Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P0MXy7higZD47K0rOZnoRH7MyG0.roa
File: P0MXy7higZD47K0rOZnoRH7MyG0.roa (raw, json)
Hash identifier: OVl/pgCoZKpW/Fp98QaCDvU3gL816p3ZdAGHkgec58Q=
Subject key identifier: 3F:43:17:CB:B8:62:81:90:F8:EC:AD:2B:39:99:E8:44:7E:CC:C8:6D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A270121B9BF4447738B3060D9B0AD87A2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P0MXy7higZD47K0rOZnoRH7MyG0.roa
Signing time: Thu 24 Aug 2023 10:05:00 +0000
ROA not before: Thu 24 Aug 2023 10:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 212.193.31.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:01:21:b9:bf:44:47:73:8b:30:60:d9:b0:ad:87:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 24 10:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f4317cbb8628190f8ecad2b3999e8447eccc86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:b7:4a:90:a9:8b:83:b3:05:1d:fe:06:b5:
08:83:0e:7e:db:60:82:f4:57:6b:81:26:8a:39:d4:
a5:f8:da:f9:15:cc:9d:2d:29:e8:92:79:c7:fe:12:
a7:4e:af:ad:d1:48:d3:ea:84:ff:42:6d:da:18:da:
76:f3:a3:97:cc:2e:f4:83:5e:4d:05:54:5d:61:fb:
31:c3:dd:01:5d:be:34:d6:71:02:b8:94:cd:13:30:
14:2c:e4:7f:07:93:9d:74:d5:1f:40:93:f8:34:84:
85:a7:6c:ab:5f:47:ab:43:b8:f7:60:c5:ff:4a:e3:
51:ea:76:dc:1a:49:31:c9:86:fe:a9:d0:8e:41:76:
1c:27:76:d0:a4:16:ba:e3:dc:e0:24:fa:53:6b:6f:
e7:cd:48:3d:ba:40:3e:76:dc:81:31:cb:70:de:0c:
f6:f2:31:b2:55:2f:c7:0c:b0:4e:63:d4:7a:f8:32:
1e:3d:9c:b0:10:5b:f7:3d:92:ee:ff:c7:93:13:e2:
68:1e:09:8a:ae:4c:2f:c7:a2:9b:12:b1:91:16:e0:
c8:56:66:1a:60:ce:c5:cc:17:91:c2:1b:f5:7f:a7:
98:41:39:12:c0:c1:3c:8c:e8:de:57:67:94:0b:b2:
57:24:66:bb:0c:4d:b5:20:2a:4f:4c:62:eb:38:b5:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:43:17:CB:B8:62:81:90:F8:EC:AD:2B:39:99:E8:44:7E:CC:C8:6D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P0MXy7higZD47K0rOZnoRH7MyG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.138.0/24
194.87.161.0/24
194.87.180.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
62:26:1b:0a:77:46:56:c8:16:97:a7:9f:07:9e:44:83:dc:ae:
2c:5a:3c:65:c0:9b:10:3b:30:84:67:4c:44:b8:43:7d:4f:d7:
d2:6e:c4:00:22:d5:4d:ae:7e:5e:f3:f6:6a:f1:ce:d6:85:51:
09:bc:67:c9:56:e8:08:3c:54:5e:39:0f:05:55:7f:43:58:60:
24:2d:bf:40:a7:74:1c:74:c0:0a:97:c2:94:75:ee:c8:ae:2e:
ff:9d:e8:0c:3f:4a:ae:dd:83:8e:bd:8d:b2:e8:51:e5:b9:cb:
0a:07:f5:91:e2:04:de:ed:92:9e:55:2e:8e:e1:0b:c2:9e:0a:
1c:05:fb:6d:db:8a:85:6e:3b:d3:34:7d:77:43:d5:0f:52:4f:
8f:80:26:fe:08:99:83:5e:44:7f:e4:56:df:30:d1:fa:8f:ff:
df:ad:ed:9b:cd:da:6b:b3:06:6e:a4:d7:a7:6c:48:e6:e8:93:
d1:24:23:a3:dd:ae:08:f1:00:30:11:02:a3:4c:96:0d:ab:2e:
66:10:da:b0:50:4e:32:6f:73:2f:22:37:46:66:91:ea:23:cf:
eb:89:cb:30:c9:ce:66:d5:5e:ae:90:dd:f2:85:69:8b:97:62:
88:49:da:0c:9e:99:d2:ea:36:72:1a:f4:f7:6c:d4:da:83:02:
5d:b6:ac:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYonASG5v0RHc4swYNmwrYeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI0MTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQzMTdjYmI4NjI4MTkwZjhlY2FkMmIzOTk5ZTg0NDdlY2NjODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4C3SpCpi4OzBR3+BrUIgw5+22CC
9FdrgSaKOdSl+Nr5FcydLSnoknnH/hKnTq+t0UjT6oT/Qm3aGNp286OXzC70g15N
BVRdYfsxw90BXb401nECuJTNEzAULOR/B5OddNUfQJP4NISFp2yrX0erQ7j3YMX/
SuNR6nbcGkkxyYb+qdCOQXYcJ3bQpBa649zgJPpTa2/nzUg9ukA+dtyBMctw3gz2
8jGyVS/HDLBOY9R6+DIePZywEFv3PZLu/8eTE+JoHgmKrkwvx6KbErGRFuDIVmYa
YM7FzBeRwhv1f6eYQTkSwME8jOjeV2eUC7JXJGa7DE21ICpPTGLrOLW2vQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD9DF8u4YoGQ+OytKzmZ6ER+zMhtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUDBNWHk3aGlnWkQ0N0swck9abm9SSDdNeUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwleKAwQA
wlehAwQAwle0AwQA1MEfMA0GCSqGSIb3DQEBCwUAA4IBAQBiJhsKd0ZWyBaXp58H
nkSD3K4sWjxlwJsQOzCEZ0xEuEN9T9fSbsQAItVNrn5e8/Zq8c7WhVEJvGfJVugI
PFReOQ8FVX9DWGAkLb9Ap3QcdMAKl8KUde7Iri7/negMP0qu3YOOvY2y6FHlucsK
B/WR4gTe7ZKeVS6O4QvCngocBftt24qFbjvTNH13Q9UPUk+PgCb+CJmDXkR/5Fbf
MNH6j//fre2bzdprswZupNenbEjm6JPRJCOj3a4I8QAwEQKjTJYNqy5mENqwUE4y
b3MvIjdGZpHqI8/ricswyc5m1V6ukN3yhWmLl2KISdoMnpnS6jZyGvT3bNTagwJd
tqxF
-----END CERTIFICATE-----
Generated at Fri Aug 25 20:46:05 2023 by rpki-client on console-ams.rpki-client.org