Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RUa7pfYs-RqM5chQ2ir-5Gqglqk.roa
File: RUa7pfYs-RqM5chQ2ir-5Gqglqk.roa (raw, json)
Hash identifier: jCoEyt5jpDvToH8Glt2S/g+65Pbo/3OY6cVVO+QiXI0=
Subject key identifier: 45:46:BB:A5:F6:2C:F9:1A:8C:E5:C8:50:DA:2A:FE:E4:6A:A0:96:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189BF2287EA55AC335F6932D645E3245F4C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RUa7pfYs-RqM5chQ2ir-5Gqglqk.roa
Signing time: Fri 04 Aug 2023 06:00:58 +0000
ROA not before: Fri 04 Aug 2023 06:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 212.193.12.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:22:87:ea:55:ac:33:5f:69:32:d6:45:e3:24:5f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 4 06:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4546bba5f62cf91a8ce5c850da2afee46aa096a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b2:e8:67:72:c1:22:a3:57:36:31:e8:34:46:
7d:60:86:0a:69:4e:0c:0f:a3:23:4e:fe:9f:fb:55:
90:0b:fd:6e:26:86:41:13:f8:05:eb:41:60:34:30:
92:4b:94:5e:ce:bd:46:67:77:41:0d:0e:d2:32:e8:
33:29:6e:9e:95:e9:fc:43:03:56:f0:b3:37:f6:cf:
57:7e:8f:9b:80:16:1b:e0:22:4e:5d:5d:f6:ba:e0:
b9:dd:66:ec:40:27:bc:16:1b:e7:ee:69:6d:08:11:
f3:e0:b0:31:19:0d:f7:ff:ab:eb:83:38:09:d2:a0:
57:c1:4c:ad:e8:43:d5:b0:20:f3:b0:70:41:6b:ed:
17:df:c0:4e:ff:6a:77:6e:5d:7a:b5:e1:b3:71:5d:
08:6f:4a:7c:d3:a4:0a:e5:29:c2:d9:99:69:d2:28:
cb:ac:41:bd:88:80:68:eb:8e:df:37:be:3d:7a:aa:
64:d4:50:22:4c:b2:06:be:17:24:17:8b:cf:91:69:
17:97:35:17:df:b6:b7:5f:61:17:93:0a:02:e3:b2:
6d:10:c4:09:7a:f2:28:f3:3e:19:70:4b:fb:e3:eb:
cb:aa:4f:05:b0:01:ab:a1:ee:24:04:ad:2d:42:f7:
2d:ea:ba:00:b3:ee:8f:08:30:95:2f:b7:2f:c2:31:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:46:BB:A5:F6:2C:F9:1A:8C:E5:C8:50:DA:2A:FE:E4:6A:A0:96:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RUa7pfYs-RqM5chQ2ir-5Gqglqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
193.124.5.0/24
193.124.91.0/24
193.124.95.0/24
194.87.51.0-194.87.52.255
194.87.54.0/24
195.58.35.0/24
195.133.14.0/24
195.133.81.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e1:e4:45:de:4f:79:2c:4f:fa:e1:54:a0:17:f3:2c:f2:dc:
97:ef:ce:b8:28:7b:36:d8:b1:c8:a0:3d:4b:85:45:23:ef:75:
bd:65:7f:c0:6e:5c:f4:f4:c1:a1:67:db:98:09:06:bf:20:e3:
20:a4:1a:d6:3f:a0:b1:c1:e0:09:b5:1e:16:29:23:88:83:e8:
4b:10:d5:58:c2:1e:c4:ce:6a:3c:b0:a5:e6:22:43:ba:5e:c4:
a0:af:e6:6a:0e:6d:87:9c:3c:0b:33:95:4e:86:e9:22:57:be:
49:b7:dc:63:cd:27:c1:1b:16:25:24:81:82:39:08:67:d7:49:
cf:06:d9:4d:ff:80:bc:f3:c9:f1:03:76:9c:57:69:63:a1:4d:
9c:48:e8:8c:ae:67:c7:4f:6a:91:50:85:53:05:05:58:46:e3:
bb:19:83:fc:eb:bd:f2:a5:18:a1:8c:22:78:05:43:fa:24:e3:
24:67:f4:80:15:92:ee:d0:d4:58:aa:b1:10:b2:11:33:81:86:
d4:19:34:79:b7:1d:19:9d:3b:67:70:9f:66:71:6a:35:e8:a3:
07:b5:89:07:93:fd:34:48:80:4b:88:33:41:04:cc:6f:a8:9c:
01:ae:a7:d3:81:28:58:ba:a5:a0:b2:23:53:92:b6:43:d3:5c:
bd:30:14:44
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYm/IofqVawzX2ky1kXjJF9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA0MDYwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ2YmJhNWY2MmNmOTFhOGNlNWM4NTBkYTJhZmVlNDZhYTA5NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbLoZ3LBIqNXNjHoNEZ9YIYKaU4M
D6MjTv6f+1WQC/1uJoZBE/gF60FgNDCSS5Rezr1GZ3dBDQ7SMugzKW6elen8QwNW
8LM39s9Xfo+bgBYb4CJOXV32uuC53WbsQCe8Fhvn7mltCBHz4LAxGQ33/6vrgzgJ
0qBXwUyt6EPVsCDzsHBBa+0X38BO/2p3bl16teGzcV0Ib0p806QK5SnC2Zlp0ijL
rEG9iIBo647fN749eqpk1FAiTLIGvhckF4vPkWkXlzUX37a3X2EXkwoC47JtEMQJ
evIo8z4ZcEv74+vLqk8FsAGroe4kBK0tQvct6roAs+6PCDCVL7cvwjFnFQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEVGu6X2LPkajOXIUNoq/uRqoJapMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUlVhN3BmWXMtUnFNNWNoUTJpci01R3FnbHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAPkzhAwQA
wXwFAwQAwXxbAwQAwXxfMAwDBADCVzMDBADCVzQDBADCVzYDBADDOiMDBADDhQ4D
BADDhVEDBADUwQwwDQYJKoZIhvcNAQELBQADggEBAFfh5EXeT3ksT/rhVKAX8yzy
3JfvzrgoezbYscigPUuFRSPvdb1lf8BuXPT0waFn25gJBr8g4yCkGtY/oLHB4Am1
HhYpI4iD6EsQ1VjCHsTOajywpeYiQ7pexKCv5moObYecPAszlU6G6SJXvkm33GPN
J8EbFiUkgYI5CGfXSc8G2U3/gLzzyfEDdpxXaWOhTZxI6IyuZ8dPapFQhVMFBVhG
47sZg/zrvfKlGKGMIngFQ/ok4yRn9IAVku7Q1FiqsRCyETOBhtQZNHm3HRmdO2dw
n2ZxajXoowe1iQeT/TRIgEuIM0EEzG+onAGup9OBKFi6paCyI1OStkPTXL0wFEQ=
-----END CERTIFICATE-----
Generated at Sun Aug 6 09:07:57 2023 by rpki-client on console-fra.rpki-client.org