Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hk0lwGM9EwjcK9CQzM4jkBtxSiI.roa
File: Hk0lwGM9EwjcK9CQzM4jkBtxSiI.roa (raw, json)
Hash identifier: kU89/vqtwpsU8yiv8+kzDFppq5A02BnqEU5+gVMulPs=
Subject key identifier: 1E:4D:25:C0:63:3D:13:08:DC:2B:D0:90:CC:CE:23:90:1B:71:4A:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018949D9B403995DA4A50B6799DAAB727862
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hk0lwGM9EwjcK9CQzM4jkBtxSiI.roa
Signing time: Wed 12 Jul 2023 11:25:51 +0000
ROA not before: Wed 12 Jul 2023 11:25:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 194.87.202.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:d9:b4:03:99:5d:a4:a5:0b:67:99:da:ab:72:78:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 12 11:25:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e4d25c0633d1308dc2bd090ccce23901b714a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:d5:f7:58:da:dd:b1:ed:dd:f5:d8:8b:80:
53:2a:4d:c7:86:58:ba:23:85:ec:eb:c1:f6:c3:3b:
02:f4:9a:74:6b:26:b8:79:ae:0a:03:6a:35:bd:d2:
de:70:03:e7:c4:44:23:15:64:dc:6c:63:8a:a6:9f:
7f:48:76:ad:5b:b8:ed:b6:3c:61:fc:87:67:08:f3:
f1:57:b9:98:9b:45:9b:ac:5a:bd:2b:05:e9:30:f4:
3b:77:f1:84:a2:9c:87:7d:64:c4:6b:42:bd:17:9e:
62:35:39:4f:95:06:06:27:44:1b:3e:4d:9a:bb:b0:
e3:86:35:1c:02:a4:41:df:32:6b:c8:68:3c:e1:d6:
bc:55:c5:5a:80:f1:21:66:40:7b:52:e6:3d:45:2b:
b6:1c:24:ce:95:9e:9b:a3:7c:89:09:7b:48:dc:0f:
15:3c:cb:f3:b2:e9:85:38:c4:d7:97:4b:6c:e6:3d:
aa:d9:2c:58:7a:28:d8:50:c2:0e:ce:f4:05:97:20:
d6:16:fd:c9:23:e7:fc:2d:72:07:96:55:b1:a9:d7:
d3:26:34:c2:a7:ec:9e:72:70:57:b1:ea:37:1b:66:
1b:8d:5f:e1:31:8e:18:34:a3:dd:86:24:10:be:35:
7a:d8:2f:98:b9:30:da:c9:97:df:df:23:89:1b:ed:
9d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4D:25:C0:63:3D:13:08:DC:2B:D0:90:CC:CE:23:90:1B:71:4A:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hk0lwGM9EwjcK9CQzM4jkBtxSiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.87.6.0/24
194.87.25.0/24
194.87.33.0/24
194.87.138.0/24
194.87.182.0/24
194.87.202.0/24
195.133.19.0/24
195.133.41.0/24
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
68:87:5e:34:cf:88:2d:6c:27:16:33:fc:20:77:3d:43:71:63:
7b:ef:79:24:d6:cb:55:e9:a8:a5:ca:33:9e:c7:73:3f:a7:cd:
22:73:45:e0:2c:69:64:b7:d4:8c:f7:30:f6:ca:61:4b:9b:88:
4c:55:49:17:51:c2:b6:23:9b:de:44:6b:78:4c:68:07:be:d9:
42:91:be:0c:12:f3:4f:4e:da:2f:83:af:d0:26:56:21:6b:27:
ab:9a:bd:22:68:bd:cf:c4:80:a6:e2:9d:1a:77:ce:3e:7d:47:
2e:19:57:6d:06:64:74:10:1d:9b:f0:5f:ad:b9:ed:a8:a7:8c:
17:fa:9c:67:18:9a:1b:e3:8f:cf:fa:e0:6d:f7:ba:07:1b:18:
77:85:fa:71:12:94:12:05:b3:2f:b8:31:72:80:23:a8:37:4c:
a0:24:30:1f:b3:4c:a1:14:2e:c8:30:f0:5f:fc:dd:80:eb:61:
95:c8:3f:c7:b3:86:3c:e9:a2:18:48:1f:db:17:f1:b7:b4:13:
85:d0:44:47:cf:95:93:c3:33:19:a0:8e:84:f6:49:dd:07:71:
03:98:e4:42:30:95:67:82:df:b3:cd:3f:e8:47:a8:87:ec:49:
bf:a5:0d:66:15:04:a0:28:77:bd:bb:4a:5c:c3:d0:8b:3a:d4:
31:ba:aa:28
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlJ2bQDmV2kpQtnmdqrcnhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEyMTEyNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRkMjVjMDYzM2QxMzA4ZGMyYmQwOTBjY2NlMjM5MDFiNzE0YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxHV91ja3bHt3fXYi4BTKk3Hhli6
I4Xs68H2wzsC9Jp0aya4ea4KA2o1vdLecAPnxEQjFWTcbGOKpp9/SHatW7jttjxh
/IdnCPPxV7mYm0WbrFq9KwXpMPQ7d/GEopyHfWTEa0K9F55iNTlPlQYGJ0QbPk2a
u7DjhjUcAqRB3zJryGg84da8VcVagPEhZkB7UuY9RSu2HCTOlZ6bo3yJCXtI3A8V
PMvzsumFOMTXl0ts5j2q2SxYeijYUMIOzvQFlyDWFv3JI+f8LXIHllWxqdfTJjTC
p+yecnBXseo3G2YbjV/hMY4YNKPdhiQQvjV62C+YuTDayZff3yOJG+2dgwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB5NJcBjPRMI3CvQkMzOI5AbcUoiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSGswbHdHTTlFd2pjSzlDUXpNNGprQnR4U2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwXwRAwQA
wlcGAwQAwlcZAwQAwlchAwQAwleKAwQAwle2AwQAwlfKAwQAw4UTAwQAw4UpAwQA
w4VQMA0GCSqGSIb3DQEBCwUAA4IBAQBoh140z4gtbCcWM/wgdz1DcWN773kk1stV
6ailyjOex3M/p80ic0XgLGlkt9SM9zD2ymFLm4hMVUkXUcK2I5veRGt4TGgHvtlC
kb4MEvNPTtovg6/QJlYhayermr0iaL3PxICm4p0ad84+fUcuGVdtBmR0EB2b8F+t
ue2op4wX+pxnGJob44/P+uBt97oHGxh3hfpxEpQSBbMvuDFygCOoN0ygJDAfs0yh
FC7IMPBf/N2A62GVyD/Hs4Y86aIYSB/bF/G3tBOF0ERHz5WTwzMZoI6E9kndB3ED
mORCMJVngt+zzT/oR6iH7Em/pQ1mFQSgKHe9u0pcw9CLOtQxuqoo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org