Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SScc4Av63u8QcoQrbiZ3dYZBWxc.roa
File: SScc4Av63u8QcoQrbiZ3dYZBWxc.roa (raw, json)
Hash identifier: aEWiZf4rxTYaVy1xHUnDe3fuWAVQPodOzHXlvpgNANI=
Subject key identifier: 49:27:1C:E0:0B:FA:DE:EF:10:72:84:2B:6E:26:77:75:86:41:5B:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018991F25F1521E5AAC0E3075E20E14C7C79
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SScc4Av63u8QcoQrbiZ3dYZBWxc.roa
Signing time: Wed 26 Jul 2023 11:25:27 +0000
ROA not before: Wed 26 Jul 2023 11:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.119.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:f2:5f:15:21:e5:aa:c0:e3:07:5e:20:e1:4c:7c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 26 11:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49271ce00bfadeef1072842b6e26777586415b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e6:ab:f9:0e:10:a9:2c:26:8b:a9:0d:51:85:
6a:c8:8b:73:d8:1d:7f:cc:11:8a:42:ce:d5:a5:b8:
7e:32:5e:1c:a3:28:e6:e0:2f:8a:20:1e:46:a0:1a:
dd:09:fa:ab:70:2e:52:37:e9:b8:fb:73:41:cd:95:
d8:cd:11:49:3b:6c:ad:65:9a:eb:06:bf:3f:e6:b2:
2c:62:a3:a0:6c:71:87:80:86:af:94:73:a9:88:69:
fa:f4:1c:7d:80:f4:ba:97:f6:40:de:41:a3:88:c8:
ca:9b:6a:89:30:74:76:24:b4:2c:f2:cb:30:d7:56:
ac:20:96:8d:7b:0d:76:3a:fe:33:09:3d:ee:da:03:
d3:fd:50:f6:7a:8c:68:1b:b1:bb:02:94:ed:62:d7:
94:67:65:33:81:07:ff:6f:3d:2d:24:b3:0c:63:d6:
71:79:ec:1c:62:02:c5:60:5a:c2:dc:00:65:d6:dc:
de:e7:91:83:35:2e:47:ab:2a:b5:95:03:47:b1:a8:
c4:ea:77:dd:b6:6b:4a:77:48:0d:cf:f5:e9:2a:a1:
82:56:ea:b3:c8:2b:67:64:7c:6e:2e:1b:25:cd:c7:
ed:51:a6:5e:cd:0e:b0:06:85:fc:8e:05:d4:bc:ae:
d7:c5:0b:ae:34:e8:fd:46:fa:3d:29:cf:34:28:d7:
07:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:27:1C:E0:0B:FA:DE:EF:10:72:84:2B:6E:26:77:75:86:41:5B:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SScc4Av63u8QcoQrbiZ3dYZBWxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.94.0/24
193.124.201.0/24
194.87.119.0/24
194.87.181.0/24
194.135.30.0/24
212.192.0.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
67:9e:a2:e7:3e:12:95:82:fd:b5:fc:c7:28:90:52:e8:22:79:
df:68:c2:71:59:fb:d5:c4:7c:a8:cc:ed:8d:e4:41:ac:60:00:
d3:ac:49:cc:5c:8d:aa:ae:f5:dd:69:40:ff:78:c4:6c:04:c2:
4e:61:3c:42:ae:8f:52:9f:a6:af:d9:27:4a:e8:7a:01:84:a6:
e9:8c:76:bf:ad:18:90:1c:f3:23:76:2d:60:d1:a8:31:38:ac:
c3:f1:5a:12:1d:c4:c2:9b:e2:fb:b6:0f:68:3e:b3:0f:e6:c4:
ce:a7:1b:07:d6:ce:35:a6:f5:20:aa:59:d7:76:1d:65:ea:87:
41:2c:6c:48:b1:6b:d3:c7:db:1f:c5:15:8e:5b:c7:0f:24:ae:
d4:14:c5:ba:87:53:c4:c2:79:28:b9:5b:ce:d2:b5:38:fd:28:
1f:69:90:71:ff:7f:52:1b:2b:16:c4:5e:c0:52:cd:79:e3:38:
4a:e8:ed:cf:ba:8e:6a:03:7c:d8:e1:57:4c:99:bf:5f:f7:78:
07:fa:84:7c:69:b7:8f:a5:62:df:f5:e0:b8:df:ce:1b:0f:83:
07:53:5c:44:dd:d1:2c:0b:49:36:f3:46:44:75:41:f9:a2:e0:
3d:3f:45:30:d1:ac:52:44:62:dd:d2:a7:bc:9a:1f:9a:32:f7:
93:2b:8e:15
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmR8l8VIeWqwOMHXiDhTHx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI2MTEyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI3MWNlMDBiZmFkZWVmMTA3Mjg0MmI2ZTI2Nzc3NTg2NDE1YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOar+Q4QqSwmi6kNUYVqyItz2B1/
zBGKQs7Vpbh+Ml4coyjm4C+KIB5GoBrdCfqrcC5SN+m4+3NBzZXYzRFJO2ytZZrr
Br8/5rIsYqOgbHGHgIavlHOpiGn69Bx9gPS6l/ZA3kGjiMjKm2qJMHR2JLQs8ssw
11asIJaNew12Ov4zCT3u2gPT/VD2eoxoG7G7ApTtYteUZ2UzgQf/bz0tJLMMY9Zx
eewcYgLFYFrC3ABl1tze55GDNS5Hqyq1lQNHsajE6nfdtmtKd0gNz/XpKqGCVuqz
yCtnZHxuLhslzcftUaZezQ6wBoX8jgXUvK7XxQuuNOj9Rvo9Kc80KNcHmwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEknHOAL+t7vEHKEK24md3WGQVsXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1NjYzRBdjYzdThRY29RcmJpWjNkWVpCV3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXxeAwQA
wXzJAwQAwld3AwQAwle1AwQAwoceAwQA1MAAAwQA1MD4MA0GCSqGSIb3DQEBCwUA
A4IBAQBnnqLnPhKVgv21/McokFLoInnfaMJxWfvVxHyozO2N5EGsYADTrEnMXI2q
rvXdaUD/eMRsBMJOYTxCro9Sn6av2SdK6HoBhKbpjHa/rRiQHPMjdi1g0agxOKzD
8VoSHcTCm+L7tg9oPrMP5sTOpxsH1s41pvUgqlnXdh1l6odBLGxIsWvTx9sfxRWO
W8cPJK7UFMW6h1PEwnkouVvO0rU4/SgfaZBx/39SGysWxF7AUs154zhK6O3Puo5q
A3zY4VdMmb9f93gH+oR8abePpWLf9eC4384bD4MHU1xE3dEsC0k280ZEdUH5ouA9
P0Uw0axSRGLd0qe8mh+aMveTK44V
-----END CERTIFICATE-----
Generated at Thu Jul 27 10:20:18 2023 by rpki-client on console-ams.rpki-client.org