Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PmHqhvBGZNt19jJDnBscRESJJcY.roa
File: PmHqhvBGZNt19jJDnBscRESJJcY.roa (raw, json)
Hash identifier: KGe0ddw9R0PO5xtni5lfrWMuSMd3XIAC5gPjIIws9rA=
Subject key identifier: 3E:61:EA:86:F0:46:64:DB:75:F6:32:43:9C:1B:1C:44:44:89:25:C6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01880F2AE5B00D7C6C1AF0394A90A0DF435A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PmHqhvBGZNt19jJDnBscRESJJcY.roa
Signing time: Fri 12 May 2023 08:54:09 +0000
ROA not before: Fri 12 May 2023 08:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41082
IP address blocks: 194.87.100.0/24 maxlen: 24
195.133.90.0/24 maxlen: 24
195.133.91.0/24 maxlen: 24
194.87.15.0/24 maxlen: 24
194.87.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:2a:e5:b0:0d:7c:6c:1a:f0:39:4a:90:a0:df:43:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 12 08:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e61ea86f04664db75f632439c1b1c44448925c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:b8:4d:83:14:b2:09:0b:00:ee:52:a8:7d:
a9:0f:bd:54:1c:d7:f6:64:14:a5:87:5c:c2:4b:ae:
07:66:f6:1e:96:3b:92:0d:a4:b0:4f:10:f0:9c:98:
05:50:34:2d:8a:14:aa:91:28:74:78:60:0a:a0:13:
cd:8e:2a:2e:5a:b6:88:8b:99:c1:77:bc:20:81:22:
6d:40:87:26:10:a0:49:80:7d:be:be:a0:6d:b3:e3:
12:4a:e1:fe:07:c5:7a:34:bf:f6:5e:b4:09:ce:0b:
6d:72:5b:af:99:96:33:2d:9e:ea:b3:fb:23:79:b6:
d4:eb:cf:be:60:c8:a3:18:e2:9b:f5:4c:5f:85:81:
ef:06:d9:4b:99:46:8f:6c:11:ef:44:65:40:2f:42:
3b:ad:55:12:c3:d0:e0:53:05:ba:4a:97:cf:32:2f:
f2:c9:bf:25:ed:1c:23:17:26:22:25:03:0e:62:92:
65:b0:a8:48:65:fa:f3:62:c7:cf:06:d4:29:98:b9:
c9:80:c1:0e:93:7a:2e:22:3e:1d:84:a8:30:3c:af:
61:1e:34:31:f0:05:39:67:c9:d6:e2:3a:e0:23:79:
85:4f:2f:d1:de:12:48:41:8f:29:75:1d:a9:fa:10:
5f:47:22:c0:1c:eb:4e:69:73:59:e8:bc:b4:f5:20:
3b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:61:EA:86:F0:46:64:DB:75:F6:32:43:9C:1B:1C:44:44:89:25:C6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PmHqhvBGZNt19jJDnBscRESJJcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.15.0/24
194.87.100.0/24
194.87.173.0/24
195.133.90.0/23
Signature Algorithm: sha256WithRSAEncryption
44:0c:f0:d5:03:81:4f:39:7f:33:b6:bb:93:b4:bf:58:8b:8d:
18:2f:e3:f3:bd:fa:67:ec:ea:44:9f:45:68:14:53:68:18:e7:
4d:00:9b:52:de:39:d0:f5:1d:9d:79:44:58:5f:cd:0e:ec:24:
02:77:bd:44:ea:37:23:63:b0:5d:97:80:35:e6:f0:1c:46:e9:
b6:59:9d:55:44:e3:16:b4:58:45:c7:01:a3:f4:89:5b:22:a1:
04:c1:62:14:4f:a5:f0:48:2c:fc:21:8b:9e:d9:2a:2f:c1:a7:
f7:87:90:d1:7e:05:52:eb:82:08:04:25:df:e1:7b:c8:62:ef:
df:bc:cb:ec:d2:20:95:8d:8b:47:46:be:cd:34:0f:8f:82:c6:
21:5c:f1:f1:8b:03:62:29:78:d2:51:20:25:fd:c5:ee:47:1d:
be:5b:1e:57:8b:ff:bd:2a:3c:7b:a4:fb:5d:4f:cd:f0:89:4e:
37:97:66:8c:76:77:d8:85:d4:77:cb:7a:9e:e3:f2:c4:ac:61:
b3:aa:f3:2d:e4:e1:64:ca:2d:bb:a3:9c:93:09:88:ec:e7:f8:
8e:a6:a9:ab:6f:38:0c:3e:2d:df:53:4b:64:8f:36:a6:d1:48:
26:22:33:8f:c8:6e:a6:51:a8:2d:db:2f:51:80:0e:95:b2:7d:
5a:56:72:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgPKuWwDXxsGvA5SpCg30NaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTEyMDg1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTYxZWE4NmYwNDY2NGRiNzVmNjMyNDM5YzFiMWM0NDQ0ODkyNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqu4TYMUsgkLAO5SqH2pD71UHNf2
ZBSlh1zCS64HZvYeljuSDaSwTxDwnJgFUDQtihSqkSh0eGAKoBPNjiouWraIi5nB
d7wggSJtQIcmEKBJgH2+vqBts+MSSuH+B8V6NL/2XrQJzgttcluvmZYzLZ7qs/sj
ebbU68++YMijGOKb9UxfhYHvBtlLmUaPbBHvRGVAL0I7rVUSw9DgUwW6SpfPMi/y
yb8l7RwjFyYiJQMOYpJlsKhIZfrzYsfPBtQpmLnJgMEOk3ouIj4dhKgwPK9hHjQx
8AU5Z8nW4jrgI3mFTy/R3hJIQY8pdR2p+hBfRyLAHOtOaXNZ6Ly09SA7vQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD5h6obwRmTbdfYyQ5wbHEREiSXGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUG1IcWh2QkdaTnQxOWpKRG5Cc2NSRVNKSmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlcPAwQA
wldkAwQAwletAwQBw4VaMA0GCSqGSIb3DQEBCwUAA4IBAQBEDPDVA4FPOX8ztruT
tL9Yi40YL+Pzvfpn7OpEn0VoFFNoGOdNAJtS3jnQ9R2deURYX80O7CQCd71E6jcj
Y7Bdl4A15vAcRum2WZ1VROMWtFhFxwGj9IlbIqEEwWIUT6XwSCz8IYue2Sovwaf3
h5DRfgVS64IIBCXf4XvIYu/fvMvs0iCVjYtHRr7NNA+PgsYhXPHxiwNiKXjSUSAl
/cXuRx2+Wx5Xi/+9Kjx7pPtdT83wiU43l2aMdnfYhdR3y3qe4/LErGGzqvMt5OFk
yi27o5yTCYjs5/iOpqmrbzgMPi3fU0tkjzam0UgmIjOPyG6mUagt2y9RgA6Vsn1a
VnK1
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org