Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PhrZNCqIpNR7wgwfu7v7z1e3O1E.roa
File: PhrZNCqIpNR7wgwfu7v7z1e3O1E.roa (raw, json)
Hash identifier: eRjf8CMcqeVpgG8J/pKPJCautOYOBsr9+ByFib6oJnY=
Subject key identifier: 3E:1A:D9:34:2A:88:A4:D4:7B:C2:0C:1F:BB:BB:FB:CF:57:B7:3B:51
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018929CDF4FE1C7F75815577E7233BE204D9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PhrZNCqIpNR7wgwfu7v7z1e3O1E.roa
Signing time: Thu 06 Jul 2023 06:05:10 +0000
ROA not before: Thu 06 Jul 2023 06:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198802
IP address blocks: 193.124.2.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:29:cd:f4:fe:1c:7f:75:81:55:77:e7:23:3b:e2:04:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 6 06:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e1ad9342a88a4d47bc20c1fbbbbfbcf57b73b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4b:7f:03:20:1e:26:61:f6:6c:01:68:c4:72:
f1:37:37:df:6f:93:51:1b:24:51:74:ec:ea:77:30:
ef:4c:d9:e5:30:5e:9a:41:d8:b3:b0:93:23:ab:4e:
a2:8e:03:ee:a5:f7:cf:d2:79:d3:e0:b0:bb:ce:93:
7d:d0:15:fd:5f:da:1f:f5:4d:66:ce:8a:9e:3d:17:
8d:1d:4e:0a:71:7c:2f:57:66:22:13:86:f1:f6:38:
ef:d8:c5:43:e3:af:27:87:df:91:bf:91:3d:ec:e3:
cf:73:0f:04:8a:88:64:16:54:1d:c9:08:1a:6b:92:
8a:61:49:8d:2a:f0:12:71:90:db:e2:dd:01:a5:dc:
5d:ca:54:20:a5:07:6d:0b:73:c6:0f:1c:6d:b2:cc:
d4:46:1d:55:58:1a:a3:68:f5:b6:b0:c8:38:de:4b:
b7:c7:8d:1d:d3:14:39:b9:3d:d9:04:ca:2c:f9:52:
89:f0:86:3c:9c:c7:57:5c:e0:3e:d3:ed:52:ed:c8:
1b:80:4a:3f:a3:3e:4f:43:8d:5b:8f:a2:7f:db:f3:
2e:9b:9e:83:7b:cd:20:0a:21:8e:80:2a:46:4c:0d:
ab:90:7e:08:ff:38:f4:e6:1d:04:ca:45:53:fd:45:
24:17:8e:ba:20:73:53:08:dd:d8:d4:c5:80:f5:4a:
7b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1A:D9:34:2A:88:A4:D4:7B:C2:0C:1F:BB:BB:FB:CF:57:B7:3B:51
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PhrZNCqIpNR7wgwfu7v7z1e3O1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.115.0/24
193.124.2.0/24
195.133.22.0/24
Signature Algorithm: sha256WithRSAEncryption
63:07:4b:46:02:bd:67:e3:8d:3a:ef:a2:8e:3b:47:5a:56:f1:
61:c3:ce:79:a5:d2:4c:fd:b0:6d:33:b4:0a:92:8c:0b:29:7d:
2c:76:50:02:3a:ab:3b:d8:b8:80:19:53:27:ca:46:ea:58:5e:
a3:b1:77:2e:e9:be:63:4d:37:43:20:9b:7f:a0:c4:07:92:9c:
b8:57:39:f8:7a:2c:65:e3:a0:bd:57:9b:4d:1b:24:c8:59:2d:
9a:d7:8e:52:c3:e8:1e:18:62:91:d6:c2:55:ed:79:1d:cd:5d:
61:65:c2:99:75:68:8c:4f:ec:dd:8d:f0:8a:9e:9a:c1:a9:32:
44:65:9f:e8:00:39:7a:4c:ec:3b:d8:54:ef:fb:6e:94:4f:e3:
af:ea:bb:7e:48:5b:47:eb:71:ee:e0:96:ab:fb:25:94:b2:ae:
9d:16:18:94:a3:37:96:65:59:12:92:bf:da:eb:0d:a2:97:b0:
20:85:33:6d:e6:b0:bf:ba:4f:d1:ac:2d:66:7c:89:f7:2e:db:
fe:7b:11:4e:8e:67:45:5d:29:d1:42:7c:30:83:93:3a:b8:75:
56:18:db:75:1b:4d:d0:9e:2c:82:ea:88:7b:ea:46:c7:ad:c6:
d8:4c:ff:74:24:a9:ed:cf:05:52:60:50:77:8d:b9:cf:2a:ed:
af:08:fc:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkpzfT+HH91gVV35yM74gTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA2MDYwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTFhZDkzNDJhODhhNGQ0N2JjMjBjMWZiYmJiZmJjZjU3YjczYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEt/AyAeJmH2bAFoxHLxNzffb5NR
GyRRdOzqdzDvTNnlMF6aQdizsJMjq06ijgPupffP0nnT4LC7zpN90BX9X9of9U1m
zoqePReNHU4KcXwvV2YiE4bx9jjv2MVD468nh9+Rv5E97OPPcw8EiohkFlQdyQga
a5KKYUmNKvAScZDb4t0BpdxdylQgpQdtC3PGDxxtsszURh1VWBqjaPW2sMg43ku3
x40d0xQ5uT3ZBMos+VKJ8IY8nMdXXOA+0+1S7cgbgEo/oz5PQ41bj6J/2/Mum56D
e80gCiGOgCpGTA2rkH4I/zj05h0EykVT/UUkF466IHNTCN3Y1MWA9Up7YQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD4a2TQqiKTUe8IMH7u7+89XtztRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUGhyWk5DcUlwTlI3d2d3ZnU3djd6MWUzTzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWxzAwQA
wXwCAwQAw4UWMA0GCSqGSIb3DQEBCwUAA4IBAQBjB0tGAr1n440676KOO0daVvFh
w855pdJM/bBtM7QKkowLKX0sdlACOqs72LiAGVMnykbqWF6jsXcu6b5jTTdDIJt/
oMQHkpy4Vzn4eixl46C9V5tNGyTIWS2a145Sw+geGGKR1sJV7XkdzV1hZcKZdWiM
T+zdjfCKnprBqTJEZZ/oADl6TOw72FTv+26UT+Ov6rt+SFtH63Hu4Jar+yWUsq6d
FhiUozeWZVkSkr/a6w2il7AghTNt5rC/uk/RrC1mfIn3Ltv+exFOjmdFXSnRQnww
g5M6uHVWGNt1G03QniyC6oh76kbHrcbYTP90JKntzwVSYFB3jbnPKu2vCPwz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org