Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZ7pzc9pgXSXkX6NED7jVYa6mpM.roa
File: NZ7pzc9pgXSXkX6NED7jVYa6mpM.roa (raw, json)
Hash identifier: Kc20jtjgcgAQFa+Uk1IdErzYVbxvOWefOqs0ilwg8HM=
Subject key identifier: 35:9E:E9:CD:CF:69:81:74:97:91:7E:8D:10:3E:E3:55:86:BA:9A:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187E1B5D711D1648958D114EE110D1B7AB4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZ7pzc9pgXSXkX6NED7jVYa6mpM.roa
Signing time: Wed 03 May 2023 13:03:23 +0000
ROA not before: Wed 03 May 2023 13:03:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 194.87.228.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:b5:d7:11:d1:64:89:58:d1:14:ee:11:0d:1b:7a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 3 13:03:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359ee9cdcf69817497917e8d103ee35586ba9a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:71:a4:c1:53:8c:34:67:6a:c9:26:9c:3a:
80:43:13:ef:1e:7f:74:33:16:16:0d:39:14:1f:a5:
b6:f2:12:42:24:a5:86:b8:9f:93:b2:d6:b2:6e:77:
2f:a5:50:9d:e5:88:7d:c3:dc:c2:6b:42:22:bb:36:
3a:33:65:9a:37:e8:22:41:b1:af:2f:f9:b2:f5:8d:
3b:91:bc:a9:a3:aa:4b:b9:85:9b:16:e1:03:be:aa:
bd:ab:ba:54:ba:c0:f5:ee:9a:d6:76:92:29:23:46:
21:5e:50:51:a8:07:f4:91:6a:3f:79:31:37:33:e7:
e6:9b:df:6e:f7:25:d9:06:12:c4:b9:d8:5f:59:76:
16:59:f8:5d:3c:82:b4:da:76:90:d8:4d:d5:64:d7:
79:f3:d0:6b:86:56:5a:b9:59:33:d0:25:18:b0:71:
0e:59:54:29:06:a2:e2:b1:45:81:72:b9:2b:9d:00:
c5:41:23:d2:b9:08:59:38:19:c9:55:eb:05:17:1a:
f8:85:e7:10:37:d3:8b:f8:bf:dd:80:70:19:e4:1a:
58:68:b0:5e:c5:c6:b4:37:5a:50:51:bf:ed:f9:3f:
c2:7c:41:19:5a:c7:e3:9e:a9:a3:c7:24:f9:be:81:
82:ec:9c:1a:26:cf:fa:bb:c5:16:44:42:09:68:f0:
f7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9E:E9:CD:CF:69:81:74:97:91:7E:8D:10:3E:E3:55:86:BA:9A:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZ7pzc9pgXSXkX6NED7jVYa6mpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
194.87.228.0/24
195.58.55.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
56:03:44:e0:17:91:f1:bc:9b:c2:4e:78:47:d5:76:78:84:1d:
61:83:42:f6:f2:57:57:aa:c4:84:33:f6:59:41:0a:8f:8c:bc:
9b:86:3c:25:ec:e4:9a:02:49:cf:7b:4e:64:3d:de:3f:13:ec:
b6:93:a0:81:c2:4d:38:0e:00:b8:4c:77:80:08:05:46:dd:33:
92:ae:ce:43:91:36:b6:01:1e:0b:f7:d7:f3:40:e5:9f:58:c4:
a6:0d:b1:39:34:c4:8e:6e:f0:ef:80:03:92:b2:ef:f9:5a:2d:
38:41:9b:a6:af:ff:be:c0:cb:73:aa:5d:5e:26:03:80:46:00:
80:aa:61:36:4f:c7:b8:26:3d:7b:cd:01:75:cc:4b:e0:a1:1e:
13:e2:d5:ba:63:65:68:a1:5a:b2:08:ee:0c:24:fa:1b:d6:1e:
b8:73:c3:0a:e1:75:80:65:6a:45:3e:66:f4:e5:18:3d:d7:dc:
fa:9b:ef:06:57:48:63:e4:05:4e:02:fb:8b:20:77:03:29:e7:
7f:88:8d:e6:9d:2c:66:3a:73:da:b3:fb:38:49:15:b0:8f:06:
01:dc:b0:8b:55:7e:df:12:9a:c5:16:fb:77:4b:44:25:0a:fc:
5a:34:6e:11:5f:16:d2:17:75:d7:02:94:58:52:46:b5:8f:f8:
fb:16:ee:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfhtdcR0WSJWNEU7hENG3q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTAzMTMwMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTllZTljZGNmNjk4MTc0OTc5MTdlOGQxMDNlZTM1NTg2YmE5YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBxxpMFTjDRnaskmnDqAQxPvHn90
MxYWDTkUH6W28hJCJKWGuJ+TstaybncvpVCd5Yh9w9zCa0IiuzY6M2WaN+giQbGv
L/my9Y07kbypo6pLuYWbFuEDvqq9q7pUusD17prWdpIpI0YhXlBRqAf0kWo/eTE3
M+fmm99u9yXZBhLEudhfWXYWWfhdPIK02naQ2E3VZNd589BrhlZauVkz0CUYsHEO
WVQpBqLisUWBcrkrnQDFQSPSuQhZOBnJVesFFxr4hecQN9OL+L/dgHAZ5BpYaLBe
xca0N1pQUb/t+T/CfEEZWsfjnqmjxyT5voGC7JwaJs/6u8UWREIJaPD3cQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDWe6c3PaYF0l5F+jRA+41WGupqTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlo3cHpjOXBnWFNYa1g2TkVEN2pWWWE2bXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXxbAwQA
wXxfAwQAwlfkAwQAwzo3AwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQBWA0TgF5Hx
vJvCTnhH1XZ4hB1hg0L28ldXqsSEM/ZZQQqPjLybhjwl7OSaAknPe05kPd4/E+y2
k6CBwk04DgC4THeACAVG3TOSrs5DkTa2AR4L99fzQOWfWMSmDbE5NMSObvDvgAOS
su/5Wi04QZumr/++wMtzql1eJgOARgCAqmE2T8e4Jj17zQF1zEvgoR4T4tW6Y2Vo
oVqyCO4MJPob1h64c8MK4XWAZWpFPmb05Rg919z6m+8GV0hj5AVOAvuLIHcDKed/
iI3mnSxmOnPas/s4SRWwjwYB3LCLVX7fEprFFvt3S0QlCvxaNG4RXxbSF3XXApRY
Uka1j/j7Fu7A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org