Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O1gxgSZh15G-XnfPbl1ulKW32nE.roa
File: O1gxgSZh15G-XnfPbl1ulKW32nE.roa (raw, json)
Hash identifier: lLQdNZGXOlbztAiCYwXR2ScDK/FO+KXK3VKuCkDRuuE=
Subject key identifier: 3B:58:31:81:26:61:D7:91:BE:5E:77:CF:6E:5D:6E:94:A5:B7:DA:71
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189630707D4271743979621DC023EA3CC67
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O1gxgSZh15G-XnfPbl1ulKW32nE.roa
Signing time: Mon 17 Jul 2023 08:45:52 +0000
ROA not before: Mon 17 Jul 2023 08:45:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11938
IP address blocks: 193.124.44.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:07:07:d4:27:17:43:97:96:21:dc:02:3e:a3:cc:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 17 08:45:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b5831812661d791be5e77cf6e5d6e94a5b7da71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:bf:4e:8a:f0:38:7b:c3:97:dc:84:7a:c7:
d8:08:02:be:52:5f:19:27:65:f0:01:fd:ef:1f:d2:
47:ce:96:45:d9:1f:89:69:97:cd:a8:aa:49:a2:b2:
1c:30:cd:77:4a:35:6a:79:62:14:00:4d:5b:27:de:
e5:cf:e4:48:d1:1a:fb:fc:8b:47:79:05:0c:9a:80:
ee:07:96:08:ad:03:af:40:b5:7f:9c:01:41:3f:a0:
bb:fa:c1:62:6e:88:31:36:ed:fc:a4:bb:92:a4:c2:
59:14:c8:ba:82:da:3e:29:5c:f5:63:0f:14:30:bd:
d5:7e:62:f0:e0:5d:41:6e:a7:89:67:39:74:69:18:
e0:c8:eb:ec:05:0f:b4:e9:68:3a:24:79:92:b0:fa:
a1:8d:32:ed:4e:7e:eb:2e:16:30:36:a7:8e:e8:57:
87:f1:6e:76:75:c8:4f:ff:69:b7:b3:87:2b:95:2b:
60:f4:78:7c:4c:30:c7:c4:0a:9d:26:1d:08:d3:21:
0c:15:f5:b4:b5:e6:af:ca:1c:1b:4d:c6:90:5a:3b:
3d:85:56:7c:98:37:d3:11:82:b2:ac:3d:1c:9e:fe:
fa:46:db:ec:fc:e3:9e:23:6f:1d:73:4b:a3:07:c9:
a3:c0:78:32:20:89:53:de:ce:27:07:0a:38:ad:85:
ec:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:58:31:81:26:61:D7:91:BE:5E:77:CF:6E:5D:6E:94:A5:B7:DA:71
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O1gxgSZh15G-XnfPbl1ulKW32nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.58.41.0/24
194.87.180.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:9f:dc:f7:f0:0c:4f:5f:a7:5c:cc:d0:fb:e1:18:37:13:e3:
9b:4b:c0:62:03:ef:a7:79:06:e3:0d:84:86:96:34:e2:6d:5f:
e4:e9:18:9c:a0:11:5b:dc:b3:95:4c:ab:92:6d:4b:67:0e:06:
fb:26:a2:28:d1:05:4c:7b:53:e2:89:52:0a:88:4c:ad:67:de:
34:03:89:49:a1:85:a8:7f:83:3b:a2:b3:14:7a:0d:26:95:ae:
a7:69:de:06:9d:f2:5b:ac:b8:e9:1f:3a:60:ae:ae:de:ad:b2:
f7:28:b6:12:06:ef:83:a0:68:34:5c:d4:86:26:ca:29:52:d1:
66:ed:96:0b:d8:89:2c:4d:ab:6e:d1:87:48:56:d6:e2:cc:02:
4d:60:42:e3:74:f2:3e:61:6d:c1:26:70:ec:25:b7:b1:90:54:
f7:9d:dc:2c:88:b7:eb:35:97:80:ce:2d:58:f1:0c:78:a2:36:
bf:aa:38:c9:b1:88:57:47:65:6e:14:51:b3:20:cf:46:ba:0b:
9b:62:57:65:6c:42:82:29:e5:2b:d0:d5:fc:ff:0b:6e:5d:79:
da:dd:53:30:18:4a:fc:90:c0:fa:d1:52:91:f6:3a:a9:69:4f:
14:72:0a:8e:f7:e4:2b:58:4c:c4:cd:0b:95:14:1a:49:8e:f1:
48:33:6a:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYljBwfUJxdDl5Yh3AI+o8xnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE3MDg0NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU4MzE4MTI2NjFkNzkxYmU1ZTc3Y2Y2ZTVkNmU5NGE1YjdkYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1q/TorwOHvDl9yEesfYCAK+Ul8Z
J2XwAf3vH9JHzpZF2R+JaZfNqKpJorIcMM13SjVqeWIUAE1bJ97lz+RI0Rr7/ItH
eQUMmoDuB5YIrQOvQLV/nAFBP6C7+sFibogxNu38pLuSpMJZFMi6gto+KVz1Yw8U
ML3VfmLw4F1BbqeJZzl0aRjgyOvsBQ+06Wg6JHmSsPqhjTLtTn7rLhYwNqeO6FeH
8W52dchP/2m3s4crlStg9Hh8TDDHxAqdJh0I0yEMFfW0teavyhwbTcaQWjs9hVZ8
mDfTEYKyrD0cnv76Rtvs/OOeI28dc0ujB8mjwHgyIIlT3s4nBwo4rYXsUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDtYMYEmYdeRvl53z25dbpSlt9pxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzFneGdTWmgxNUctWG5mUGJsMXVsS1czMm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwsAwQA
wjopAwQAwle0MA0GCSqGSIb3DQEBCwUAA4IBAQCLn9z38AxPX6dczND74Rg3E+Ob
S8BiA++neQbjDYSGljTibV/k6RicoBFb3LOVTKuSbUtnDgb7JqIo0QVMe1PiiVIK
iEytZ940A4lJoYWof4M7orMUeg0mla6nad4GnfJbrLjpHzpgrq7erbL3KLYSBu+D
oGg0XNSGJsopUtFm7ZYL2IksTatu0YdIVtbizAJNYELjdPI+YW3BJnDsJbexkFT3
ndwsiLfrNZeAzi1Y8Qx4oja/qjjJsYhXR2VuFFGzIM9GugubYldlbEKCKeUr0NX8
/wtuXXna3VMwGEr8kMD60VKR9jqpaU8UcgqO9+QrWEzEzQuVFBpJjvFIM2oM
-----END CERTIFICATE-----
Generated at Thu Jul 27 16:18:55 2023 by rpki-client on console-fra.rpki-client.org