Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nt1FFKbRzlnB7Y9uf9y1MRFcipc.roa
File: Nt1FFKbRzlnB7Y9uf9y1MRFcipc.roa (raw, json)
Hash identifier: aDXfiq/BiR47vXQt7PgD7mxcClgp5gGCUQVw5OrGCLc=
Subject key identifier: 36:DD:45:14:A6:D1:CE:59:C1:ED:8F:6E:7F:DC:B5:31:11:5C:8A:97
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BF7322A07745DBDB0F5AD386E2A376695
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nt1FFKbRzlnB7Y9uf9y1MRFcipc.roa
Signing time: Wed 22 Nov 2023 13:22:21 +0000
ROA not before: Wed 22 Nov 2023 13:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:32:2a:07:74:5d:bd:b0:f5:ad:38:6e:2a:37:66:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 22 13:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36dd4514a6d1ce59c1ed8f6e7fdcb531115c8a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:e8:47:d7:cc:85:e2:b7:a6:3c:77:32:b4:
85:6b:35:a0:d8:26:8a:b7:ac:04:33:0d:0a:d7:9c:
72:50:06:6c:d9:ed:1d:25:bc:d7:94:40:f5:7d:c4:
4d:b3:5c:9b:ca:9a:7a:f5:49:ac:c1:53:35:5e:7c:
51:a8:6e:fd:32:b7:53:50:a2:d5:11:cf:21:93:32:
8a:63:1d:ec:b2:f8:e4:57:4e:ab:43:1b:ce:67:ae:
1f:2d:16:f0:ea:c8:1c:5f:2d:38:99:f6:c5:ba:64:
16:34:cf:34:da:49:74:57:8f:da:6e:83:01:3b:02:
6f:c3:ba:ca:e3:8c:a6:55:83:10:f4:98:64:91:8c:
e8:05:38:02:a8:83:f3:89:6f:c2:92:50:7f:8b:84:
34:c2:06:8c:a0:cb:6f:0a:a2:7d:9f:2f:2d:f1:da:
36:7b:36:03:f9:eb:b4:d5:17:02:33:2a:86:70:db:
22:3b:ce:fc:be:b5:dc:46:7b:af:10:f3:ac:c8:59:
49:d6:c2:fe:14:aa:0c:43:65:0b:62:47:6b:00:31:
86:da:dc:96:46:35:3f:10:4b:27:b4:9e:9f:a0:d1:
4d:75:43:63:f7:74:52:12:13:68:d1:d3:d3:6f:43:
a0:99:43:4d:21:94:22:36:08:be:55:8c:d4:95:75:
d4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:45:14:A6:D1:CE:59:C1:ED:8F:6E:7F:DC:B5:31:11:5C:8A:97
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nt1FFKbRzlnB7Y9uf9y1MRFcipc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.190.0/24
212.192.217.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6c:1f:70:7f:56:1f:f5:36:90:e9:d2:a4:72:3f:49:12:ea:
89:ac:16:02:3b:66:10:b3:f2:10:5e:3a:b9:bb:98:10:9e:ee:
d5:fb:44:0b:1a:30:15:0d:ca:4c:ab:d5:1e:2c:ac:08:92:64:
74:f6:66:62:0f:e7:ab:62:f4:2f:97:6d:b2:e3:91:77:f3:db:
18:68:23:cf:71:c4:14:2d:7f:00:f1:0a:a4:0f:87:4e:07:a6:
53:f5:42:70:f1:c6:91:59:53:cd:d3:25:47:e4:8c:4b:e2:8b:
e0:8f:3f:0d:cc:75:7f:aa:a5:4b:cc:7f:3c:23:bb:53:44:ec:
a2:90:b3:21:60:b0:9a:30:8e:19:20:d2:ac:3c:2c:d2:d4:5e:
65:42:f5:47:c2:c3:9f:8a:59:7c:a9:10:d3:57:1c:a3:04:e2:
9c:02:0a:21:f5:dd:90:a3:2f:10:e9:0d:88:4e:da:01:d9:b0:
61:25:25:23:d4:1d:18:a8:af:a0:54:4f:09:1f:c9:ca:dd:0b:
06:66:e9:da:2c:52:8f:f5:33:0a:03:c5:de:a4:9f:bc:f8:c5:
67:d3:bb:02:0a:72:f2:c2:59:6a:b5:2e:92:3c:59:2e:41:77:
6d:76:ae:10:5d:2d:45:8b:df:9f:aa:7f:7c:c1:c9:76:e4:e1:
77:68:3b:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYv3MioHdF29sPWtOG4qN2aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIyMTMyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRkNDUxNGE2ZDFjZTU5YzFlZDhmNmU3ZmRjYjUzMTExNWM4YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikvoR9fMheK3pjx3MrSFazWg2CaK
t6wEMw0K15xyUAZs2e0dJbzXlED1fcRNs1ybypp69UmswVM1XnxRqG79MrdTUKLV
Ec8hkzKKYx3ssvjkV06rQxvOZ64fLRbw6sgcXy04mfbFumQWNM802kl0V4/aboMB
OwJvw7rK44ymVYMQ9JhkkYzoBTgCqIPziW/CklB/i4Q0wgaMoMtvCqJ9ny8t8do2
ezYD+eu01RcCMyqGcNsiO878vrXcRnuvEPOsyFlJ1sL+FKoMQ2ULYkdrADGG2tyW
RjU/EEsntJ6foNFNdUNj93RSEhNo0dPTb0OgmUNNIZQiNgi+VYzUlXXUnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDbdRRSm0c5Zwe2Pbn/ctTERXIqXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTnQxRkZLYlJ6bG5CN1k5dWY5eTFNUkZjaXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwHAwQA
wle+AwQA1MDZAwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQBhbB9wf1Yf9TaQ6dKk
cj9JEuqJrBYCO2YQs/IQXjq5u5gQnu7V+0QLGjAVDcpMq9UeLKwIkmR09mZiD+er
YvQvl22y45F389sYaCPPccQULX8A8QqkD4dOB6ZT9UJw8caRWVPN0yVH5IxL4ovg
jz8NzHV/qqVLzH88I7tTROyikLMhYLCaMI4ZINKsPCzS1F5lQvVHwsOfill8qRDT
VxyjBOKcAgoh9d2Qoy8Q6Q2ITtoB2bBhJSUj1B0YqK+gVE8JH8nK3QsGZunaLFKP
9TMKA8XepJ+8+MVn07sCCnLywllqtS6SPFkuQXdtdq4QXS1Fi9+fqn98wcl25OF3
aDu4
-----END CERTIFICATE-----
Generated at Tue Dec 5 11:14:54 2023 by rpki-client on console-fra.rpki-client.org