Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S_PwJ5EGcpDgqwVbeQpvCpSqvGc.roa
File: S_PwJ5EGcpDgqwVbeQpvCpSqvGc.roa (raw, json)
Hash identifier: Hf5Ci8RhGMJG2oQ2FG4W44Hi41AYEzDs7YOUAQ/Q9vg=
Subject key identifier: 4B:F3:F0:27:91:06:72:90:E0:AB:05:5B:79:0A:6F:0A:94:AA:BC:67
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186F330CED34F8B9B6FF7F73C0F8E483750
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S_PwJ5EGcpDgqwVbeQpvCpSqvGc.roa
Signing time: Sat 18 Mar 2023 05:28:27 +0000
ROA not before: Sat 18 Mar 2023 05:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f3:30:ce:d3:4f:8b:9b:6f:f7:f7:3c:0f:8e:48:37:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 18 05:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bf3f02791067290e0ab055b790a6f0a94aabc67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:bc:ee:2f:30:ff:02:70:01:ec:04:e9:df:
e5:f8:73:e2:ae:91:0b:cc:1a:0c:90:2d:38:96:67:
dd:81:4e:3e:f7:ab:1a:b2:70:79:b8:36:e7:6e:0d:
bd:5c:3f:57:49:15:56:84:02:42:24:9e:9d:79:e3:
0e:8b:13:44:a5:b7:c0:92:f9:cf:dd:20:67:c5:56:
79:1c:c5:ef:a5:3e:34:28:07:7e:29:1b:34:d7:01:
b6:9e:8a:06:60:2c:d7:35:14:94:a0:5b:0f:73:be:
c5:5f:bf:80:1c:86:ab:73:20:08:b0:d6:7a:8d:b0:
f5:d4:35:3d:ab:1c:19:e7:d9:55:dc:77:dd:46:9d:
c7:b8:66:5d:9b:06:38:b2:07:97:67:a0:87:7c:59:
89:7c:4b:55:6f:22:9c:0d:ac:9c:bf:50:b5:18:98:
e9:15:ff:16:7e:8f:3b:d0:8f:26:9a:07:fd:a5:29:
65:50:38:af:81:c3:16:89:47:42:94:d8:39:dd:56:
18:29:53:4b:8c:5a:a4:77:bc:3c:40:29:bd:bf:97:
5b:37:34:82:a0:1b:7a:a6:2d:c0:4c:d9:42:70:08:
43:cc:02:db:a9:1b:b0:52:99:97:35:b9:ce:76:fd:
d3:76:d9:f4:74:e5:4c:fc:ab:a3:7b:7b:c3:f2:a9:
10:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F3:F0:27:91:06:72:90:E0:AB:05:5B:79:0A:6F:0A:94:AA:BC:67
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/S_PwJ5EGcpDgqwVbeQpvCpSqvGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.90.0/24
193.124.200.0/24
194.87.124.0/24
194.87.252.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
70:63:8b:02:58:84:35:cf:28:a4:c1:67:25:cd:5a:30:f5:bd:
ce:f1:0c:76:6f:7c:ec:26:2a:90:43:ab:f5:3f:d5:d2:b7:13:
21:37:47:eb:4d:03:cf:1b:77:81:b8:4e:40:e0:ea:4e:a3:c3:
55:38:60:70:6d:63:df:ec:95:51:7e:33:dc:a9:96:1f:c5:4f:
eb:75:db:fe:d8:6a:02:26:c3:9d:fb:35:b0:b3:b4:f3:68:91:
85:30:67:bd:7e:fd:4a:d9:19:04:13:fe:98:02:4d:b2:a7:cd:
9c:80:51:a4:61:7d:cf:26:85:6e:09:da:40:84:ad:ac:2a:18:
bc:f6:69:a9:41:c2:bf:0d:f2:3b:f9:df:15:56:13:e7:e4:6f:
5d:43:f4:a5:b1:be:82:c0:0a:50:f6:4f:65:98:9f:c0:d7:2b:
62:bc:d5:4b:a3:98:5f:a3:b7:5b:e5:a0:9a:82:6a:1f:52:84:
18:59:6e:5f:08:bc:cc:0f:49:7f:df:13:bf:1b:5c:98:e2:ca:
d4:42:02:81:f2:33:64:62:8b:84:db:4b:90:91:f5:e0:6d:ce:
3b:9d:01:d7:36:1b:fc:9d:f2:1b:3e:67:a0:de:0b:e9:6a:4c:
49:10:13:57:a5:12:5e:43:23:7f:90:1e:57:1a:0a:85:d0:d7:
42:02:46:87
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYbzMM7TT4ubb/f3PA+OSDdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzE4MDUyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYzZjAyNzkxMDY3MjkwZTBhYjA1NWI3OTBhNmYwYTk0YWFiYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsce87i8w/wJwAewE6d/l+HPirpEL
zBoMkC04lmfdgU4+96sasnB5uDbnbg29XD9XSRVWhAJCJJ6deeMOixNEpbfAkvnP
3SBnxVZ5HMXvpT40KAd+KRs01wG2nooGYCzXNRSUoFsPc77FX7+AHIarcyAIsNZ6
jbD11DU9qxwZ59lV3HfdRp3HuGZdmwY4sgeXZ6CHfFmJfEtVbyKcDaycv1C1GJjp
Ff8Wfo870I8mmgf9pSllUDivgcMWiUdClNg53VYYKVNLjFqkd7w8QCm9v5dbNzSC
oBt6pi3ATNlCcAhDzALbqRuwUpmXNbnOdv3Tdtn0dOVM/Kuje3vD8qkQywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEvz8CeRBnKQ4KsFW3kKbwqUqrxnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU19Qd0o1RUdjcERncXdWYmVRcHZDcFNxdkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkziAwQA
wHy0AwQAwXxaAwQAwXzIAwQAwld8AwQAwlf8AwQA1MAJMA0GCSqGSIb3DQEBCwUA
A4IBAQBwY4sCWIQ1zyikwWclzVow9b3O8Qx2b3zsJiqQQ6v1P9XStxMhN0frTQPP
G3eBuE5A4OpOo8NVOGBwbWPf7JVRfjPcqZYfxU/rddv+2GoCJsOd+zWws7TzaJGF
MGe9fv1K2RkEE/6YAk2yp82cgFGkYX3PJoVuCdpAhK2sKhi89mmpQcK/DfI7+d8V
VhPn5G9dQ/Slsb6CwApQ9k9lmJ/A1ytivNVLo5hfo7db5aCagmofUoQYWW5fCLzM
D0l/3xO/G1yY4srUQgKB8jNkYouE20uQkfXgbc47nQHXNhv8nfIbPmeg3gvpakxJ
EBNXpRJeQyN/kB5XGgqF0NdCAkaH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org