Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rk0Rxiif5rhN9xhrKKNs5EcNFkc.roa
File: Rk0Rxiif5rhN9xhrKKNs5EcNFkc.roa (raw, json)
Hash identifier: W1NbVBy53ryExYe4FovQq9PqVdp6NXacPePwWPauUhw=
Subject key identifier: 46:4D:11:C6:28:9F:E6:B8:4D:F7:18:6B:28:A3:6C:E4:47:0D:16:47
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A055DDEE2D28645B450B66FEA1B0CABE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rk0Rxiif5rhN9xhrKKNs5EcNFkc.roa
Signing time: Wed 11 Jan 2023 10:17:39 +0000
ROA not before: Wed 11 Jan 2023 10:17:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:55:dd:ee:2d:28:64:5b:45:0b:66:fe:a1:b0:ca:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 11 10:17:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=464d11c6289fe6b84df7186b28a36ce4470d1647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6d:8e:51:7b:a1:2b:72:1d:ef:d5:58:ad:e4:
05:16:8c:92:ce:b6:47:02:d1:ee:0d:22:3a:f4:ae:
75:27:5f:31:f6:69:17:a8:e9:71:b5:3f:f1:99:c2:
09:2c:9a:db:be:db:0d:3d:c5:9d:f0:8f:61:79:f3:
51:e9:34:5c:cc:ad:da:2c:73:13:13:66:25:29:f3:
33:59:08:56:f6:10:2a:79:2a:de:02:c0:40:5d:09:
03:c3:4c:4a:27:66:13:ec:15:48:e8:ca:7b:3d:50:
c8:8f:c7:0a:09:5b:ec:a5:e6:5a:87:91:39:26:1a:
cd:a2:a4:b9:15:98:02:2f:c2:85:ea:d8:8c:da:13:
f5:d0:78:21:cf:92:3b:6f:84:5b:32:1b:22:1d:7e:
de:d6:5b:f5:f7:f9:5f:40:31:c0:2f:f7:57:25:f3:
9f:36:1c:7f:61:90:94:19:df:52:5a:8d:7a:8c:0f:
b3:9a:45:22:88:27:5b:12:cc:a8:78:d2:fb:f4:77:
a3:24:8d:ad:7a:06:21:41:1a:f6:cb:19:52:d4:b4:
35:1b:4b:02:a2:83:2f:c4:d2:31:8c:fc:07:14:c1:
c1:00:30:62:7f:de:95:8f:03:04:53:6e:96:6c:cb:
01:3f:fb:94:47:60:47:67:9a:32:4a:fe:d6:66:1b:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4D:11:C6:28:9F:E6:B8:4D:F7:18:6B:28:A3:6C:E4:47:0D:16:47
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rk0Rxiif5rhN9xhrKKNs5EcNFkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.62.0/24
194.87.82.0/24
194.87.219.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
31:46:96:eb:96:e6:0c:aa:1b:81:ff:67:f5:50:73:eb:51:1f:
d8:c8:68:b2:eb:47:0c:41:46:d7:c8:b8:b5:81:9b:9d:98:61:
bd:02:90:74:c8:8e:eb:ca:9c:e6:21:71:ce:07:98:be:76:e4:
a0:06:98:83:87:4d:51:ad:9c:72:c3:15:40:cd:0b:50:c6:6c:
ae:13:69:5a:bc:9b:c1:7b:50:6c:8b:11:c4:69:58:d5:0b:8f:
79:28:1c:54:1a:9f:e0:1f:0d:6f:8c:48:cc:27:56:56:1b:cd:
92:f8:06:b4:bb:4c:3f:55:82:30:4b:e0:76:0f:b0:58:e7:1e:
04:f4:c8:a2:be:52:9f:a1:01:ec:92:b1:de:61:57:4a:1a:d1:
b9:91:ed:7a:3f:dd:b0:48:08:f0:7e:10:d1:df:35:33:14:48:
c7:67:ef:ca:3b:5d:e0:47:b6:78:25:a4:c4:95:3d:b6:f7:11:
9a:75:ea:4e:c3:ad:18:35:06:bd:25:62:7a:80:d8:49:50:a1:
70:cf:dd:1a:34:85:b5:84:ea:d4:8a:f4:25:75:62:53:ed:b4:
81:3b:91:18:ce:cd:50:f9:b0:46:b9:42:fa:5e:e7:c6:55:69:
8d:90:ed:d2:2a:c1:2f:d7:88:5d:0e:2c:57:b3:6d:9b:f0:b1:
e3:d7:fc:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWgVd3uLShkW0ULZv6hsMq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTExMTAxNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRkMTFjNjI4OWZlNmI4NGRmNzE4NmIyOGEzNmNlNDQ3MGQxNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi22OUXuhK3Id79VYreQFFoySzrZH
AtHuDSI69K51J18x9mkXqOlxtT/xmcIJLJrbvtsNPcWd8I9hefNR6TRczK3aLHMT
E2YlKfMzWQhW9hAqeSreAsBAXQkDw0xKJ2YT7BVI6Mp7PVDIj8cKCVvspeZah5E5
JhrNoqS5FZgCL8KF6tiM2hP10Hghz5I7b4RbMhsiHX7e1lv19/lfQDHAL/dXJfOf
Nhx/YZCUGd9SWo16jA+zmkUiiCdbEsyoeNL79HejJI2tegYhQRr2yxlS1LQ1G0sC
ooMvxNIxjPwHFMHBADBif96VjwMEU26WbMsBP/uUR2BHZ5oySv7WZhuVHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEZNEcYon+a4TfcYayijbORHDRZHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUmswUnhpaWY1cmhOOXhocktLTnM1RWNORmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlc+AwQA
wldSAwQAwlfbAwQAw4VLMA0GCSqGSIb3DQEBCwUAA4IBAQAxRpbrluYMqhuB/2f1
UHPrUR/YyGiy60cMQUbXyLi1gZudmGG9ApB0yI7rypzmIXHOB5i+duSgBpiDh01R
rZxywxVAzQtQxmyuE2lavJvBe1BsixHEaVjVC495KBxUGp/gHw1vjEjMJ1ZWG82S
+Aa0u0w/VYIwS+B2D7BY5x4E9MiivlKfoQHskrHeYVdKGtG5ke16P92wSAjwfhDR
3zUzFEjHZ+/KO13gR7Z4JaTElT229xGadepOw60YNQa9JWJ6gNhJUKFwz90aNIW1
hOrUivQldWJT7bSBO5EYzs1Q+bBGuUL6XufGVWmNkO3SKsEv14hdDixXs22b8LHj
1/xz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:03 2023 by rpki-client on console-fra.rpki-client.org