Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H91-lteUbNz1QZ7zDysR-Dl0Fvc.roa
File: H91-lteUbNz1QZ7zDysR-Dl0Fvc.roa (raw, json)
Hash identifier: R0qFL7N0IsTupVo36raq1eQnCT/YSjk/d9KpVhaXqw4=
Subject key identifier: 1F:DD:7E:96:D7:94:6C:DC:F5:41:9E:F3:0F:2B:11:F8:39:74:16:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189F2CE149C1BDB48B2511D98C71835F7AD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H91-lteUbNz1QZ7zDysR-Dl0Fvc.roa
Signing time: Mon 14 Aug 2023 06:48:59 +0000
ROA not before: Mon 14 Aug 2023 06:48:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17941
IP address blocks: 194.87.104.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:ce:14:9c:1b:db:48:b2:51:1d:98:c7:18:35:f7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 14 06:48:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fdd7e96d7946cdcf5419ef30f2b11f8397416f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:c1:8f:38:40:71:0b:b1:11:90:54:03:8d:
ec:6b:e4:a9:62:35:61:bc:30:03:4c:bd:d4:49:60:
b8:da:4e:1b:fa:7f:78:fe:a3:bc:8c:7d:6b:ec:79:
a3:69:d5:cb:17:d8:bf:23:5e:3d:51:b5:0d:d9:38:
37:f8:ee:b3:a2:f1:88:ff:48:11:55:cd:e9:75:ff:
85:57:5b:5f:98:a0:48:51:54:d4:09:56:a7:bb:e4:
33:35:7d:c5:1c:7e:ed:64:d1:32:76:de:77:cd:96:
47:6e:6e:23:eb:c7:9f:b7:fc:58:56:ed:dc:3c:04:
73:e1:57:13:e1:92:38:de:f7:e1:f7:92:4e:61:3d:
3e:12:3b:8b:b7:34:64:e6:f2:2f:3c:cb:55:4e:5e:
ca:89:1e:10:1c:7c:f9:1f:e4:b0:b4:67:87:ed:3c:
b2:ea:43:74:cd:b0:02:09:86:33:ef:8c:d1:37:35:
d9:e9:9c:f7:eb:52:f4:13:ae:08:1e:d9:11:31:4f:
5e:8b:64:68:6b:e0:ad:9d:b1:ff:11:f6:02:83:84:
5d:9b:5b:23:02:91:46:71:d0:c7:6e:51:db:de:72:
bb:5b:f8:90:fc:6e:7b:71:4f:aa:6a:20:bb:9e:de:
f6:a1:8f:03:a9:ab:79:73:24:23:31:d1:23:20:85:
f5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DD:7E:96:D7:94:6C:DC:F5:41:9E:F3:0F:2B:11:F8:39:74:16:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/H91-lteUbNz1QZ7zDysR-Dl0Fvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.104.0/24
194.87.114.0/24
194.87.227.0/24
212.192.244.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:8f:e6:3a:cb:c4:4b:70:20:f5:b8:7b:8f:e0:6b:8f:ad:59:
09:52:c2:4c:1f:cc:dc:22:12:97:88:60:41:a8:4d:86:0d:c8:
2f:0c:81:4f:d6:5c:d1:6c:25:20:92:de:db:56:a4:7f:41:33:
01:c2:7f:d4:b8:ad:9d:d9:79:e6:c8:b8:c9:fb:b4:f2:79:01:
b5:12:fa:4c:a2:f7:dc:d8:83:8a:f3:7c:2c:cb:b3:fc:1b:7e:
c2:53:ae:43:87:ab:63:a7:ff:51:24:c6:47:ba:14:ef:91:c0:
aa:43:ef:bc:06:1a:af:59:4c:4e:eb:9d:0e:e4:e4:27:ff:08:
a8:22:f2:f7:4a:70:22:b0:53:e5:0a:e2:28:1d:52:d4:4c:8a:
1a:75:a5:e3:d9:cc:76:a5:60:6f:28:cd:72:cc:bb:1b:9a:8c:
3f:18:07:40:4d:46:7b:2d:77:3e:4a:c5:da:46:df:d2:9e:a5:
4d:9a:e6:26:d1:42:3c:fb:65:36:36:69:00:25:07:72:57:d0:
e9:a0:2d:d0:e2:c4:a9:e4:21:57:ad:f1:17:35:9a:cc:81:39:
d5:9d:65:2e:03:d5:f6:b4:ee:57:3d:31:27:60:3d:54:28:93:
8c:8e:c3:c6:22:34:58:97:6f:7f:90:67:a2:d6:da:4d:15:89:
a4:68:4f:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnyzhScG9tIslEdmMcYNfetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE0MDY0ODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRkN2U5NmQ3OTQ2Y2RjZjU0MTllZjMwZjJiMTFmODM5NzQxNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAzBjzhAcQuxEZBUA43sa+SpYjVh
vDADTL3USWC42k4b+n94/qO8jH1r7HmjadXLF9i/I149UbUN2Tg3+O6zovGI/0gR
Vc3pdf+FV1tfmKBIUVTUCVanu+QzNX3FHH7tZNEydt53zZZHbm4j68eft/xYVu3c
PARz4VcT4ZI43vfh95JOYT0+EjuLtzRk5vIvPMtVTl7KiR4QHHz5H+SwtGeH7Tyy
6kN0zbACCYYz74zRNzXZ6Zz361L0E64IHtkRMU9ei2Roa+CtnbH/EfYCg4Rdm1sj
ApFGcdDHblHb3nK7W/iQ/G57cU+qaiC7nt72oY8Dqat5cyQjMdEjIIX17wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB/dfpbXlGzc9UGe8w8rEfg5dBb3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSDkxLWx0ZVViTnoxUVo3ekR5c1ItRGwwRnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwldoAwQA
wldyAwQAwlfjAwQA1MD0MA0GCSqGSIb3DQEBCwUAA4IBAQAqj+Y6y8RLcCD1uHuP
4GuPrVkJUsJMH8zcIhKXiGBBqE2GDcgvDIFP1lzRbCUgkt7bVqR/QTMBwn/UuK2d
2XnmyLjJ+7TyeQG1EvpMovfc2IOK83wsy7P8G37CU65Dh6tjp/9RJMZHuhTvkcCq
Q++8BhqvWUxO650O5OQn/wioIvL3SnAisFPlCuIoHVLUTIoadaXj2cx2pWBvKM1y
zLsbmow/GAdATUZ7LXc+SsXaRt/SnqVNmuYm0UI8+2U2NmkAJQdyV9DpoC3Q4sSp
5CFXrfEXNZrMgTnVnWUuA9X2tO5XPTEnYD1UKJOMjsPGIjRYl29/kGei1tpNFYmk
aE8j
-----END CERTIFICATE-----
Generated at Thu Sep 14 06:14:14 2023 by rpki-client on console-fra.rpki-client.org