Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S4Mf8oCZh0AXOpkDF8_evZ9C_8k.roa
File: S4Mf8oCZh0AXOpkDF8_evZ9C_8k.roa (raw, json)
Hash identifier: gS5cWfFGCu23y5YMH+1RUaKucwrfJHSVVuyaUuXBokE=
Subject key identifier: 4B:83:1F:F2:80:99:87:40:17:3A:99:03:17:CF:DE:BD:9F:42:FF:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F35800D0181C6C85454C62085842
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S4Mf8oCZh0AXOpkDF8_evZ9C_8k.roa
Signing time: Sun 01 Jan 2023 22:14:55 +0000
ROA not before: Sun 01 Jan 2023 22:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f3:58:00:d0:18:1c:6c:85:45:4c:62:08:58:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b831ff280998740173a990317cfdebd9f42ffc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:61:f5:88:80:14:cd:0b:5b:14:fe:4c:db:
69:1b:d1:3f:85:88:56:87:f1:31:df:1d:a7:8f:d0:
d8:a6:72:99:09:ef:e1:15:bf:64:5a:3f:1c:fd:5e:
21:f9:70:9b:86:30:9b:fc:17:14:2a:93:7a:f9:20:
85:bf:e0:4d:4b:13:79:49:3a:44:dc:ad:b7:0b:23:
01:d9:a3:47:e4:6a:25:48:f6:4c:9e:81:c9:ac:96:
04:1c:cc:66:34:d8:56:36:6b:91:20:71:f7:72:85:
d9:ca:f6:07:b2:47:fe:4b:ee:be:85:5d:62:d8:e4:
61:30:49:6a:90:b1:8f:28:1a:bf:ba:fa:eb:71:37:
54:af:8f:4a:47:ec:2e:3a:20:7b:3d:68:7d:fe:eb:
ae:e2:8f:db:87:bf:e1:44:6c:53:40:92:68:8a:38:
85:bd:94:ab:3a:49:cf:c3:84:36:60:ab:49:4d:d0:
99:91:9e:f7:f4:37:97:ff:81:ce:a4:7e:9c:9d:57:
69:f8:47:b5:9e:b4:16:08:76:af:a6:25:ae:79:a6:
68:39:dc:f0:fa:0f:02:cb:13:75:99:f9:d0:b3:3a:
e8:91:14:84:5d:ab:43:4a:55:e5:3d:cd:17:96:39:
52:25:2e:18:e8:24:d7:c2:d6:5b:1f:0f:c8:b5:05:
08:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:83:1F:F2:80:99:87:40:17:3A:99:03:17:CF:DE:BD:9F:42:FF:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S4Mf8oCZh0AXOpkDF8_evZ9C_8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.82.0/24
194.87.219.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f6:60:25:75:c1:6f:4f:0d:5e:fa:05:a1:e0:ef:ae:67:a6:
91:24:8d:cd:a2:9b:f5:3a:a0:92:b0:5b:06:ca:1d:a7:03:d1:
30:b7:c6:58:e1:f8:fb:3b:0c:a8:7d:ff:7a:e0:b2:a0:23:a3:
4b:6b:6b:11:b9:d7:9c:3a:38:77:7d:32:9b:66:90:37:f1:34:
12:ae:99:44:9f:0f:5d:32:ca:ba:34:b2:cf:84:ac:48:aa:5d:
d6:4a:2e:5d:f7:b3:68:bb:2d:6d:c0:6a:d4:83:7f:3e:40:30:
d3:b4:0d:ad:b0:3b:1e:df:c7:64:9e:43:2f:03:c1:8f:c5:85:
ac:9f:1e:a7:a3:7d:e7:fe:41:7a:82:30:6d:25:b7:32:87:02:
81:ee:e2:f6:6d:64:2e:12:90:ad:5d:71:e2:09:7e:a5:10:8f:
73:cd:1d:d6:27:f5:db:dd:ae:8f:cf:a9:33:e0:6e:34:8b:a9:
b2:b1:97:12:af:15:73:f1:72:ef:2c:e0:41:f6:43:52:bf:97:
1e:bb:b7:1b:54:0b:04:d8:2f:cc:d3:05:0d:24:3f:7f:02:c2:
46:5c:e2:e1:0e:8f:4c:60:89:f4:2f:37:06:aa:3f:97:77:d3:
de:17:b7:28:54:09:cc:44:a4:2a:6b:0f:37:c1:26:ba:06:7c:
de:30:5a:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZvNYANAYHGyFRUxiCFhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgzMWZmMjgwOTk4NzQwMTczYTk5MDMxN2NmZGViZDlmNDJmZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzhh9YiAFM0LWxT+TNtpG9E/hYhW
h/Ex3x2nj9DYpnKZCe/hFb9kWj8c/V4h+XCbhjCb/BcUKpN6+SCFv+BNSxN5STpE
3K23CyMB2aNH5GolSPZMnoHJrJYEHMxmNNhWNmuRIHH3coXZyvYHskf+S+6+hV1i
2ORhMElqkLGPKBq/uvrrcTdUr49KR+wuOiB7PWh9/uuu4o/bh7/hRGxTQJJoijiF
vZSrOknPw4Q2YKtJTdCZkZ739DeX/4HOpH6cnVdp+Ee1nrQWCHavpiWueaZoOdzw
+g8CyxN1mfnQszrokRSEXatDSlXlPc0XljlSJS4Y6CTXwtZbHw/ItQUIPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEuDH/KAmYdAFzqZAxfP3r2fQv/JMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUzRNZjhvQ1poMEFYT3BrREY4X2V2WjlDXzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwldSAwQA
wlfbAwQAw4VLMA0GCSqGSIb3DQEBCwUAA4IBAQBe9mAldcFvTw1e+gWh4O+uZ6aR
JI3Nopv1OqCSsFsGyh2nA9Ewt8ZY4fj7Owyoff964LKgI6NLa2sRudecOjh3fTKb
ZpA38TQSrplEnw9dMsq6NLLPhKxIql3WSi5d97Nouy1twGrUg38+QDDTtA2tsDse
38dknkMvA8GPxYWsnx6no33n/kF6gjBtJbcyhwKB7uL2bWQuEpCtXXHiCX6lEI9z
zR3WJ/Xb3a6Pz6kz4G40i6mysZcSrxVz8XLvLOBB9kNSv5ceu7cbVAsE2C/M0wUN
JD9/AsJGXOLhDo9MYIn0LzcGqj+Xd9PeF7coVAnMRKQqaw83wSa6BnzeMFp6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:03 2023 by rpki-client on console-fra.rpki-client.org