Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SOjtXXoussu9D8GIRcfKrdC7YIU.roa
File: SOjtXXoussu9D8GIRcfKrdC7YIU.roa (raw, json)
Hash identifier: Oc8eoCgNzlv4Yezeoo1WdYpfM5q9V7AX5iErr89RDd4=
Subject key identifier: 48:E8:ED:5D:7A:2E:B2:CB:BD:0F:C1:88:45:C7:CA:AD:D0:BB:60:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B2D7FDBE02D700E55E9B52CEAD25554A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SOjtXXoussu9D8GIRcfKrdC7YIU.roa
Signing time: Sat 14 Oct 2023 09:23:55 +0000
ROA not before: Sat 14 Oct 2023 09:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 212.193.25.0/24 maxlen: 24
212.193.27.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:7f:db:e0:2d:70:0e:55:e9:b5:2c:ea:d2:55:54:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 09:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48e8ed5d7a2eb2cbbd0fc18845c7caadd0bb6085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:64:68:0a:9b:78:06:e8:88:8d:42:30:b3:89:
85:36:dd:dc:3d:8a:7f:43:21:9f:a0:f7:d4:bc:fc:
c7:14:da:4c:81:0b:d4:1a:3f:8e:24:94:30:97:93:
7f:c2:3a:62:e4:b5:6d:4b:dc:02:49:44:f9:f5:93:
0c:a8:ce:8d:e8:e2:03:46:1b:eb:dc:64:49:6a:86:
d4:3f:d6:17:70:b0:e3:60:d7:eb:65:2a:0b:ec:d7:
0b:8c:01:04:e1:ae:b5:38:47:96:cd:87:87:0e:d9:
ca:df:2c:e1:4f:a8:0d:9d:bc:55:66:3e:14:f5:76:
08:82:38:85:b2:38:49:08:19:f3:72:bf:5d:d8:2b:
66:79:54:4c:bc:05:fc:14:4d:e0:d9:f9:7b:80:68:
55:8c:d3:b3:1a:97:e9:3f:6e:b5:b7:0b:70:cd:cf:
dd:4a:73:9f:5d:2e:24:26:c8:0a:71:38:d6:9f:6f:
25:69:5e:d6:d6:15:ef:b3:5b:a4:77:33:ed:54:ff:
54:f8:8a:70:38:64:67:c0:5d:d8:71:dc:0d:11:c3:
7c:49:31:fb:71:6e:c0:82:4d:98:02:51:9d:d1:67:
03:27:f0:b8:d3:f5:66:b4:c0:9e:ae:ec:69:69:50:
9b:b4:ac:51:2b:14:f8:58:5f:e7:8b:8d:bf:64:6d:
cd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E8:ED:5D:7A:2E:B2:CB:BD:0F:C1:88:45:C7:CA:AD:D0:BB:60:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SOjtXXoussu9D8GIRcfKrdC7YIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.135.38.0/24
212.192.1.0/24
212.193.25.0/24
212.193.27.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:73:3c:f9:40:ed:c9:ce:32:49:8e:1e:bf:63:80:a2:f2:a9:
b0:ec:b2:24:86:f7:69:f0:a0:b1:2e:3b:88:49:04:02:5a:f4:
fc:59:1e:32:48:54:6b:36:bf:a8:70:82:5f:86:78:5f:e4:0b:
2a:04:a5:40:7a:f4:cd:e2:8e:1c:f0:46:5d:c7:de:8a:6c:f8:
8f:83:a6:fa:a7:2c:c0:48:25:77:60:7e:69:95:ce:18:f4:24:
af:d3:eb:df:cd:b7:bb:99:22:38:8c:56:9e:9d:98:01:07:3a:
cd:37:b7:f1:a1:e7:d8:94:b7:bf:2c:1f:b5:1b:f1:af:f3:dd:
84:8e:1d:ec:e6:4a:25:f7:0c:93:78:13:0b:b0:8d:b4:3b:f9:
4d:65:94:37:b5:ec:35:32:dd:11:2f:76:6f:ea:24:ae:b5:a5:
2f:b3:81:43:5c:88:66:33:6b:49:95:9a:a9:d3:20:ca:80:7b:
d3:27:0e:ec:08:4c:93:ac:de:31:b0:0b:1e:41:f8:79:c3:8a:
4c:28:d3:c8:ed:2f:a3:f9:69:0b:24:a4:3a:ed:05:ee:f6:2f:
29:fe:8a:be:80:35:15:ad:4c:05:d8:4b:08:69:f8:d2:9f:f2:
c7:8f:38:41:8b:8d:ed:db:a5:8a:1b:0d:bc:4f:33:c4:93:4a:
18:46:c5:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYstf9vgLXAOVem1LOrSVVSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE0MDkyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU4ZWQ1ZDdhMmViMmNiYmQwZmMxODg0NWM3Y2FhZGQwYmI2MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmRoCpt4BuiIjUIws4mFNt3cPYp/
QyGfoPfUvPzHFNpMgQvUGj+OJJQwl5N/wjpi5LVtS9wCSUT59ZMMqM6N6OIDRhvr
3GRJaobUP9YXcLDjYNfrZSoL7NcLjAEE4a61OEeWzYeHDtnK3yzhT6gNnbxVZj4U
9XYIgjiFsjhJCBnzcr9d2CtmeVRMvAX8FE3g2fl7gGhVjNOzGpfpP261twtwzc/d
SnOfXS4kJsgKcTjWn28laV7W1hXvs1ukdzPtVP9U+IpwOGRnwF3YcdwNEcN8STH7
cW7Agk2YAlGd0WcDJ/C40/VmtMCeruxpaVCbtKxRKxT4WF/ni42/ZG3NLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEjo7V16LrLLvQ/BiEXHyq3Qu2CFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU09qdFhYb3Vzc3U5RDhHSVJjZktyZEM3WUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUgKAwQA
wocmAwQA1MABAwQA1MEZAwQA1MEbMA0GCSqGSIb3DQEBCwUAA4IBAQBdczz5QO3J
zjJJjh6/Y4Ci8qmw7LIkhvdp8KCxLjuISQQCWvT8WR4ySFRrNr+ocIJfhnhf5Asq
BKVAevTN4o4c8EZdx96KbPiPg6b6pyzASCV3YH5plc4Y9CSv0+vfzbe7mSI4jFae
nZgBBzrNN7fxoefYlLe/LB+1G/Gv892Ejh3s5kol9wyTeBMLsI20O/lNZZQ3tew1
Mt0RL3Zv6iSutaUvs4FDXIhmM2tJlZqp0yDKgHvTJw7sCEyTrN4xsAseQfh5w4pM
KNPI7S+j+WkLJKQ67QXu9i8p/oq+gDUVrUwF2EsIafjSn/LHjzhBi43t26WKGw28
TzPEk0oYRsVy
-----END CERTIFICATE-----
Generated at Fri Oct 20 08:18:10 2023 by rpki-client on console-ams.rpki-client.org