Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S8qAq6Vwhl8aHY8S_QUTR95L1G8.roa
File: S8qAq6Vwhl8aHY8S_QUTR95L1G8.roa (raw, json)
Hash identifier: 08BjcFl+jvfgGB0woFAoBT240SFzi6uvikgw58IIJOA=
Subject key identifier: 4B:CA:80:AB:A5:70:86:5F:1A:1D:8F:12:FD:05:13:47:DE:4B:D4:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A69CE158B6E27D3FFD8B13BEFC88DF393
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S8qAq6Vwhl8aHY8S_QUTR95L1G8.roa
Signing time: Wed 06 Sep 2023 09:23:48 +0000
ROA not before: Wed 06 Sep 2023 09:23:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.20.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:ce:15:8b:6e:27:d3:ff:d8:b1:3b:ef:c8:8d:f3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 09:23:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bca80aba570865f1a1d8f12fd051347de4bd46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:28:d1:4a:fd:65:ab:b8:0e:71:17:1b:d6:
0b:08:f1:54:94:ef:e4:6c:73:5a:ca:9e:2c:d4:08:
9e:08:04:96:33:f3:3d:10:5c:4c:eb:bb:a1:f2:14:
3a:6e:a0:6a:07:a9:cb:12:d9:8b:b9:d0:7b:c5:8e:
8f:b3:f9:6f:2f:2c:4a:cd:e3:91:68:58:29:50:be:
d9:d5:df:7d:85:b2:a0:99:99:6f:f9:c6:6f:26:04:
b0:d7:a3:f3:cc:43:90:e8:7b:5a:12:7f:27:76:8f:
16:88:f3:4b:2f:48:8c:6f:cd:a6:65:8b:d9:e3:a6:
25:fa:66:9f:88:37:01:83:6b:a1:59:99:85:a2:b2:
7f:41:80:44:3b:b1:a6:cd:63:5a:27:0f:fb:fb:5b:
62:51:74:1c:26:3e:b8:b2:d5:f0:13:14:e5:14:65:
34:18:77:4c:60:fc:c1:a2:28:cd:6d:44:33:d0:0a:
47:2e:47:45:75:33:2d:50:1a:8b:2c:5b:37:c6:4a:
79:80:d8:50:f5:03:d1:55:b7:10:76:eb:80:bc:2c:
c3:c1:fd:e4:c6:34:63:30:59:67:5e:f9:39:83:d6:
b1:8f:df:d3:11:23:f1:7e:06:9d:6a:2c:d1:b5:89:
2c:20:86:41:8b:2c:0a:60:b7:d1:5a:f7:76:84:57:
be:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CA:80:AB:A5:70:86:5F:1A:1D:8F:12:FD:05:13:47:DE:4B:D4:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S8qAq6Vwhl8aHY8S_QUTR95L1G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
193.124.4.0/24
194.87.2.0/24
194.87.20.0/24
194.87.30.0/24
194.87.44.0/24
194.87.221.0/24
194.135.105.0/24
195.58.34.0/24
195.58.58.0/24
195.133.35.0/24
195.133.78.0/24
195.133.94.0/24
212.192.8.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b2:9f:50:63:1a:d3:55:79:b5:20:50:5d:73:f4:42:08:89:
e7:91:75:bd:c1:a0:fb:f2:56:a1:d8:49:ab:ba:97:08:43:df:
1e:74:37:76:8d:be:d4:1b:8d:7b:e3:1c:0e:01:b9:4b:e1:32:
95:b6:66:b8:25:56:7d:f3:3b:8a:ee:14:4e:7c:fe:15:26:f7:
dc:d0:b8:be:1e:c0:ba:46:72:b9:70:df:5b:b7:38:7a:fb:f5:
9c:14:6c:ad:c3:1b:c8:d9:97:90:d8:07:6e:07:bf:fc:c3:f5:
1d:c9:4b:9b:9e:79:66:2b:23:1c:88:67:33:cf:b4:3d:ce:ae:
ec:9f:cc:82:18:06:c3:99:f2:ae:97:8c:d3:b7:d2:f0:c0:00:
59:6e:60:b4:f7:8b:e0:57:cc:09:83:aa:8c:4e:09:b9:39:81:
4c:a2:8a:dd:05:e4:0f:98:b4:80:e6:93:66:8d:db:81:ca:4f:
6e:ba:08:f0:39:ea:ec:0c:1f:22:d7:22:62:55:1b:65:a1:d8:
14:25:65:de:99:dc:a0:91:2a:40:2c:f7:b6:98:48:bf:a4:78:
15:2e:65:b8:da:ea:ba:64:06:f4:62:a5:16:a8:0c:e5:58:41:
2b:3a:32:7e:65:39:03:d7:c6:5e:fd:21:9a:f8:0d:ef:68:e7:
a1:fc:16:ef
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYppzhWLbifT/9ixO+/IjfOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MDkyMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNhODBhYmE1NzA4NjVmMWExZDhmMTJmZDA1MTM0N2RlNGJkNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqywo0Ur9Zau4DnEXG9YLCPFUlO/k
bHNayp4s1AieCASWM/M9EFxM67uh8hQ6bqBqB6nLEtmLudB7xY6Ps/lvLyxKzeOR
aFgpUL7Z1d99hbKgmZlv+cZvJgSw16PzzEOQ6HtaEn8ndo8WiPNLL0iMb82mZYvZ
46Yl+mafiDcBg2uhWZmForJ/QYBEO7GmzWNaJw/7+1tiUXQcJj64stXwExTlFGU0
GHdMYPzBoijNbUQz0ApHLkdFdTMtUBqLLFs3xkp5gNhQ9QPRVbcQduuAvCzDwf3k
xjRjMFlnXvk5g9axj9/TESPxfgadaizRtYksIIZBiywKYLfRWvd2hFe+zQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEvKgKulcIZfGh2PEv0FE0feS9RvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUzhxQXE2VndobDhhSFk4U19RVVRSOTVMMUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwHy3AwQA
wXwEAwQAwlcCAwQAwlcUAwQAwlceAwQAwlcsAwQAwlfdAwQAwodpAwQAwzoiAwQA
wzo6AwQAw4UjAwQAw4VOAwQAw4VeAwQA1MAIAwQA1MD4MA0GCSqGSIb3DQEBCwUA
A4IBAQABsp9QYxrTVXm1IFBdc/RCCInnkXW9waD78lah2EmrupcIQ98edDd2jb7U
G4174xwOAblL4TKVtma4JVZ98zuK7hROfP4VJvfc0Li+HsC6RnK5cN9btzh6+/Wc
FGytwxvI2ZeQ2AduB7/8w/UdyUubnnlmKyMciGczz7Q9zq7sn8yCGAbDmfKul4zT
t9LwwABZbmC094vgV8wJg6qMTgm5OYFMoordBeQPmLSA5pNmjduByk9uugjwOers
DB8i1yJiVRtlodgUJWXemdygkSpALPe2mEi/pHgVLmW42uq6ZAb0YqUWqAzlWEEr
OjJ+ZTkD18Ze/SGa+A3vaOeh/Bbv
-----END CERTIFICATE-----
Generated at Fri Sep 8 13:43:58 2023 by rpki-client on console-ams.rpki-client.org