Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OFRonnITq6vieVcmzxYeOcvK8iE.roa
File: OFRonnITq6vieVcmzxYeOcvK8iE.roa (raw, json)
Hash identifier: pvIRWU6C5k0c/5MmWOX5YcJsjMEfRghDx+Z2Lkn/Txo=
Subject key identifier: 38:54:68:9E:72:13:AB:AB:E2:79:57:26:CF:16:1E:39:CB:CA:F2:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67188ADE6DE2A0FF479B0A8FF4021B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OFRonnITq6vieVcmzxYeOcvK8iE.roa
Signing time: Sun 01 Jan 2023 22:15:05 +0000
ROA not before: Sun 01 Jan 2023 22:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 194.87.250.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:18:8a:de:6d:e2:a0:ff:47:9b:0a:8f:f4:02:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3854689e7213ababe2795726cf161e39cbcaf221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:67:a4:f9:cf:9a:79:5c:b9:9d:df:79:36:2f:
e2:1c:9d:3e:80:1b:78:bf:36:04:01:a9:b8:72:1c:
a7:49:62:1a:73:f9:e3:52:03:e3:38:d1:00:ac:6b:
98:13:e2:2a:09:fc:81:6e:4a:fd:7d:ac:c5:1d:11:
d1:3f:f2:52:e4:5d:a0:78:de:19:88:7d:44:db:22:
4e:c4:e6:f9:3e:1e:36:3f:09:68:8b:1b:74:df:10:
07:ab:fc:98:7e:19:11:bb:21:2c:c8:79:86:3b:a7:
17:7a:bf:6f:b4:e5:cc:a1:38:d4:6b:cd:8d:ee:25:
b1:e1:de:e9:e0:aa:c4:fc:c4:02:0c:96:dc:63:db:
b8:2c:6e:b8:97:80:53:b2:61:07:61:84:51:d6:3d:
d2:ff:92:eb:fc:e7:91:6c:23:d9:0f:a3:21:76:e9:
39:b9:db:4f:88:ae:1b:ff:d7:6f:50:38:a1:4e:da:
cd:dd:cb:d0:b7:ff:0c:c4:ea:6a:7c:73:cd:93:88:
05:e0:58:2a:1f:fb:85:64:3f:0d:16:ac:fb:80:0a:
cf:fb:8b:f0:02:47:9b:1f:f7:7c:f0:53:89:df:29:
dd:4e:1a:05:28:76:be:6f:c8:65:83:16:38:35:b9:
a3:5c:d0:1d:24:0a:0a:82:4a:c3:d5:05:49:b2:6a:
2b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:54:68:9E:72:13:AB:AB:E2:79:57:26:CF:16:1E:39:CB:CA:F2:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OFRonnITq6vieVcmzxYeOcvK8iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.41.0/24
194.87.250.0/24
195.133.28.0/24
Signature Algorithm: sha256WithRSAEncryption
88:36:8a:d1:f6:3f:e8:4f:d7:e2:3b:af:bc:34:f6:9f:68:04:
bf:65:4f:de:d8:11:df:82:a1:48:c0:1e:78:15:d8:fb:c3:10:
ad:3a:b4:a5:a4:94:85:16:e0:15:aa:84:2d:4b:f4:7e:af:94:
79:5b:fb:ae:95:0c:a2:7c:50:61:8d:40:e3:07:ea:ba:f7:bc:
68:ee:ce:52:93:ed:bb:2c:ab:c1:a5:b5:26:af:5e:a8:0b:62:
3d:c5:4c:cb:74:4a:99:f1:03:39:c0:99:d7:f9:4b:8b:4b:22:
7b:4e:e6:72:ad:0d:64:66:33:71:80:bc:07:f3:80:84:62:4e:
ce:02:ac:13:e4:dc:b3:a0:66:0c:e1:d0:54:0d:58:d7:3d:24:
21:7b:34:e9:43:9e:08:02:cd:3d:df:b1:34:3f:8a:e6:5c:17:
97:bd:51:bf:07:bc:c1:87:0e:a8:19:54:88:27:92:eb:95:b0:
ff:94:5a:e3:b8:06:37:15:6c:b7:5e:0c:47:ba:bd:53:91:03:
93:aa:e3:28:ee:40:43:6a:d6:b5:1f:d3:c5:6b:0f:d3:da:a1:
7c:30:b2:87:22:6c:f4:da:13:8c:64:a0:c4:20:da:98:7b:78:
ec:5f:97:43:48:3b:93:3c:22:4e:79:a8:2f:e7:18:fe:16:ce:
cc:6e:03:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZxiK3m3ioP9HmwqP9AIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU0Njg5ZTcyMTNhYmFiZTI3OTU3MjZjZjE2MWUzOWNiY2FmMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmek+c+aeVy5nd95Ni/iHJ0+gBt4
vzYEAam4chynSWIac/njUgPjONEArGuYE+IqCfyBbkr9fazFHRHRP/JS5F2geN4Z
iH1E2yJOxOb5Ph42Pwloixt03xAHq/yYfhkRuyEsyHmGO6cXer9vtOXMoTjUa82N
7iWx4d7p4KrE/MQCDJbcY9u4LG64l4BTsmEHYYRR1j3S/5Lr/OeRbCPZD6Mhduk5
udtPiK4b/9dvUDihTtrN3cvQt/8MxOpqfHPNk4gF4FgqH/uFZD8NFqz7gArP+4vw
AkebH/d88FOJ3yndThoFKHa+b8hlgxY4NbmjXNAdJAoKgkrD1QVJsmorAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDhUaJ5yE6ur4nlXJs8WHjnLyvIhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT0ZSb25uSVRxNnZpZVZjbXp4WWVPY3ZLOGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjopAwQA
wlf6AwQAw4UcMA0GCSqGSIb3DQEBCwUAA4IBAQCINorR9j/oT9fiO6+8NPafaAS/
ZU/e2BHfgqFIwB54Fdj7wxCtOrSlpJSFFuAVqoQtS/R+r5R5W/uulQyifFBhjUDj
B+q697xo7s5Sk+27LKvBpbUmr16oC2I9xUzLdEqZ8QM5wJnX+UuLSyJ7TuZyrQ1k
ZjNxgLwH84CEYk7OAqwT5NyzoGYM4dBUDVjXPSQhezTpQ54IAs0937E0P4rmXBeX
vVG/B7zBhw6oGVSIJ5LrlbD/lFrjuAY3FWy3XgxHur1TkQOTquMo7kBData1H9PF
aw/T2qF8MLKHImz02hOMZKDEINqYe3jsX5dDSDuTPCJOeagv5xj+Fs7MbgNN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:02 2023 by rpki-client on console-fra.rpki-client.org