Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IzNi9Mlnm4b4vLsLGxOtqA_Cg2I.roa
File: IzNi9Mlnm4b4vLsLGxOtqA_Cg2I.roa (raw, json)
Hash identifier: J2P6ZXOJu6s9UIhCEpEAisaHGdbnDH687oQZ0LNVaHo=
Subject key identifier: 23:33:62:F4:C9:67:9B:86:F8:BC:BB:0B:1B:13:AD:A8:0F:C2:83:62
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189F94976DD3FFB3C7A0D4222522DAE830A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IzNi9Mlnm4b4vLsLGxOtqA_Cg2I.roa
Signing time: Tue 15 Aug 2023 13:01:28 +0000
ROA not before: Tue 15 Aug 2023 13:01:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209737
IP address blocks: 194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:49:76:dd:3f:fb:3c:7a:0d:42:22:52:2d:ae:83:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 15 13:01:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=233362f4c9679b86f8bcbb0b1b13ada80fc28362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:f1:a9:16:2c:4b:bb:af:19:2a:85:6a:2d:
68:e3:63:56:4c:e0:29:c4:b8:f5:10:c3:bb:b8:d5:
8f:58:ea:4f:f5:a7:01:57:96:fd:6a:07:59:58:ce:
d6:13:07:76:29:7f:64:86:a7:e5:64:c6:b3:34:5b:
23:c3:6d:dc:7c:99:63:13:56:c4:84:34:3e:0f:f5:
c6:fc:ee:12:8f:1a:d0:3a:3e:5e:87:d4:d8:f4:c8:
8a:7a:15:a6:60:e1:6b:d3:a0:b7:c7:9d:9a:d2:06:
97:bc:fc:66:23:01:0b:8d:79:12:61:ef:18:7c:9d:
a7:04:33:33:38:1a:95:d8:03:b9:84:85:59:9a:38:
a3:6c:11:3a:e0:04:6a:54:24:1a:e7:37:52:7f:a6:
16:17:d2:53:e4:01:51:a6:01:dd:0b:d3:0a:c0:fd:
af:30:03:1e:e2:6b:df:e7:c3:1e:a6:75:fc:48:96:
c4:16:51:03:ab:7d:dd:df:db:6d:e8:10:2a:ce:7c:
c7:5b:21:3b:6d:e9:d3:8d:c2:f8:49:13:dc:46:66:
f7:e5:c2:0b:92:e5:e8:5a:c2:bc:0a:21:71:26:fa:
0e:84:20:3e:d6:05:52:db:d4:f7:c5:b8:11:ab:3c:
06:a9:1e:f4:85:3d:fa:3a:1e:29:c5:4a:e5:3e:1b:
4c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:33:62:F4:C9:67:9B:86:F8:BC:BB:0B:1B:13:AD:A8:0F:C2:83:62
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IzNi9Mlnm4b4vLsLGxOtqA_Cg2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
193.124.44.0/24
194.87.22.0/24
Signature Algorithm: sha256WithRSAEncryption
39:97:0d:d5:83:34:b1:e2:19:f3:4e:b5:87:52:a6:7e:1b:c2:
f9:77:35:b5:99:30:0e:e6:fd:14:47:cb:15:d5:30:65:73:fe:
fb:42:8d:55:69:c2:3b:9c:0f:4f:1a:f7:36:21:fb:81:48:e5:
14:2d:50:98:d5:17:86:14:19:15:fd:b6:bf:35:62:21:5f:11:
ff:97:fc:8c:cb:20:66:85:c8:38:44:1d:ad:c2:98:26:38:ad:
1f:ec:5c:d8:d2:00:62:fa:a6:d2:dc:28:c6:eb:90:4a:38:60:
12:ee:cd:e0:c0:8c:a1:b3:fd:60:ce:50:a9:7f:af:2c:3a:3b:
fd:6c:18:84:0d:e2:e9:bf:24:c6:b8:28:32:39:a6:62:c3:22:
59:6f:83:d1:52:f6:4c:3c:1b:5a:59:b7:ef:6d:b6:c8:50:e3:
a9:d4:d5:a9:11:f3:d0:7b:b1:c0:68:32:63:a0:94:eb:3c:c0:
23:a6:2f:cd:18:eb:7b:24:4a:22:2b:2b:8d:05:f3:8c:4e:e5:
88:cc:a6:d3:39:83:99:9a:da:1d:a4:b0:8d:9f:23:f3:9c:c5:
cb:60:52:25:f1:5f:48:72:8b:28:c1:b3:64:5e:fb:fd:c2:93:
86:62:ba:35:f3:2b:9e:4c:ce:a8:03:5c:75:3e:a4:2e:10:53:
42:ea:72:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn5SXbdP/s8eg1CIlItroMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE1MTMwMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMzNjJmNGM5Njc5Yjg2ZjhiY2JiMGIxYjEzYWRhODBmYzI4MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr17xqRYsS7uvGSqFai1o42NWTOAp
xLj1EMO7uNWPWOpP9acBV5b9agdZWM7WEwd2KX9khqflZMazNFsjw23cfJljE1bE
hDQ+D/XG/O4SjxrQOj5eh9TY9MiKehWmYOFr06C3x52a0gaXvPxmIwELjXkSYe8Y
fJ2nBDMzOBqV2AO5hIVZmjijbBE64ARqVCQa5zdSf6YWF9JT5AFRpgHdC9MKwP2v
MAMe4mvf58MepnX8SJbEFlEDq33d39tt6BAqznzHWyE7benTjcL4SRPcRmb35cIL
kuXoWsK8CiFxJvoOhCA+1gVS29T3xbgRqzwGqR70hT36Oh4pxUrlPhtMYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCMzYvTJZ5uG+Ly7CxsTragPwoNiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSXpOaTlNbG5tNGI0dkxzTEd4T3RxQV9DZzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUgLAwQA
wXwsAwQAwlcWMA0GCSqGSIb3DQEBCwUAA4IBAQA5lw3VgzSx4hnzTrWHUqZ+G8L5
dzW1mTAO5v0UR8sV1TBlc/77Qo1VacI7nA9PGvc2IfuBSOUULVCY1ReGFBkV/ba/
NWIhXxH/l/yMyyBmhcg4RB2twpgmOK0f7FzY0gBi+qbS3CjG65BKOGAS7s3gwIyh
s/1gzlCpf68sOjv9bBiEDeLpvyTGuCgyOaZiwyJZb4PRUvZMPBtaWbfvbbbIUOOp
1NWpEfPQe7HAaDJjoJTrPMAjpi/NGOt7JEoiKyuNBfOMTuWIzKbTOYOZmtodpLCN
nyPznMXLYFIl8V9IcosowbNkXvv9wpOGYro18yueTM6oA1x1PqQuEFNC6nIQ
-----END CERTIFICATE-----
Generated at Wed Sep 13 12:01:18 2023 by rpki-client on console-ams.rpki-client.org