Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OhReCuKGuw7V_EelFrZh-N4YYFE.roa
File: OhReCuKGuw7V_EelFrZh-N4YYFE.roa (raw, json)
Hash identifier: tmMkNBgqa2/Hqwc///pAK8NLKddRbZvFd+ymuHU6hwE=
Subject key identifier: 3A:14:5E:0A:E2:86:BB:0E:D5:FC:47:A5:16:B6:61:F8:DE:18:60:51
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A893BC4F0401D2D569DE929898F70FEDB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OhReCuKGuw7V_EelFrZh-N4YYFE.roa
Signing time: Tue 12 Sep 2023 11:51:50 +0000
ROA not before: Tue 12 Sep 2023 11:51:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216394
IP address blocks: 194.87.246.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:3b:c4:f0:40:1d:2d:56:9d:e9:29:89:8f:70:fe:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 12 11:51:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a145e0ae286bb0ed5fc47a516b661f8de186051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:95:7d:fc:2f:34:b6:e0:c1:e4:1b:08:64:0b:
0a:14:58:d6:a6:0a:9c:bc:94:a4:f0:1d:56:d0:b2:
26:75:b2:81:3e:1d:b6:92:2a:de:d8:f9:5c:e3:49:
4a:dd:fc:2c:c2:b8:10:0e:55:b3:87:fb:95:c8:aa:
de:73:07:34:24:bc:a0:54:f2:78:6c:57:1e:52:dd:
04:71:00:b1:1a:4f:7b:db:a0:cf:de:bd:78:a5:59:
6b:f7:7d:82:5e:ef:06:0b:c6:48:e4:52:d1:6b:e1:
06:6f:51:b3:1b:60:4d:42:90:e7:ab:50:8c:b7:4b:
96:54:b1:fc:bb:12:0d:a1:d2:75:69:53:29:5b:d3:
a6:12:88:c8:20:8b:10:d2:61:88:c0:ec:0b:4b:dc:
0f:a3:29:4f:67:96:91:39:c0:c7:14:d5:be:91:ce:
8d:b1:15:be:65:1e:34:72:ed:13:99:48:48:cd:82:
b1:5c:c3:de:29:10:e1:05:e1:fd:b6:3a:11:84:13:
1f:67:e7:e5:75:c1:13:b4:c8:aa:f1:65:6a:06:c8:
ec:4a:3b:ce:2a:0e:93:f2:47:8a:15:8e:2a:3f:cc:
3b:3f:c1:3a:79:5c:a4:b3:6f:26:76:06:97:39:ef:
8c:00:76:6d:cb:a6:37:9d:95:37:a8:b5:65:d8:47:
d5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:5E:0A:E2:86:BB:0E:D5:FC:47:A5:16:B6:61:F8:DE:18:60:51
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OhReCuKGuw7V_EelFrZh-N4YYFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
195.133.43.0/24
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
44:15:95:26:f3:fe:37:25:da:4b:ce:7e:b2:2d:19:88:61:98:
e5:34:74:ef:c1:58:6f:89:58:cd:3d:ae:48:65:c8:cd:0d:0f:
34:3d:a9:67:cf:ff:82:42:13:55:c1:a6:86:78:11:70:8f:c4:
6f:eb:85:5d:4d:66:ae:28:08:71:ba:e2:26:46:3b:c6:9d:ab:
c7:e6:50:46:5b:20:75:5f:57:4d:79:0a:96:53:8b:a6:e8:fb:
e3:58:c5:8a:89:04:19:af:a6:ad:8d:5d:fc:c9:d1:e8:ed:fc:
ff:ac:0c:65:af:4d:7b:f3:1b:7e:b3:30:74:b2:7a:24:d8:2c:
29:4e:06:4c:d0:f5:26:1f:3a:16:9e:87:09:8d:d3:32:b5:73:
49:3f:ad:69:5b:b1:67:54:d2:c6:20:96:4f:fd:99:79:22:27:
4a:c3:24:09:83:75:8b:bf:5b:f2:68:52:6d:dc:16:46:a4:43:
e8:9f:fa:83:e1:be:1e:88:d0:68:52:32:27:1c:b5:26:fe:9a:
c7:48:30:f6:3c:e8:bd:15:66:5d:2b:34:6b:d7:ce:45:de:2a:
c1:34:2b:53:29:fb:6f:3d:e0:fc:f2:2b:68:d3:ff:d4:6f:d4:
8a:10:60:44:87:95:44:d1:30:87:27:81:aa:8a:d9:3f:eb:96:
36:7a:b2:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqJO8TwQB0tVp3pKYmPcP7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTEyMTE1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE0NWUwYWUyODZiYjBlZDVmYzQ3YTUxNmI2NjFmOGRlMTg2MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpV9/C80tuDB5BsIZAsKFFjWpgqc
vJSk8B1W0LImdbKBPh22kire2Plc40lK3fwswrgQDlWzh/uVyKrecwc0JLygVPJ4
bFceUt0EcQCxGk9726DP3r14pVlr932CXu8GC8ZI5FLRa+EGb1GzG2BNQpDnq1CM
t0uWVLH8uxINodJ1aVMpW9OmEojIIIsQ0mGIwOwLS9wPoylPZ5aROcDHFNW+kc6N
sRW+ZR40cu0TmUhIzYKxXMPeKRDhBeH9tjoRhBMfZ+fldcETtMiq8WVqBsjsSjvO
Kg6T8keKFY4qP8w7P8E6eVyks28mdgaXOe+MAHZty6Y3nZU3qLVl2EfVrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoUXgrihrsO1fxHpRa2YfjeGGBRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT2hSZUN1S0d1dzdWX0VlbEZyWmgtTjRZWUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlf2AwQA
w4UrAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQBEFZUm8/43JdpLzn6yLRmIYZjl
NHTvwVhviVjNPa5IZcjNDQ80Palnz/+CQhNVwaaGeBFwj8Rv64VdTWauKAhxuuIm
RjvGnavH5lBGWyB1X1dNeQqWU4um6PvjWMWKiQQZr6atjV38ydHo7fz/rAxlr017
8xt+szB0snok2CwpTgZM0PUmHzoWnocJjdMytXNJP61pW7FnVNLGIJZP/Zl5IidK
wyQJg3WLv1vyaFJt3BZGpEPon/qD4b4eiNBoUjInHLUm/prHSDD2POi9FWZdKzRr
185F3irBNCtTKftvPeD88ito0//Ub9SKEGBEh5VE0TCHJ4Gqitk/65Y2erLG
-----END CERTIFICATE-----
Generated at Fri Sep 15 09:36:46 2023 by rpki-client on console-ams.rpki-client.org