Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RiIjCqWIiNaaAVDZ6ZdD8Mk8vSI.roa
File: RiIjCqWIiNaaAVDZ6ZdD8Mk8vSI.roa (raw, json)
Hash identifier: dj8ZjLK5yZTQdQg4Djx46doU2CZrNh+OPkl9NSkLqPQ=
Subject key identifier: 46:22:23:0A:A5:88:88:D6:9A:01:50:D9:E9:97:43:F0:C9:3C:BD:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018901D70AE40465C777C722F0CA8B09A273
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RiIjCqWIiNaaAVDZ6ZdD8Mk8vSI.roa
Signing time: Wed 28 Jun 2023 11:50:17 +0000
ROA not before: Wed 28 Jun 2023 11:50:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 212.193.15.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:d7:0a:e4:04:65:c7:77:c7:22:f0:ca:8b:09:a2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 28 11:50:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4622230aa58888d69a0150d9e99743f0c93cbd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:09:33:d3:46:0e:1e:90:5f:07:b3:29:04:
05:5f:cc:09:75:7f:a0:12:61:dc:0f:a5:5a:9e:ff:
4d:ee:dc:13:74:e4:d6:f8:7e:96:9d:28:41:40:f5:
4f:af:93:a5:58:27:93:d6:07:38:d0:01:5a:84:48:
ac:94:fc:6e:17:6d:47:f7:d6:a8:f6:97:2c:1e:75:
23:36:74:91:b7:c1:1d:39:db:19:64:8f:5e:3e:97:
49:6f:7e:04:cd:6f:ef:a4:7d:41:62:75:81:a3:35:
40:04:cd:be:be:b5:8d:b8:2c:be:48:52:e7:59:29:
72:54:02:b7:b7:f9:95:59:91:58:46:48:79:76:43:
0f:f9:73:83:53:0f:75:c6:06:7b:b5:20:b6:ac:75:
dc:d0:ac:35:c8:13:7b:c4:2e:89:f7:58:4b:1d:04:
0b:4e:b6:02:8c:85:dd:ef:c4:2e:9d:d3:e8:46:5f:
40:a3:20:e7:b9:21:8f:1a:6b:09:8a:db:21:fb:cc:
60:b5:55:03:61:a0:4c:38:41:ba:2e:8c:59:78:bc:
44:69:3c:db:36:b2:b0:4a:2c:c8:a8:fe:85:ac:cd:
9b:e0:f5:d3:e8:ce:17:4a:8c:8c:4f:0e:43:bf:1a:
95:b6:a3:f0:8b:a0:d9:96:a0:87:4a:da:7f:27:60:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:22:23:0A:A5:88:88:D6:9A:01:50:D9:E9:97:43:F0:C9:3C:BD:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RiIjCqWIiNaaAVDZ6ZdD8Mk8vSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.58.59.0/24
194.87.22.0/24
212.192.30.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:54:38:8f:56:ba:f2:95:77:13:3a:d7:a4:cc:c8:66:83:5f:
bb:c0:72:b6:ab:68:cd:a6:2d:30:2a:62:71:f8:d6:f2:75:48:
f9:ef:03:78:eb:f8:f5:53:37:3c:57:bc:ad:fc:a8:28:fe:56:
3c:c7:01:c8:34:d4:be:a0:3b:f5:65:64:28:68:ec:4e:22:db:
7c:05:71:e2:64:a5:9a:ca:87:ff:fa:d2:7b:48:61:ca:0a:5e:
43:fa:12:a1:0d:21:54:3b:eb:17:10:c8:ec:75:05:98:54:7a:
2d:d6:de:8d:fc:5f:fb:2f:1a:51:50:f8:58:8b:d2:1b:5f:b5:
dc:61:a8:67:b9:0c:5e:21:44:a5:0b:d6:a9:55:c1:c8:29:e8:
e2:a7:4b:48:f2:0a:15:4d:40:28:5c:04:59:9f:92:55:85:81:
a9:b4:99:7f:76:a5:87:11:27:65:96:d8:72:3e:2b:c1:e1:54:
43:48:29:d7:52:81:a0:fb:b8:3c:f7:ed:e2:0d:0f:52:bd:14:
74:fc:99:94:01:94:1a:44:4f:a1:cb:a2:fd:70:95:74:40:bf:
20:70:c4:54:1a:05:88:a2:3f:f3:6b:10:c8:e1:ee:7f:33:c7:
14:00:71:c6:9b:79:52:ee:6f:65:e0:b7:98:71:f5:07:91:f1:
5c:c7:84:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkB1wrkBGXHd8ci8MqLCaJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjI4MTE1MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjIyMjMwYWE1ODg4OGQ2OWEwMTUwZDllOTk3NDNmMGM5M2NiZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ0JM9NGDh6QXwezKQQFX8wJdX+g
EmHcD6Vanv9N7twTdOTW+H6WnShBQPVPr5OlWCeT1gc40AFahEislPxuF21H99ao
9pcsHnUjNnSRt8EdOdsZZI9ePpdJb34EzW/vpH1BYnWBozVABM2+vrWNuCy+SFLn
WSlyVAK3t/mVWZFYRkh5dkMP+XODUw91xgZ7tSC2rHXc0Kw1yBN7xC6J91hLHQQL
TrYCjIXd78QundPoRl9AoyDnuSGPGmsJitsh+8xgtVUDYaBMOEG6LoxZeLxEaTzb
NrKwSizIqP6FrM2b4PXT6M4XSoyMTw5DvxqVtqPwi6DZlqCHStp/J2BMRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEYiIwqliIjWmgFQ2emXQ/DJPL0iMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUmlJakNxV0lpTmFhQVZEWjZaZEQ4TWs4dlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUgLAwQA
wjo7AwQAwlcWAwQA1MAeAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQCaVDiPVrry
lXcTOtekzMhmg1+7wHK2q2jNpi0wKmJx+NbydUj57wN46/j1Uzc8V7yt/Kgo/lY8
xwHINNS+oDv1ZWQoaOxOItt8BXHiZKWayof/+tJ7SGHKCl5D+hKhDSFUO+sXEMjs
dQWYVHot1t6N/F/7LxpRUPhYi9IbX7XcYahnuQxeIUSlC9apVcHIKejip0tI8goV
TUAoXARZn5JVhYGptJl/dqWHESdllthyPivB4VRDSCnXUoGg+7g89+3iDQ9SvRR0
/JmUAZQaRE+hy6L9cJV0QL8gcMRUGgWIoj/zaxDI4e5/M8cUAHHGm3lS7m9l4LeY
cfUHkfFcx4SJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org