
File: G7tUoC3rK9lVIKhf2oVq0G9b1BA.roa (raw, json)
Hash identifier: JoU1HfNMocwIYNPEVhsYbuEoGKMKcpCNEIqpdSWmG1s=
Subject key identifier: 1B:BB:54:A0:2D:EB:2B:D9:55:20:A8:5F:DA:85:6A:D0:6F:5B:D4:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A0344A8FA0ACAA71F13EEC6BF86AFDCD8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G7tUoC3rK9lVIKhf2oVq0G9b1BA.roa
Signing time: Thu 17 Aug 2023 11:32:25 +0000
ROA not before: Thu 17 Aug 2023 11:32:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.18.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:44:a8:fa:0a:ca:a7:1f:13:ee:c6:bf:86:af:dc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 17 11:32:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bbb54a02deb2bd95520a85fda856ad06f5bd410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:ba:77:be:56:a4:6b:df:18:31:df:79:fc:
18:66:a0:b5:48:2e:0b:6b:94:a5:ab:86:f0:be:32:
07:72:c4:7a:0b:f3:ce:94:ce:53:21:84:cc:f2:4a:
31:93:57:2d:d6:d2:73:1b:9a:95:ca:ac:be:04:b5:
c0:53:bb:32:b8:0a:dc:23:99:f7:52:9d:1b:40:3b:
8d:05:f0:27:fa:62:bf:38:f5:85:49:e9:92:ee:60:
4f:6d:c7:e2:aa:e5:8d:88:df:38:23:2f:0c:c4:6e:
0a:77:ee:44:d4:42:86:8e:af:d9:7f:65:c9:e8:37:
af:9a:58:ea:8e:9b:01:3a:3f:95:5b:dd:c3:6a:a9:
fb:89:18:77:fe:82:f1:e6:57:6e:46:a6:19:fb:c4:
c9:bc:bc:f1:63:66:9a:83:25:ef:ed:b2:16:29:88:
9d:59:66:1f:07:d1:b1:ba:a7:dc:06:b9:72:cf:75:
7a:ff:9f:d8:bc:d4:16:67:5a:77:42:c0:1f:27:49:
53:66:17:e2:33:7b:55:a7:08:34:fb:21:7a:54:fa:
35:5b:8e:05:5a:82:c3:1d:08:3e:ee:7f:3c:f0:b1:
18:19:b4:e9:54:7c:8a:b3:3f:b5:0f:cb:45:1f:60:
2c:de:a0:58:ab:f1:60:7a:bf:b1:ac:35:d4:75:c6:
b1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BB:54:A0:2D:EB:2B:D9:55:20:A8:5F:DA:85:6A:D0:6F:5B:D4:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G7tUoC3rK9lVIKhf2oVq0G9b1BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.87.18.0/24
194.87.170.0/24
Signature Algorithm: sha256WithRSAEncryption
86:dd:aa:11:86:9a:9d:6f:e9:bd:d5:55:a6:24:17:9d:25:ce:
ac:15:94:de:3a:e7:9f:d2:3f:3f:7b:cf:08:8b:78:a9:72:ee:
04:6f:27:25:d5:84:18:8b:50:8a:71:44:1a:fb:16:cc:fe:83:
2b:fd:68:07:11:bd:28:60:db:61:b9:63:f5:80:d9:a9:37:1c:
00:46:32:85:b8:b1:b6:1c:e8:d7:72:9f:40:18:7a:db:81:ed:
98:5d:65:ac:2a:74:67:bb:a7:9c:a8:89:8e:8d:ed:70:2d:35:
e6:ca:ef:62:fb:66:1c:41:76:7b:d3:93:cf:3f:1b:f3:ec:d1:
8e:bf:a0:38:44:f9:2c:65:3a:84:b2:77:b2:f8:c8:72:bc:83:
38:e2:f5:0f:88:2d:b3:e9:b5:8f:72:a0:0e:f3:3e:5c:13:26:
b0:0d:3e:d8:90:e3:41:60:db:8e:1c:ee:9c:62:a3:9d:d1:be:
26:45:bb:b7:32:b7:99:a8:10:fe:21:29:1a:f5:3f:7d:39:be:
23:75:05:19:cf:f8:b0:e0:de:69:95:ed:f5:e8:0c:eb:7b:28:
48:e5:2b:1d:41:41:98:41:b2:c6:53:0e:62:46:22:47:db:81:
a8:80:3c:16:69:86:9b:bf:21:a5:53:14:80:20:bd:47:d9:f7:
dc:78:20:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoDRKj6CsqnHxPuxr+Gr9zYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE3MTEzMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJiNTRhMDJkZWIyYmQ5NTUyMGE4NWZkYTg1NmFkMDZmNWJkNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylG6d75WpGvfGDHfefwYZqC1SC4L
a5Slq4bwvjIHcsR6C/POlM5TIYTM8koxk1ct1tJzG5qVyqy+BLXAU7syuArcI5n3
Up0bQDuNBfAn+mK/OPWFSemS7mBPbcfiquWNiN84Iy8MxG4Kd+5E1EKGjq/Zf2XJ
6DevmljqjpsBOj+VW93Daqn7iRh3/oLx5lduRqYZ+8TJvLzxY2aagyXv7bIWKYid
WWYfB9GxuqfcBrlyz3V6/5/YvNQWZ1p3QsAfJ0lTZhfiM3tVpwg0+yF6VPo1W44F
WoLDHQg+7n888LEYGbTpVHyKsz+1D8tFH2As3qBYq/Fger+xrDXUdcaxZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBu7VKAt6yvZVSCoX9qFatBvW9QQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzd0VW9DM3JLOWxWSUtoZjJvVnEwRzliMUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzNAwQA
wlcSAwQAwleqMA0GCSqGSIb3DQEBCwUAA4IBAQCG3aoRhpqdb+m91VWmJBedJc6s
FZTeOuef0j8/e88Ii3ipcu4Ebycl1YQYi1CKcUQa+xbM/oMr/WgHEb0oYNthuWP1
gNmpNxwARjKFuLG2HOjXcp9AGHrbge2YXWWsKnRnu6ecqImOje1wLTXmyu9i+2Yc
QXZ705PPPxvz7NGOv6A4RPksZTqEsney+MhyvIM44vUPiC2z6bWPcqAO8z5cEyaw
DT7YkONBYNuOHO6cYqOd0b4mRbu3MreZqBD+ISka9T99Ob4jdQUZz/iw4N5ple31
6AzreyhI5SsdQUGYQbLGUw5iRiJH24GogDwWaYabvyGlUxSAIL1H2ffceCA6
-----END CERTIFICATE-----
Generated at Tue Aug 22 10:18:04 2023 by rpki-client on console-ams.rpki-client.org