Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nw5hq4hdrcbNkBQPyfZcMiVzuU8.roa
File: Nw5hq4hdrcbNkBQPyfZcMiVzuU8.roa (raw, json)
Hash identifier: 2byqWyoLZD6RXSHCXs5Cl2APc6pQZ2z+34iQeCLxwcI=
Subject key identifier: 37:0E:61:AB:88:5D:AD:C6:CD:90:14:0F:C9:F6:5C:32:25:73:B9:4F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187522BCC01CACF4A6078D9DBA1C7E7AE00
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nw5hq4hdrcbNkBQPyfZcMiVzuU8.roa
Signing time: Wed 05 Apr 2023 16:06:54 +0000
ROA not before: Wed 05 Apr 2023 16:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:2b:cc:01:ca:cf:4a:60:78:d9:db:a1:c7:e7:ae:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=370e61ab885dadc6cd90140fc9f65c322573b94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c5:14:17:aa:1b:47:2b:1f:dc:91:0c:d6:bd:
07:a8:9b:b3:a7:d5:2f:30:fa:ac:b9:42:65:a4:ce:
d4:6e:f0:98:2a:fb:f5:a2:4f:41:d7:d4:7d:93:9f:
75:e2:d7:2e:1e:fb:85:6d:83:6d:24:8f:77:28:42:
7f:f6:01:79:84:8d:24:2a:46:b2:1a:89:27:c9:b7:
a5:c1:45:b9:c4:f6:bb:5f:f5:e6:db:07:78:1b:5c:
fd:4d:af:c5:65:54:bd:dd:86:84:6a:0f:b8:00:ca:
c6:13:11:17:68:e9:19:a7:d6:e7:00:d4:e4:56:30:
19:25:d4:96:66:33:b3:08:dd:b4:e6:f2:49:85:8d:
eb:0b:36:59:28:24:36:25:1a:eb:85:2a:f4:49:07:
94:fd:1d:f9:ff:b9:38:6a:ef:0e:e7:10:99:42:c8:
d5:36:b2:03:ce:50:6a:37:69:cf:e5:d6:e1:91:30:
3b:29:17:f1:11:5e:84:8c:16:7a:2d:05:ee:0f:ee:
0d:9c:c2:bf:2b:84:c9:a3:22:bc:02:9a:d5:39:ed:
97:19:13:8f:9c:b0:e6:2a:6e:87:6e:6b:eb:e3:fe:
2f:c7:cc:98:d3:7a:61:f4:c4:5f:0e:81:4b:70:b2:
24:5a:2b:f5:97:40:a5:39:50:bd:fe:b5:48:73:79:
f7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0E:61:AB:88:5D:AD:C6:CD:90:14:0F:C9:F6:5C:32:25:73:B9:4F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Nw5hq4hdrcbNkBQPyfZcMiVzuU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
Signature Algorithm: sha256WithRSAEncryption
32:dd:ef:1a:1d:d5:ae:c0:17:58:af:a6:65:31:6e:e9:a4:31:
3b:11:fa:1b:17:79:f8:31:75:56:c3:22:16:7e:44:36:ee:e4:
ec:67:e7:9d:a0:74:7d:46:0f:07:ac:74:83:6c:bd:17:14:a6:
ca:2f:08:35:3b:13:dd:b1:15:b1:15:96:ca:5f:11:9a:32:26:
c7:3b:c1:da:ff:13:67:1b:d2:70:c9:97:fe:57:c8:2c:89:f7:
07:33:d7:87:5b:92:d4:1c:a9:69:1c:3d:14:fe:7c:ab:69:8a:
0f:0f:fe:f4:67:d3:9d:5b:33:d3:a2:cc:1a:3d:09:2e:93:40:
ca:68:84:48:7c:86:2c:23:08:20:da:ad:b9:ec:50:f4:0f:c9:
c1:5d:13:b5:7a:79:17:4d:f5:1a:24:98:d3:b9:f5:40:68:7f:
4a:c1:17:32:c8:7c:08:1a:ed:66:36:1f:c7:54:be:10:e7:2e:
58:93:32:c9:8c:56:98:e6:d1:d9:50:34:8a:b0:81:c2:20:7a:
6a:d7:02:fa:20:1f:c8:c3:77:15:96:b2:4a:8d:d1:f3:ce:07:
80:89:04:3b:18:cb:72:07:65:22:40:91:b8:ce:c0:f5:cf:26:
ed:7f:ec:38:56:c9:8d:0f:ab:1a:57:71:7b:6c:38:28:77:12:
66:68:17:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdSK8wBys9KYHjZ26HH564AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBlNjFhYjg4NWRhZGM2Y2Q5MDE0MGZjOWY2NWMzMjI1NzNiOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8UUF6obRysf3JEM1r0HqJuzp9Uv
MPqsuUJlpM7UbvCYKvv1ok9B19R9k5914tcuHvuFbYNtJI93KEJ/9gF5hI0kKkay
GoknybelwUW5xPa7X/Xm2wd4G1z9Ta/FZVS93YaEag+4AMrGExEXaOkZp9bnANTk
VjAZJdSWZjOzCN205vJJhY3rCzZZKCQ2JRrrhSr0SQeU/R35/7k4au8O5xCZQsjV
NrIDzlBqN2nP5dbhkTA7KRfxEV6EjBZ6LQXuD+4NnMK/K4TJoyK8AprVOe2XGROP
nLDmKm6Hbmvr4/4vx8yY03ph9MRfDoFLcLIkWiv1l0ClOVC9/rVIc3n3FQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDcOYauIXa3GzZAUD8n2XDIlc7lPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTnc1aHE0aGRyY2JOa0JRUHlmWmNNaVZ6dVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYMA0GCSqGSIb3DQEBCwUAA4IBAQAy
3e8aHdWuwBdYr6ZlMW7ppDE7EfobF3n4MXVWwyIWfkQ27uTsZ+edoHR9Rg8HrHSD
bL0XFKbKLwg1OxPdsRWxFZbKXxGaMibHO8Ha/xNnG9JwyZf+V8gsifcHM9eHW5LU
HKlpHD0U/nyraYoPD/70Z9OdWzPToswaPQkuk0DKaIRIfIYsIwgg2q257FD0D8nB
XRO1enkXTfUaJJjTufVAaH9KwRcyyHwIGu1mNh/HVL4Q5y5YkzLJjFaY5tHZUDSK
sIHCIHpq1wL6IB/Iw3cVlrJKjdHzzgeAiQQ7GMtyB2UiQJG4zsD1zybtf+w4VsmN
D6saV3F7bDgodxJmaBeo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org