Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ITPNjQwa4JEKC62FKc6pq0IfWhA.roa
File: ITPNjQwa4JEKC62FKc6pq0IfWhA.roa (raw, json)
Hash identifier: //3vpfc9DVqBQfMYu6dvM2GhjzT71Nfy2VdAT0WPQLE=
Subject key identifier: 21:33:CD:8D:0C:1A:E0:91:0A:0B:AD:85:29:CE:A9:AB:42:1F:5A:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB315939280563FA1B383C7C3D3873899
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ITPNjQwa4JEKC62FKc6pq0IfWhA.roa
Signing time: Thu 09 Nov 2023 07:56:57 +0000
ROA not before: Thu 09 Nov 2023 07:56:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 194.87.220.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:15:93:92:80:56:3f:a1:b3:83:c7:c3:d3:87:38:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 9 07:56:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2133cd8d0c1ae0910a0bad8529cea9ab421f5a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1e:78:e6:49:e8:98:49:e6:56:f0:49:73:00:
54:18:05:e7:15:b2:ea:01:98:bc:3d:41:10:dc:06:
3f:d8:fc:86:a3:7e:84:ef:59:c0:7e:e8:7b:e1:fc:
05:3e:06:cd:7b:61:e3:c5:ac:35:6b:f3:0c:8f:d6:
04:08:10:0a:54:ff:2a:54:fd:70:1a:9d:2c:78:bc:
46:77:8f:e1:31:10:04:8e:c5:40:48:90:b7:c6:5c:
b4:6b:4b:bd:f1:50:da:a2:3f:bc:f2:ee:6e:b1:fb:
aa:a8:f6:12:44:22:f8:c1:9c:fc:12:ac:f1:0b:62:
db:52:51:f9:87:7d:2a:47:05:8e:4b:a9:3a:8a:58:
de:4c:43:9b:4d:f3:ae:c9:6c:ad:6f:0f:aa:52:7d:
46:4a:fc:5d:77:ef:de:5d:9f:eb:e2:b4:be:a7:48:
fa:75:01:04:39:41:69:1f:7c:d6:fa:16:00:94:9d:
97:c7:58:78:8c:2a:b1:86:d7:28:ac:4c:e6:f0:28:
a8:62:56:f6:b3:89:4a:e4:66:ad:2c:9a:33:a8:52:
f0:fa:3d:c1:61:52:04:f1:39:05:c3:4a:83:ee:73:
fb:69:a6:c7:5a:fe:0f:2b:14:0e:92:7b:79:80:b7:
91:1a:59:05:a3:1e:5a:f6:7d:a8:a4:61:a2:bc:23:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:33:CD:8D:0C:1A:E0:91:0A:0B:AD:85:29:CE:A9:AB:42:1F:5A:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ITPNjQwa4JEKC62FKc6pq0IfWhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.220.0/24
195.58.37.0/24
195.133.61.0/24
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d4:07:14:ae:2e:a5:21:b5:c3:d2:d2:d8:65:3a:0a:9d:d3:
71:25:a3:b1:01:bc:bf:22:71:c6:e7:35:8d:d9:59:b2:08:76:
88:fc:bb:53:26:cd:a7:32:d8:4a:c0:9e:74:03:d1:69:82:81:
72:dd:11:75:8c:01:db:ef:de:06:e6:68:c5:9d:29:ba:fb:33:
3b:78:b2:9d:ed:ab:c2:d2:2e:86:97:3a:60:0a:83:57:e7:28:
db:73:bb:45:ce:f9:85:e7:dd:6f:ec:dd:c7:43:20:8f:2c:01:
94:77:18:c7:f7:d0:de:b7:5b:5c:6c:5f:7b:91:5a:cc:25:20:
96:1a:48:d2:f8:ee:65:74:7b:2b:42:0d:de:dd:26:e9:56:8f:
d5:bd:75:9d:1f:bf:5d:e4:38:11:c3:8e:b1:e9:59:d5:90:ab:
69:dc:ce:ae:5d:94:53:2c:5e:4c:6b:26:7a:09:50:b9:95:e8:
62:9a:78:46:31:79:2c:66:2d:79:b9:b9:31:53:19:ea:c1:80:
5f:b5:60:77:97:86:f3:66:82:ba:d2:36:ed:03:81:49:54:79:
f4:a5:a5:57:94:2e:d6:6b:53:80:f0:b7:04:35:39:a0:2e:9b:
6d:25:59:3a:49:44:44:af:52:d0:49:fb:b7:cc:53:29:d8:64:
d5:94:3e:c9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuzFZOSgFY/obODx8PThziZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA5MDc1NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMzY2Q4ZDBjMWFlMDkxMGEwYmFkODUyOWNlYTlhYjQyMWY1YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh545knomEnmVvBJcwBUGAXnFbLq
AZi8PUEQ3AY/2PyGo36E71nAfuh74fwFPgbNe2Hjxaw1a/MMj9YECBAKVP8qVP1w
Gp0seLxGd4/hMRAEjsVASJC3xly0a0u98VDaoj+88u5usfuqqPYSRCL4wZz8Eqzx
C2LbUlH5h30qRwWOS6k6iljeTEObTfOuyWytbw+qUn1GSvxdd+/eXZ/r4rS+p0j6
dQEEOUFpH3zW+hYAlJ2Xx1h4jCqxhtcorEzm8CioYlb2s4lK5GatLJozqFLw+j3B
YVIE8TkFw0qD7nP7aabHWv4PKxQOknt5gLeRGlkFox5a9n2opGGivCOQQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCEzzY0MGuCRCguthSnOqatCH1oQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSVRQTmpRd2E0SkVLQzYyRktjNnBxMElmV2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlfcAwQA
wzolAwQAw4U9AwQAw4U/AwQA1MD2MA0GCSqGSIb3DQEBCwUAA4IBAQAd1AcUri6l
IbXD0tLYZToKndNxJaOxAby/InHG5zWN2VmyCHaI/LtTJs2nMthKwJ50A9FpgoFy
3RF1jAHb794G5mjFnSm6+zM7eLKd7avC0i6GlzpgCoNX5yjbc7tFzvmF591v7N3H
QyCPLAGUdxjH99Det1tcbF97kVrMJSCWGkjS+O5ldHsrQg3e3SbpVo/VvXWdH79d
5DgRw46x6VnVkKtp3M6uXZRTLF5MayZ6CVC5lehimnhGMXksZi15ubkxUxnqwYBf
tWB3l4bzZoK60jbtA4FJVHn0paVXlC7Wa1OA8LcENTmgLpttJVk6SUREr1LQSfu3
zFMp2GTVlD7J
-----END CERTIFICATE-----
Generated at Mon Nov 13 10:57:05 2023 by rpki-client on console-ams.rpki-client.org