Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKyTVNYPrx1eNSb-oL6meMrEwn0.roa
File: PKyTVNYPrx1eNSb-oL6meMrEwn0.roa (raw, json)
Hash identifier: V/3FDHpYzp0BirH3mJohIpPGu5KSymEAMMq3uJvbSCs=
Subject key identifier: 3C:AC:93:54:D6:0F:AF:1D:5E:35:26:FE:A0:BE:A6:78:CA:C4:C2:7D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01894F210779F9C210419A15D94179760B6D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKyTVNYPrx1eNSb-oL6meMrEwn0.roa
Signing time: Thu 13 Jul 2023 12:01:51 +0000
ROA not before: Thu 13 Jul 2023 12:01:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:21:07:79:f9:c2:10:41:9a:15:d9:41:79:76:0b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 13 12:01:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cac9354d60faf1d5e3526fea0bea678cac4c27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:2c:a0:ed:3a:e4:5e:d7:fe:4e:bc:42:00:
57:3d:e5:1e:76:a6:1f:76:3c:60:46:c5:aa:e7:5c:
94:d2:a8:a6:db:83:1e:bf:e2:dc:e8:57:87:34:df:
6e:5f:0f:6a:0e:8d:69:3f:a2:3a:35:d7:e6:d5:f2:
a4:6e:e3:2b:45:5d:cd:2a:bd:45:84:8a:7f:f9:f1:
55:4f:06:06:70:90:51:75:ed:f6:66:3d:5b:15:48:
a7:41:fb:41:84:03:cc:b3:5c:79:00:a4:46:5d:52:
1f:7e:d1:c0:1c:6c:a4:5e:f1:13:84:53:ae:b6:51:
9f:be:d4:f4:cd:84:5d:e9:c5:65:db:02:e2:76:b4:
bb:f8:31:9a:52:ee:65:93:74:77:6c:6d:81:a1:4a:
2b:67:4b:c6:d1:73:45:e8:3f:c3:01:67:7f:10:72:
8b:17:45:54:45:21:d0:4a:42:40:d3:01:95:21:a9:
8b:f0:08:5d:96:de:68:54:ff:c6:20:91:c0:60:82:
fb:3e:d2:99:d1:aa:89:b6:d4:ec:a4:e0:78:d0:de:
e2:df:71:8b:9a:71:19:3f:cc:40:80:93:c8:fe:c5:
76:f6:7d:81:c8:77:7f:80:7f:0e:ea:0b:a6:65:c8:
67:9f:f3:e7:44:bd:6e:a9:6f:98:35:37:5f:c8:68:
0f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AC:93:54:D6:0F:AF:1D:5E:35:26:FE:A0:BE:A6:78:CA:C4:C2:7D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKyTVNYPrx1eNSb-oL6meMrEwn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.58.44.0/24
194.87.2.0/24
194.87.18.0/24
194.87.170.0/24
194.87.205.0/24
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f4:f2:8d:66:71:3a:8e:aa:ed:a8:2e:97:dd:f7:75:1a:03:
28:86:d9:b8:e2:52:73:65:fe:22:db:a8:1f:90:99:1a:e5:42:
c6:ea:ef:96:b3:8d:db:2b:c4:fd:a6:be:56:69:88:d2:d0:a7:
5c:71:d0:de:a6:24:76:b5:30:23:2a:4f:0d:ae:e6:c7:ca:87:
80:e8:13:da:d6:60:23:5a:75:02:ef:67:52:1d:be:fa:3b:56:
61:14:e7:ab:c7:62:8e:ae:35:3d:a4:e7:e6:23:b3:fa:f2:4b:
61:25:c1:4a:30:c8:e2:11:f3:86:77:b6:94:2a:5a:0c:de:85:
39:1d:e3:db:71:09:69:f7:21:7d:8b:42:9a:75:da:d5:ef:9f:
27:83:e4:08:4f:19:b5:c1:bf:2c:27:3d:1b:07:9a:20:10:ec:
d2:7c:79:46:fa:49:a6:20:40:98:b7:6a:07:44:f2:e2:be:3a:
9e:ce:cd:50:6b:b2:0f:de:e8:6b:ce:cc:c3:cf:ce:c0:b6:67:
d6:6e:37:a7:aa:07:12:1f:d6:0c:87:1a:ed:69:85:7c:00:e7:
9e:74:34:62:9b:ae:35:53:59:e3:e1:89:68:a5:20:c2:fd:1d:
55:03:ce:46:48:c0:1a:00:56:5f:cc:41:94:8c:23:0f:c5:4d:
a1:51:9a:3b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYlPIQd5+cIQQZoV2UF5dgttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEzMTIwMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FjOTM1NGQ2MGZhZjFkNWUzNTI2ZmVhMGJlYTY3OGNhYzRjMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsksoO065F7X/k68QgBXPeUedqYf
djxgRsWq51yU0qim24Mev+Lc6FeHNN9uXw9qDo1pP6I6Ndfm1fKkbuMrRV3NKr1F
hIp/+fFVTwYGcJBRde32Zj1bFUinQftBhAPMs1x5AKRGXVIfftHAHGykXvEThFOu
tlGfvtT0zYRd6cVl2wLidrS7+DGaUu5lk3R3bG2BoUorZ0vG0XNF6D/DAWd/EHKL
F0VURSHQSkJA0wGVIamL8Ahdlt5oVP/GIJHAYIL7PtKZ0aqJttTspOB40N7i33GL
mnEZP8xAgJPI/sV29n2ByHd/gH8O6gumZchnn/PnRL1uqW+YNTdfyGgPhwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDysk1TWD68dXjUm/qC+pnjKxMJ9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUEt5VFZOWVByeDFlTlNiLW9MNm1lTXJFd24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXzNAwQA
wjosAwQAwlcCAwQAwlcSAwQAwleqAwQAwlfNAwQAwlf2MA0GCSqGSIb3DQEBCwUA
A4IBAQBb9PKNZnE6jqrtqC6X3fd1GgMohtm44lJzZf4i26gfkJka5ULG6u+Ws43b
K8T9pr5WaYjS0KdccdDepiR2tTAjKk8NrubHyoeA6BPa1mAjWnUC72dSHb76O1Zh
FOerx2KOrjU9pOfmI7P68kthJcFKMMjiEfOGd7aUKloM3oU5HePbcQlp9yF9i0Ka
ddrV758ng+QITxm1wb8sJz0bB5ogEOzSfHlG+kmmIECYt2oHRPLivjqezs1Qa7IP
3uhrzszDz87AtmfWbjenqgcSH9YMhxrtaYV8AOeedDRim641U1nj4YlopSDC/R1V
A85GSMAaAFZfzEGUjCMPxU2hUZo7
-----END CERTIFICATE-----
Generated at Thu Aug 10 15:34:56 2023 by rpki-client on console-ams.rpki-client.org