Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I_syi4QuPayDkPNJkIyNQMrM4Bc.roa
File: I_syi4QuPayDkPNJkIyNQMrM4Bc.roa (raw, json)
Hash identifier: 6O7jWJClNgOUmY0s+SItfRjxsJbjtGyUFd0pqX2DhMQ=
Subject key identifier: 23:FB:32:8B:84:2E:3D:AC:83:90:F3:49:90:8C:8D:40:CA:CC:E0:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C5230376C1076B2F7CD12CFFDA18CF537
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I_syi4QuPayDkPNJkIyNQMrM4Bc.roa
Signing time: Sun 10 Dec 2023 05:25:40 +0000
ROA not before: Sun 10 Dec 2023 05:25:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:30:37:6c:10:76:b2:f7:cd:12:cf:fd:a1:8c:f5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 10 05:25:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23fb328b842e3dac8390f349908c8d40cacce017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0f:e7:1c:56:bf:fa:5b:77:0a:e8:da:e9:a6:
5d:26:74:bd:8f:18:d0:25:eb:59:96:5c:92:5b:33:
8f:32:1e:57:55:14:fe:12:02:4e:2c:b4:e6:00:03:
37:4a:fb:30:b6:2b:15:a6:1c:d5:8e:56:b6:1d:24:
89:69:90:2d:ff:e3:82:69:21:bd:92:af:0f:13:c4:
07:17:de:a8:9d:d7:ee:3c:be:53:c4:f7:ee:2b:d0:
27:e3:ba:84:3f:2f:35:a5:0e:56:66:bd:ec:ba:c5:
19:69:3c:a0:c9:e6:a1:72:55:6d:69:8b:4e:e0:12:
0f:28:0a:5a:6e:97:89:8e:96:c4:f2:b9:e8:16:d6:
3f:d3:e7:46:c1:f8:19:d7:50:a1:79:d2:cb:c2:b5:
28:2a:45:49:bb:21:47:6b:ce:a5:0f:93:7e:89:bf:
1e:f2:ad:32:75:0d:bd:6f:79:48:f5:82:ca:a3:89:
49:89:48:1d:fe:37:b0:bc:6d:ac:d8:b0:e7:e3:de:
51:92:c6:89:db:6d:81:44:8b:e4:83:6e:80:11:f3:
84:75:ec:f9:55:5f:1f:73:4d:5e:12:2e:93:c5:7a:
1a:50:d8:06:12:46:43:3d:a8:97:b3:b8:aa:81:c9:
e4:04:b2:89:14:ab:3a:0d:53:e9:f2:27:44:b1:70:
ee:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FB:32:8B:84:2E:3D:AC:83:90:F3:49:90:8C:8D:40:CA:CC:E0:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I_syi4QuPayDkPNJkIyNQMrM4Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.38.0/23
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:42:a3:00:9c:d4:17:cb:bf:f5:97:53:1b:6f:c8:ce:86:69:
bc:fa:31:82:7f:c9:c1:e3:65:64:55:ef:15:0b:41:88:d5:b8:
a9:e2:e6:3b:70:bf:66:ce:9d:a2:fe:0d:15:08:56:d4:c0:1d:
9b:a2:12:1b:8a:74:b6:98:69:15:6d:59:db:c0:12:0f:b2:cd:
b0:2a:de:99:38:4a:dd:94:e3:36:47:62:ab:88:99:a3:36:99:
95:b3:10:9d:58:3f:a6:f6:fa:e4:1f:ea:72:af:3a:35:f6:ab:
69:4b:57:7f:4c:1b:29:45:4b:a6:3b:41:c4:66:e3:42:ad:d1:
85:aa:61:41:01:ed:f6:11:7b:ad:9b:86:30:4d:6e:44:49:14:
83:da:ef:96:b4:1a:13:d0:f5:1c:9e:3a:e8:94:da:29:b9:de:
fd:83:32:e6:78:1d:c8:78:9a:92:19:5d:21:6a:59:f6:8d:95:
37:a1:c1:01:e1:14:d1:bb:76:6b:a4:55:bd:67:f8:50:b8:c4:
cd:39:61:ec:05:0c:1a:05:cc:dc:e7:3c:9b:e4:b1:32:e8:2a:
b0:f2:bb:39:1c:6a:11:9c:a5:10:fa:7c:8e:b7:9c:3c:a8:48:
61:70:03:9e:b7:0e:86:e9:c5:08:84:a2:0e:91:17:b3:85:e9:
d6:d7:db:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxSMDdsEHay980Sz/2hjPU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjEwMDUyNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ZiMzI4Yjg0MmUzZGFjODM5MGYzNDk5MDhjOGQ0MGNhY2NlMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig/nHFa/+lt3Cuja6aZdJnS9jxjQ
JetZllySWzOPMh5XVRT+EgJOLLTmAAM3SvswtisVphzVjla2HSSJaZAt/+OCaSG9
kq8PE8QHF96ondfuPL5TxPfuK9An47qEPy81pQ5WZr3susUZaTygyeahclVtaYtO
4BIPKApabpeJjpbE8rnoFtY/0+dGwfgZ11ChedLLwrUoKkVJuyFHa86lD5N+ib8e
8q0ydQ29b3lI9YLKo4lJiUgd/jewvG2s2LDn495RksaJ222BRIvkg26AEfOEdez5
VV8fc01eEi6TxXoaUNgGEkZDPaiXs7iqgcnkBLKJFKs6DVPp8idEsXDu6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCP7MouELj2sg5DzSZCMjUDKzOAXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSV9zeWk0UXVQYXlEa1BOSmtJeU5RTXJNNEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlX6AwQB
w4UmAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQBcQqMAnNQXy7/1l1Mbb8jOhmm8
+jGCf8nB42VkVe8VC0GI1bip4uY7cL9mzp2i/g0VCFbUwB2bohIbinS2mGkVbVnb
wBIPss2wKt6ZOErdlOM2R2KriJmjNpmVsxCdWD+m9vrkH+pyrzo19qtpS1d/TBsp
RUumO0HEZuNCrdGFqmFBAe32EXutm4YwTW5ESRSD2u+WtBoT0PUcnjrolNopud79
gzLmeB3IeJqSGV0haln2jZU3ocEB4RTRu3ZrpFW9Z/hQuMTNOWHsBQwaBczc5zyb
5LEy6Cqw8rs5HGoRnKUQ+nyOt5w8qEhhcAOetw6G6cUIhKIOkRezhenW19t3
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org