Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NdXd8qy_NU3Law6BmOio7yHzMWA.roa
File: NdXd8qy_NU3Law6BmOio7yHzMWA.roa (raw, json)
Hash identifier: XTw/NMKGSzkErGCx1xdhNsQJy2KS98pa2OU0mvyXO2k=
Subject key identifier: 35:D5:DD:F2:AC:BF:35:4D:CB:6B:0E:81:98:E8:A8:EF:21:F3:31:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018730C9E089FE102BB618CA045836E3F9A7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NdXd8qy_NU3Law6BmOio7yHzMWA.roa
Signing time: Thu 30 Mar 2023 04:32:29 +0000
ROA not before: Thu 30 Mar 2023 04:32:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.119.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:30:c9:e0:89:fe:10:2b:b6:18:ca:04:58:36:e3:f9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 30 04:32:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d5ddf2acbf354dcb6b0e8198e8a8ef21f33160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1f:2f:7e:cd:9d:3c:7a:7d:3c:ef:81:2f:30:
c7:06:1f:14:14:ea:d1:f1:d9:26:87:69:f1:ca:e8:
29:d0:99:a3:f7:32:af:08:33:dd:ed:ef:ce:a2:9f:
2b:49:6f:9b:63:0c:6e:c2:e2:7d:6e:17:fb:b9:56:
8d:8a:38:89:ca:2e:45:65:0b:73:96:ea:f6:99:44:
f1:7c:0b:23:83:b2:31:df:b2:7d:e5:58:1c:fe:6d:
e3:04:5b:39:8b:6c:e2:ba:58:3f:f6:ea:f9:f1:13:
f0:0a:d1:84:c9:97:97:99:2f:15:10:8b:0d:87:64:
a2:70:e6:05:3e:dd:52:ae:c8:d4:08:ef:12:a7:8a:
fd:f4:00:65:20:77:99:a1:51:b4:8d:cb:53:82:2d:
1f:10:e6:4d:41:ed:99:a3:4a:44:bf:67:73:f3:7b:
00:a2:da:71:7a:d8:55:a8:09:fb:25:35:e2:7b:19:
7f:0d:05:b8:62:3f:80:70:38:8b:ce:df:4f:bf:90:
24:f9:fe:2a:82:60:95:9a:08:3d:62:59:6e:f8:f9:
10:d7:b4:eb:84:1c:ac:61:c1:4c:c3:95:a5:f2:50:
d5:57:a6:76:8c:a2:f1:42:ee:c7:ec:3f:c2:7f:72:
93:03:be:bb:c7:e8:33:27:4f:6c:2e:23:3f:5d:64:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D5:DD:F2:AC:BF:35:4D:CB:6B:0E:81:98:E8:A8:EF:21:F3:31:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NdXd8qy_NU3Law6BmOio7yHzMWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.119.0/24
194.87.180.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
71:02:ae:68:0e:3a:1c:8e:05:0c:1b:25:91:08:76:46:d4:b4:
f6:36:ef:21:e5:2c:9d:fa:8c:81:13:a2:02:5e:a9:fa:d8:21:
7c:a0:42:f1:11:e2:c5:c9:b9:e0:c8:b2:10:f1:cc:62:5f:74:
49:58:25:86:99:d6:ee:f0:9f:e1:c8:05:52:ce:8d:9c:e8:ac:
f6:e6:1a:6c:27:d9:19:70:58:7c:88:db:8b:c5:7a:71:01:15:
9a:3c:d7:97:b8:4c:d0:49:99:0f:14:ef:b4:3f:27:f3:71:bd:
55:cd:8a:4f:6c:d8:09:8b:11:55:04:4b:4c:d7:4e:24:83:1b:
50:64:fa:80:a3:7d:65:da:25:6c:87:e9:e8:0f:d4:c3:e7:aa:
14:54:66:dc:f0:8b:b6:cc:1b:18:e6:a9:63:e3:09:7c:d8:1d:
ec:e8:ce:44:28:6a:de:36:30:3e:b2:f1:b2:ba:d0:3e:91:db:
23:52:d8:93:24:b2:e9:c5:46:b4:40:fd:68:24:5d:7d:c7:96:
11:68:c9:71:52:ce:ce:81:8c:20:fb:07:b8:75:60:83:87:f5:
37:5c:2d:45:61:d0:14:65:c3:0d:4a:b4:83:66:1a:de:a6:94:
5e:81:ca:ff:49:94:1e:6f:db:03:64:65:d4:a5:5e:1f:12:49:
76:75:14:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcwyeCJ/hArthjKBFg24/mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzMwMDQzMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ1ZGRmMmFjYmYzNTRkY2I2YjBlODE5OGU4YThlZjIxZjMzMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB8vfs2dPHp9PO+BLzDHBh8UFOrR
8dkmh2nxyugp0Jmj9zKvCDPd7e/Oop8rSW+bYwxuwuJ9bhf7uVaNijiJyi5FZQtz
lur2mUTxfAsjg7Ix37J95Vgc/m3jBFs5i2ziulg/9ur58RPwCtGEyZeXmS8VEIsN
h2SicOYFPt1SrsjUCO8Sp4r99ABlIHeZoVG0jctTgi0fEOZNQe2Zo0pEv2dz83sA
otpxethVqAn7JTXiexl/DQW4Yj+AcDiLzt9Pv5Ak+f4qgmCVmgg9Yllu+PkQ17Tr
hBysYcFMw5Wl8lDVV6Z2jKLxQu7H7D/Cf3KTA767x+gzJ09sLiM/XWSguQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDXV3fKsvzVNy2sOgZjoqO8h8zFgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTmRYZDhxeV9OVTNMYXc2Qm1PaW83eUh6TVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjo9AwQA
wld3AwQAwle0AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQBxAq5oDjocjgUMGyWR
CHZG1LT2Nu8h5Syd+oyBE6ICXqn62CF8oELxEeLFybngyLIQ8cxiX3RJWCWGmdbu
8J/hyAVSzo2c6Kz25hpsJ9kZcFh8iNuLxXpxARWaPNeXuEzQSZkPFO+0Pyfzcb1V
zYpPbNgJixFVBEtM104kgxtQZPqAo31l2iVsh+noD9TD56oUVGbc8Iu2zBsY5qlj
4wl82B3s6M5EKGreNjA+svGyutA+kdsjUtiTJLLpxUa0QP1oJF19x5YRaMlxUs7O
gYwg+we4dWCDh/U3XC1FYdAUZcMNSrSDZhreppRegcr/SZQeb9sDZGXUpV4fEkl2
dRSO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org