Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIfUJ9EQvYzkf76Z68khQqwxovU.roa
File: KIfUJ9EQvYzkf76Z68khQqwxovU.roa (raw, json)
Hash identifier: LaAl748iDrczHBAcLixYck55mUnH2uWYUw7IL3HrbX4=
Subject key identifier: 28:87:D4:27:D1:10:BD:8C:E4:7F:BE:99:EB:C9:21:42:AC:31:A2:F5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B291AAD6207BFBFDB3FA4537781E9C6CA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIfUJ9EQvYzkf76Z68khQqwxovU.roa
Signing time: Fri 13 Oct 2023 12:54:55 +0000
ROA not before: Fri 13 Oct 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 194.135.38.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:1a:ad:62:07:bf:bf:db:3f:a4:53:77:81:e9:c6:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 13 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2887d427d110bd8ce47fbe99ebc92142ac31a2f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e9:a0:23:b3:3a:2c:20:99:2d:0c:18:b6:df:
28:75:25:6e:34:38:b5:04:90:82:d1:3a:c5:9b:be:
de:e1:51:c2:f9:0c:c8:2e:10:9d:da:92:62:3b:17:
93:3d:43:e6:58:b8:0b:74:dd:ec:c4:db:8b:03:c2:
6d:c5:ca:66:57:2d:d5:fe:3e:db:17:42:c5:d9:6e:
ca:f6:07:33:7a:00:5c:8d:30:28:ba:b6:a7:85:a5:
e5:de:0a:f2:66:26:e4:bd:fe:c2:49:f0:0e:30:58:
77:b7:a9:80:e8:be:2d:04:2b:5c:19:9c:f4:4d:da:
f5:98:22:90:57:91:14:dc:6e:be:0f:b3:fd:db:91:
0e:48:6b:95:70:ae:1f:89:82:38:98:6a:e8:69:0b:
56:31:4a:99:b8:13:13:3b:26:5e:01:d5:38:28:72:
79:29:a3:24:08:33:db:30:5b:5d:5f:de:e6:33:55:
13:06:b8:78:c5:a3:6e:ac:99:32:d6:38:24:75:44:
e0:79:40:19:17:a4:a6:10:cc:30:be:4f:35:af:75:
74:7f:f0:94:50:8f:86:1a:ac:f9:16:95:7a:1f:8b:
e1:64:ef:a2:bf:f0:05:c6:9c:38:da:86:8c:a2:92:
66:4f:91:7f:4f:20:0e:dd:b6:e7:0f:28:82:1c:18:
33:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:87:D4:27:D1:10:BD:8C:E4:7F:BE:99:EB:C9:21:42:AC:31:A2:F5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KIfUJ9EQvYzkf76Z68khQqwxovU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.135.38.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
28:f7:52:8b:a9:f5:ef:44:7e:4f:ed:99:8f:b2:6d:f2:7e:02:
44:73:01:4c:c3:20:38:6b:b3:d0:37:0d:7d:d0:f2:7a:22:b1:
61:26:6f:c7:30:59:23:a5:34:70:2e:b8:8c:c9:5c:44:c7:bb:
85:f6:84:3c:45:f8:73:a6:a7:af:b1:40:44:59:7d:7d:72:e6:
2e:7e:22:db:51:a4:1d:ea:46:cf:67:65:2b:55:66:fd:b0:5d:
55:68:f9:da:a0:bc:50:7a:00:8a:75:16:3e:96:a9:e5:2b:62:
0c:98:52:e0:b9:93:e6:45:a0:25:88:f9:eb:b7:b3:3c:7c:ae:
9e:8c:2f:b3:cd:85:c4:2c:43:78:ce:62:0d:f4:1c:d9:99:68:
f8:09:62:12:05:c2:67:c0:63:1e:72:33:8e:da:0b:05:7d:c1:
c6:c5:94:ff:7e:2b:0e:37:0c:d1:08:da:f7:a4:11:7e:2a:25:
11:47:96:ec:9d:03:0b:fe:7e:17:2d:c5:4b:41:b3:4f:68:4f:
d4:f0:24:20:be:26:8d:ed:25:27:7f:82:f0:fe:d1:05:07:9c:
93:de:7d:0c:fe:47:aa:ca:dc:f1:7e:aa:61:c7:66:f2:23:b1:
b9:78:e8:89:51:0c:fb:7f:92:86:80:00:d8:0b:46:d8:0d:40:
2b:62:dd:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYspGq1iB7+/2z+kU3eB6cbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEzMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg3ZDQyN2QxMTBiZDhjZTQ3ZmJlOTllYmM5MjE0MmFjMzFhMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOmgI7M6LCCZLQwYtt8odSVuNDi1
BJCC0TrFm77e4VHC+QzILhCd2pJiOxeTPUPmWLgLdN3sxNuLA8JtxcpmVy3V/j7b
F0LF2W7K9gczegBcjTAouranhaXl3gryZibkvf7CSfAOMFh3t6mA6L4tBCtcGZz0
Tdr1mCKQV5EU3G6+D7P925EOSGuVcK4fiYI4mGroaQtWMUqZuBMTOyZeAdU4KHJ5
KaMkCDPbMFtdX97mM1UTBrh4xaNurJky1jgkdUTgeUAZF6SmEMwwvk81r3V0f/CU
UI+GGqz5FpV6H4vhZO+iv/AFxpw42oaMopJmT5F/TyAO3bbnDyiCHBgzLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCiH1CfREL2M5H++mevJIUKsMaL1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0lmVUo5RVF2WXprZjc2WjY4a2hRcXd4b3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUgKAwQA
wocmAwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQAo91KLqfXvRH5P7ZmPsm3yfgJE
cwFMwyA4a7PQNw190PJ6IrFhJm/HMFkjpTRwLriMyVxEx7uF9oQ8RfhzpqevsUBE
WX19cuYufiLbUaQd6kbPZ2UrVWb9sF1VaPnaoLxQegCKdRY+lqnlK2IMmFLguZPm
RaAliPnrt7M8fK6ejC+zzYXELEN4zmIN9BzZmWj4CWISBcJnwGMecjOO2gsFfcHG
xZT/fisONwzRCNr3pBF+KiURR5bsnQML/n4XLcVLQbNPaE/U8CQgviaN7SUnf4Lw
/tEFB5yT3n0M/keqytzxfqphx2byI7G5eOiJUQz7f5KGgADYC0bYDUArYt2T
-----END CERTIFICATE-----
Generated at Fri Oct 13 14:07:13 2023 by rpki-client on console-ams.rpki-client.org