Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R_J9ufCutffb54EiNIKsptlJBYE.roa
File: R_J9ufCutffb54EiNIKsptlJBYE.roa (raw, json)
Hash identifier: ERh83onjSIi7Wz6WRvp5dVbCtlYeCOZwQJKmSvHV2xs=
Subject key identifier: 47:F2:7D:B9:F0:AE:B5:F7:DB:E7:81:22:34:82:AC:A6:D9:49:05:81
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AEF1BA1DD95FB5BEBE516CFE23F656219
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R_J9ufCutffb54EiNIKsptlJBYE.roa
Signing time: Mon 02 Oct 2023 06:38:00 +0000
ROA not before: Mon 02 Oct 2023 06:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 195.133.194.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:1b:a1:dd:95:fb:5b:eb:e5:16:cf:e2:3f:65:62:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 2 06:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47f27db9f0aeb5f7dbe781223482aca6d9490581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:25:02:73:b4:d0:be:6a:ae:6a:83:a3:05:
bc:3c:72:04:f0:fb:90:91:66:96:3e:4c:9c:0d:9b:
b2:85:ee:07:3b:fe:65:48:58:e5:8d:6c:a7:a8:03:
fd:f3:e5:04:41:d1:09:92:20:f0:83:28:c9:98:61:
48:4a:f2:ac:49:91:1c:cd:26:f2:92:e0:35:e4:02:
8f:40:59:3c:21:9c:23:f2:21:b6:76:29:15:15:f0:
a3:09:9d:61:25:34:28:5d:ac:18:ca:6c:95:c6:4b:
c5:b7:b7:76:21:29:2e:be:0a:b0:66:94:a3:60:8b:
7d:81:9d:bc:0d:dd:82:0a:a3:29:51:48:68:27:7b:
c0:d2:16:c2:f4:dd:82:c8:5a:24:77:c0:89:fd:72:
51:0f:c5:79:07:f7:22:b1:1b:32:33:67:95:fc:65:
2f:83:63:64:95:f9:e7:5e:53:4e:8c:4b:45:9c:d0:
35:85:20:bc:c1:01:8e:d6:13:a1:b6:8e:1d:d1:0d:
6c:27:84:2d:3e:0d:a3:b7:83:b3:dc:7f:0d:f6:c0:
2e:53:b9:ca:29:47:47:e1:4d:b8:cb:73:84:b9:5a:
bc:64:d8:03:4c:a1:92:33:0f:12:70:99:ec:84:23:
a6:2a:f7:1c:5e:54:3d:18:4f:24:a8:9d:46:1d:4c:
d7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F2:7D:B9:F0:AE:B5:F7:DB:E7:81:22:34:82:AC:A6:D9:49:05:81
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R_J9ufCutffb54EiNIKsptlJBYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.41.0/24
194.135.30.0/24
195.133.194.0/24
212.192.244.0/24
Signature Algorithm: sha256WithRSAEncryption
42:6c:52:52:ba:26:bb:f8:50:bb:56:a2:3d:03:5f:c9:9c:78:
11:1e:d1:f1:03:11:18:4f:2e:e4:7e:d7:d6:3c:d2:94:b0:f3:
f7:6b:06:56:2b:13:be:9c:6f:90:46:1b:df:55:e7:f5:ac:c4:
45:97:28:71:7e:34:5d:b4:e3:c5:b1:e3:35:32:a2:91:64:06:
b6:c4:69:da:4e:f9:7f:7e:c6:29:ed:ef:44:76:0f:4a:c2:b4:
07:c1:18:34:d6:0b:db:bd:0a:a0:22:ef:64:e0:9e:c6:e5:85:
d8:31:56:3b:96:08:0f:32:57:d6:f5:c1:39:36:77:0f:43:88:
76:b6:3c:d1:51:84:c9:ef:bd:99:97:40:84:ec:a9:e5:76:b8:
e9:e9:5b:68:89:85:a7:04:9d:e1:c9:e6:2c:9f:86:20:a6:e0:
08:01:ab:1f:cb:58:a7:9c:29:96:7f:47:a2:d7:17:5d:cd:d6:
1e:4d:a4:ca:e3:b6:e8:87:e7:73:91:4d:9f:8d:48:a6:8f:4d:
6e:f2:16:62:3b:97:89:28:84:ac:13:f7:c2:ee:7c:ba:7d:ff:
69:81:dc:7c:50:6a:34:96:f3:68:ce:1b:81:21:41:90:f9:cf:
08:e9:3d:4f:19:b6:df:d6:7c:68:aa:bb:6c:6b:11:6c:9d:5c:
87:19:48:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrvG6Hdlftb6+UWz+I/ZWIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDAyMDYzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2YyN2RiOWYwYWViNWY3ZGJlNzgxMjIzNDgyYWNhNmQ5NDkwNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomMlAnO00L5qrmqDowW8PHIE8PuQ
kWaWPkycDZuyhe4HO/5lSFjljWynqAP98+UEQdEJkiDwgyjJmGFISvKsSZEczSby
kuA15AKPQFk8IZwj8iG2dikVFfCjCZ1hJTQoXawYymyVxkvFt7d2ISkuvgqwZpSj
YIt9gZ28Dd2CCqMpUUhoJ3vA0hbC9N2CyFokd8CJ/XJRD8V5B/cisRsyM2eV/GUv
g2NklfnnXlNOjEtFnNA1hSC8wQGO1hOhto4d0Q1sJ4QtPg2jt4Oz3H8N9sAuU7nK
KUdH4U24y3OEuVq8ZNgDTKGSMw8ScJnshCOmKvccXlQ9GE8kqJ1GHUzXGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEfyfbnwrrX32+eBIjSCrKbZSQWBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUl9KOXVmQ3V0ZmZiNTRFaU5JS3NwdGxKQllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjopAwQA
woceAwQAw4XCAwQA1MD0MA0GCSqGSIb3DQEBCwUAA4IBAQBCbFJSuia7+FC7VqI9
A1/JnHgRHtHxAxEYTy7kftfWPNKUsPP3awZWKxO+nG+QRhvfVef1rMRFlyhxfjRd
tOPFseM1MqKRZAa2xGnaTvl/fsYp7e9Edg9KwrQHwRg01gvbvQqgIu9k4J7G5YXY
MVY7lggPMlfW9cE5NncPQ4h2tjzRUYTJ772Zl0CE7Knldrjp6VtoiYWnBJ3hyeYs
n4YgpuAIAasfy1innCmWf0ei1xddzdYeTaTK47boh+dzkU2fjUimj01u8hZiO5eJ
KISsE/fC7ny6ff9pgdx8UGo0lvNozhuBIUGQ+c8I6T1PGbbf1nxoqrtsaxFsnVyH
GUiS
-----END CERTIFICATE-----
Generated at Tue Oct 17 09:08:26 2023 by rpki-client on console-ams.rpki-client.org