Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qj0PBwNpYwnVQMbS3OJFOfRKvLU.roa
File: Qj0PBwNpYwnVQMbS3OJFOfRKvLU.roa (raw, json)
Hash identifier: jc7yZ/Q5fpHN+NelrBUM7W7KVKhLvgpmoKhwk4WiX6I=
Subject key identifier: 42:3D:0F:07:03:69:63:09:D5:40:C6:D2:DC:E2:45:39:F4:4A:BC:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ADF85C34A876936EE2D9EAADC5D0CA89F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qj0PBwNpYwnVQMbS3OJFOfRKvLU.roa
Signing time: Fri 29 Sep 2023 06:00:00 +0000
ROA not before: Fri 29 Sep 2023 06:00:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211318
IP address blocks: 194.135.18.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:85:c3:4a:87:69:36:ee:2d:9e:aa:dc:5d:0c:a8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 29 06:00:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423d0f0703696309d540c6d2dce24539f44abcb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6d:b8:1c:0c:dc:ba:bc:b5:5f:3f:a5:59:a0:
7c:49:ed:c9:32:8c:f4:a2:58:2c:6b:59:10:70:e4:
6a:2f:8c:a7:52:df:30:af:0e:52:61:56:8b:b4:78:
bb:e6:27:b6:88:4e:b2:e9:94:c0:42:06:85:19:6a:
a7:cc:32:88:26:a8:12:a3:e4:b1:07:63:2b:71:06:
6d:47:64:f3:59:59:d3:b8:67:d8:1c:d1:6c:28:c1:
5b:92:a6:69:cb:89:4f:2d:f9:5f:0c:44:09:89:2e:
83:bf:c2:ca:92:82:ee:b3:10:2b:d1:d5:dd:e6:b2:
72:8b:ff:2c:3d:6f:cf:ce:79:8a:09:a7:a4:0c:07:
93:44:34:43:6c:11:df:d7:81:52:71:bc:96:fd:3b:
a0:d0:34:bb:31:be:a2:43:d1:25:7f:22:a4:3c:01:
0a:0a:2b:36:29:93:20:66:6e:a8:bf:e8:45:d2:88:
2c:7f:51:83:1d:67:ce:13:ed:2f:7c:a6:01:09:3b:
7e:b9:cc:8e:c5:e7:8f:2f:83:c5:f1:05:53:24:b9:
7f:33:ff:12:a4:60:ed:60:ad:9a:7c:bb:a6:45:46:
b2:c7:32:04:7b:84:c6:29:ed:9d:02:85:40:50:81:
78:9e:a8:a3:bf:e9:3f:8e:4a:44:d2:8e:f1:2e:75:
5c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3D:0F:07:03:69:63:09:D5:40:C6:D2:DC:E2:45:39:F4:4A:BC:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qj0PBwNpYwnVQMbS3OJFOfRKvLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.33.0/24
194.135.18.0/24
195.133.18.0/24
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
32:79:bb:93:0e:63:80:02:02:f7:f4:6f:06:31:f6:f1:95:0e:
d9:e5:aa:d5:71:ca:cc:15:fc:fc:53:33:ea:4f:39:3a:c7:2f:
50:04:41:1f:fb:bb:87:45:4c:c9:f0:a3:e2:77:5d:5f:7a:f4:
7a:58:e6:a8:90:58:ad:4b:37:94:0e:b9:cc:fc:25:2f:05:cb:
7b:8c:b7:87:f9:df:2f:48:38:5e:d8:ee:ce:91:30:c5:da:de:
74:64:1b:b5:c0:02:04:f0:8c:44:f4:65:bd:7b:35:39:a6:7c:
52:98:bd:6c:11:ca:cf:34:c0:c1:ac:25:e1:5b:7e:85:c5:0d:
08:5d:c6:44:34:99:c9:c8:a4:56:e6:a3:e3:ea:c3:1f:fc:db:
16:e5:dd:b6:fc:d0:bc:0e:09:24:c9:23:5b:78:ae:ee:a3:24:
e8:51:80:aa:7d:62:7d:d0:9b:23:26:83:61:bb:5c:7d:61:a3:
c1:d3:c3:c1:66:9e:53:3f:e6:5b:2e:99:91:df:c7:63:95:49:
b4:59:9b:3b:9a:f2:2a:62:39:e9:37:4f:09:35:c0:de:3c:ab:
a1:1f:ac:be:da:c0:21:ac:a2:66:f4:11:40:37:5f:01:69:4a:
09:e7:7f:75:c0:a0:1d:65:94:3c:6a:ba:40:e0:99:e9:02:b1:
14:78:7c:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrfhcNKh2k27i2eqtxdDKifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI5MDYwMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNkMGYwNzAzNjk2MzA5ZDU0MGM2ZDJkY2UyNDUzOWY0NGFiY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm24HAzcury1Xz+lWaB8Se3JMoz0
olgsa1kQcORqL4ynUt8wrw5SYVaLtHi75ie2iE6y6ZTAQgaFGWqnzDKIJqgSo+Sx
B2MrcQZtR2TzWVnTuGfYHNFsKMFbkqZpy4lPLflfDEQJiS6Dv8LKkoLusxAr0dXd
5rJyi/8sPW/PznmKCaekDAeTRDRDbBHf14FScbyW/Tug0DS7Mb6iQ9ElfyKkPAEK
Cis2KZMgZm6ov+hF0ogsf1GDHWfOE+0vfKYBCTt+ucyOxeePL4PF8QVTJLl/M/8S
pGDtYK2afLumRUayxzIEe4TGKe2dAoVAUIF4nqijv+k/jkpE0o7xLnVcDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEI9DwcDaWMJ1UDG0tziRTn0Sry1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUWowUEJ3TnBZd25WUU1iUzNPSkZPZlJLdkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlchAwQA
wocSAwQAw4USAwQAw4UlMA0GCSqGSIb3DQEBCwUAA4IBAQAyebuTDmOAAgL39G8G
MfbxlQ7Z5arVccrMFfz8UzPqTzk6xy9QBEEf+7uHRUzJ8KPid11fevR6WOaokFit
SzeUDrnM/CUvBct7jLeH+d8vSDhe2O7OkTDF2t50ZBu1wAIE8IxE9GW9ezU5pnxS
mL1sEcrPNMDBrCXhW36FxQ0IXcZENJnJyKRW5qPj6sMf/NsW5d22/NC8DgkkySNb
eK7uoyToUYCqfWJ90JsjJoNhu1x9YaPB08PBZp5TP+ZbLpmR38djlUm0WZs7mvIq
YjnpN08JNcDePKuhH6y+2sAhrKJm9BFAN18BaUoJ5391wKAdZZQ8arpA4JnpArEU
eHwn
-----END CERTIFICATE-----
Generated at Sat Sep 30 15:42:46 2023 by rpki-client on console-ams.rpki-client.org