Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HBnfSbqoUAqMl4LRkygxGffNpFI.roa
File: HBnfSbqoUAqMl4LRkygxGffNpFI.roa (raw, json)
Hash identifier: GW4BcGWkleIml1k5yS0BfALN7qaWtTYqM9eelzOeA7s=
Subject key identifier: 1C:19:DF:49:BA:A8:50:0A:8C:97:82:D1:93:28:31:19:F7:CD:A4:52
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C63CD93DD3148E6DCFF0828BA5BEABC37
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HBnfSbqoUAqMl4LRkygxGffNpFI.roa
Signing time: Wed 13 Dec 2023 15:31:06 +0000
ROA not before: Wed 13 Dec 2023 15:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:cd:93:dd:31:48:e6:dc:ff:08:28:ba:5b:ea:bc:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c19df49baa8500a8c9782d193283119f7cda452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a7:41:b2:35:b0:1d:37:03:b8:fa:a2:48:79:
68:d4:d9:c7:df:61:7b:57:7a:42:9c:df:82:11:61:
41:4c:13:0a:0d:75:b0:ff:2b:fd:b3:b7:da:21:ed:
3e:a6:b8:cf:86:4f:0a:14:20:e6:57:31:40:f8:d7:
84:50:f7:9b:e1:52:7a:53:bb:75:11:74:8f:15:7f:
4f:aa:28:53:9f:72:36:6e:41:21:b5:a6:7d:fb:83:
b8:18:df:e5:68:b7:6c:98:c8:2a:04:4a:bc:f0:d5:
7d:1b:a0:a7:a9:e4:04:19:d7:94:bb:78:46:de:82:
f4:79:75:be:45:1e:4f:55:77:31:44:0a:66:b4:12:
c3:63:9d:10:bc:b1:14:de:12:5c:e2:38:1e:6a:5d:
45:3c:be:97:31:3d:0d:b4:03:0b:cd:08:97:aa:d7:
04:a1:10:10:a3:4b:07:3a:2e:41:ad:cd:0c:24:f1:
20:de:33:d3:08:7f:89:cd:0b:c3:56:3e:23:e2:83:
1d:57:3c:a5:e4:38:0b:fb:61:72:f1:c8:23:2d:21:
a6:98:d8:f6:e2:8e:44:65:83:94:28:3b:26:6c:fc:
48:f5:91:4f:46:d7:91:4a:12:f6:f6:26:35:7f:5a:
b0:c6:85:6f:12:71:ac:39:27:8d:da:66:7c:2b:58:
ea:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:19:DF:49:BA:A8:50:0A:8C:97:82:D1:93:28:31:19:F7:CD:A4:52
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HBnfSbqoUAqMl4LRkygxGffNpFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.200.0/24
194.87.190.0/24
194.87.215.0/24
212.192.217.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fa:e7:25:3a:ae:ff:01:75:b9:fe:ce:a7:62:4e:21:c4:47:
c7:6f:c9:4a:d1:a3:6c:14:5d:d8:7d:aa:15:dd:e0:73:5c:29:
49:ee:f5:d6:9c:a8:54:32:86:03:c7:5f:7d:b7:ac:70:2d:cd:
d0:82:ba:ee:2c:86:9c:3f:97:3f:2d:d3:14:32:b4:08:a0:7f:
4b:b5:e2:2a:03:7e:3a:4e:0c:36:0e:b0:72:61:c2:82:ef:0e:
cc:8c:2b:38:7d:3a:18:ba:54:df:d6:b1:79:88:b3:49:78:e3:
79:87:f4:f4:4b:6a:29:ee:38:c2:9d:05:f4:52:9a:c5:75:76:
1e:44:37:5c:e3:bd:56:03:ad:69:5e:06:d5:b8:a0:63:cd:9a:
cc:94:b8:bf:28:d6:3b:b9:e1:b2:51:f1:9a:69:c0:49:15:01:
69:59:a7:05:d7:e2:92:9e:ee:b0:e5:17:ab:de:54:4c:19:8c:
ed:c7:f8:ba:70:3c:59:bb:3f:97:f5:41:12:b4:69:15:2a:fd:
48:92:a4:4b:a0:28:0c:8d:c5:c1:7d:43:53:f2:32:a0:a5:18:
e9:9a:e8:bc:88:7c:bc:0c:dc:58:5e:8a:f7:8e:5f:e4:55:12:
fa:9c:d2:88:de:b0:bc:2d:83:d0:1f:96:ae:6d:87:b8:76:61:
ae:43:c9:6b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxjzZPdMUjm3P8IKLpb6rw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjEzMTUzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE5ZGY0OWJhYTg1MDBhOGM5NzgyZDE5MzI4MzExOWY3Y2RhNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkadBsjWwHTcDuPqiSHlo1NnH32F7
V3pCnN+CEWFBTBMKDXWw/yv9s7faIe0+prjPhk8KFCDmVzFA+NeEUPeb4VJ6U7t1
EXSPFX9PqihTn3I2bkEhtaZ9+4O4GN/laLdsmMgqBEq88NV9G6CnqeQEGdeUu3hG
3oL0eXW+RR5PVXcxRApmtBLDY50QvLEU3hJc4jgeal1FPL6XMT0NtAMLzQiXqtcE
oRAQo0sHOi5Brc0MJPEg3jPTCH+JzQvDVj4j4oMdVzyl5DgL+2Fy8cgjLSGmmNj2
4o5EZYOUKDsmbPxI9ZFPRteRShL29iY1f1qwxoVvEnGsOSeN2mZ8K1jqkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBwZ30m6qFAKjJeC0ZMoMRn3zaRSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSEJuZlNicW9VQXFNbDRMUmt5Z3hHZmZOcEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwHAwQA
wXzIAwQAwle+AwQAwlfXAwQA1MDZMA0GCSqGSIb3DQEBCwUAA4IBAQB4+uclOq7/
AXW5/s6nYk4hxEfHb8lK0aNsFF3YfaoV3eBzXClJ7vXWnKhUMoYDx199t6xwLc3Q
grruLIacP5c/LdMUMrQIoH9LteIqA346Tgw2DrByYcKC7w7MjCs4fToYulTf1rF5
iLNJeON5h/T0S2op7jjCnQX0UprFdXYeRDdc471WA61pXgbVuKBjzZrMlLi/KNY7
ueGyUfGaacBJFQFpWacF1+KSnu6w5Rer3lRMGYztx/i6cDxZuz+X9UEStGkVKv1I
kqRLoCgMjcXBfUNT8jKgpRjpmui8iHy8DNxYXor3jl/kVRL6nNKI3rC8LYPQH5au
bYe4dmGuQ8lr
-----END CERTIFICATE-----
Generated at Thu Dec 14 10:09:09 2023 by rpki-client on console-ams.rpki-client.org