Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OynKHQYb2qjqv0-k-ulYSA3MX2g.roa
File: OynKHQYb2qjqv0-k-ulYSA3MX2g.roa (raw, json)
Hash identifier: pqaTSXoAJQgK8g61ofhzFWWBBFnZNBxM1kI5ALgXyzE=
Subject key identifier: 3B:29:CA:1D:06:1B:DA:A8:EA:BF:4F:A4:FA:E9:58:48:0D:CC:5F:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189CF941F5D62CA4BD0D9C9BA23C70540AF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OynKHQYb2qjqv0-k-ulYSA3MX2g.roa
Signing time: Mon 07 Aug 2023 10:38:58 +0000
ROA not before: Mon 07 Aug 2023 10:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.7.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:94:1f:5d:62:ca:4b:d0:d9:c9:ba:23:c7:05:40:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 7 10:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b29ca1d061bdaa8eabf4fa4fae958480dcc5f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:62:15:22:f2:4f:6a:be:45:8d:75:b8:31:6c:
92:ea:a5:b3:90:31:6a:6b:39:94:4a:25:21:d4:bb:
3b:23:2e:2a:84:01:57:d9:ee:71:9f:26:e9:ec:1d:
5c:b0:b5:6d:45:25:c8:26:9c:1f:38:e8:10:f2:a0:
cc:f1:da:bf:ac:73:85:13:44:30:98:e1:b7:77:c6:
5a:87:35:42:20:47:72:70:75:8a:2e:5c:36:7c:df:
9e:a6:9b:49:90:c7:e1:38:40:9b:d0:64:c6:7f:45:
f4:19:4d:49:e9:e4:62:f3:ca:35:21:74:a5:c3:3e:
bc:01:0e:c8:e6:95:ec:32:d0:92:4b:c2:0c:5f:cf:
e6:73:42:e9:8a:46:9f:09:dd:eb:9b:00:c2:82:fc:
cb:90:69:53:30:61:b2:ba:cb:8f:90:18:18:41:29:
6d:91:8f:01:8b:eb:b5:c7:ee:aa:63:11:57:fd:79:
73:01:4c:3e:7c:e6:50:38:63:a0:3e:4e:d0:83:35:
23:79:c1:13:41:4c:df:b9:f6:b3:11:c4:65:e2:4c:
38:72:9e:3e:1d:91:ea:2f:72:79:98:46:62:f3:0f:
c4:92:0c:31:1c:06:98:57:ce:02:26:19:55:4a:04:
41:8b:5f:43:de:6c:72:f1:aa:51:07:b8:24:fd:58:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:29:CA:1D:06:1B:DA:A8:EA:BF:4F:A4:FA:E9:58:48:0D:CC:5F:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OynKHQYb2qjqv0-k-ulYSA3MX2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.87.7.0/24
194.87.25.0/24
194.87.51.0/24
194.87.54.0/24
194.87.163.0/24
195.58.35.0/24
195.58.38.0/24
195.133.14.0/24
195.133.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:dd:4a:59:29:72:16:a8:a9:9a:6a:10:80:6d:53:4d:85:37:
63:e1:bc:72:d2:28:42:8f:c4:33:d5:d3:d3:13:a7:85:1a:d2:
60:f2:d1:c0:01:14:ad:61:2c:2b:cf:f6:99:b9:12:bc:6d:aa:
38:e6:32:d7:f7:8b:d4:65:af:19:ba:55:f5:7c:d6:d5:25:b6:
17:11:72:a7:22:1c:cb:11:ad:8f:bc:7e:32:da:37:3b:9e:e0:
57:3b:0a:6a:bf:a1:13:e3:4b:64:70:61:4c:70:a4:db:fe:25:
d3:e0:f5:9b:11:46:1d:b5:f3:6b:4f:9f:53:9e:05:6c:1e:50:
9e:2c:9e:5f:72:61:d4:ec:2a:ed:55:b9:4f:ee:fc:f4:9a:89:
0a:c3:68:b8:50:37:c5:1b:1b:fa:45:c6:79:d8:47:de:fd:88:
be:22:8c:c0:00:b5:af:78:e4:03:5b:20:e8:60:07:fa:33:32:
d7:1b:6b:16:09:66:b5:cc:ed:33:52:2b:4f:7f:f8:2d:52:ff:
b8:91:d2:b2:f9:02:a4:3c:03:78:fb:9d:5c:56:f6:bd:9b:3e:
cf:e0:ff:8c:9e:d5:32:69:d4:9d:a3:fe:60:65:f2:ae:27:03:
83:d9:2e:6a:d1:cd:e2:89:73:14:f5:b0:a2:6f:9a:5a:03:4a:
1b:e7:af:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYnPlB9dYspL0NnJuiPHBUCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA3MTAzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI5Y2ExZDA2MWJkYWE4ZWFiZjRmYTRmYWU5NTg0ODBkY2M1ZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2IVIvJPar5FjXW4MWyS6qWzkDFq
azmUSiUh1Ls7Iy4qhAFX2e5xnybp7B1csLVtRSXIJpwfOOgQ8qDM8dq/rHOFE0Qw
mOG3d8ZahzVCIEdycHWKLlw2fN+epptJkMfhOECb0GTGf0X0GU1J6eRi88o1IXSl
wz68AQ7I5pXsMtCSS8IMX8/mc0LpikafCd3rmwDCgvzLkGlTMGGyusuPkBgYQSlt
kY8Bi+u1x+6qYxFX/XlzAUw+fOZQOGOgPk7QgzUjecETQUzfufazEcRl4kw4cp4+
HZHqL3J5mEZi8w/EkgwxHAaYV84CJhlVSgRBi19D3mxy8apRB7gk/VgVwwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDspyh0GG9qo6r9PpPrpWEgNzF9oMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3luS0hRWWIycWpxdjAtay11bFlTQTNNWDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy1AwQA
wlcHAwQAwlcZAwQAwlczAwQAwlc2AwQAwlejAwQAwzojAwQAwzomAwQAw4UOAwQA
w4XDMA0GCSqGSIb3DQEBCwUAA4IBAQAO3UpZKXIWqKmaahCAbVNNhTdj4bxy0ihC
j8Qz1dPTE6eFGtJg8tHAARStYSwrz/aZuRK8bao45jLX94vUZa8ZulX1fNbVJbYX
EXKnIhzLEa2PvH4y2jc7nuBXOwpqv6ET40tkcGFMcKTb/iXT4PWbEUYdtfNrT59T
ngVsHlCeLJ5fcmHU7CrtVblP7vz0mokKw2i4UDfFGxv6RcZ52Efe/Yi+IozAALWv
eOQDWyDoYAf6MzLXG2sWCWa1zO0zUitPf/gtUv+4kdKy+QKkPAN4+51cVva9mz7P
4P+MntUyadSdo/5gZfKuJwOD2S5q0c3iiXMU9bCib5paA0ob5688
-----END CERTIFICATE-----
Generated at Tue Aug 8 06:34:55 2023 by rpki-client on console-ams.rpki-client.org