Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWnSDZaeJLQ6Lq0LlsM_CJMjomY.roa
File: TWnSDZaeJLQ6Lq0LlsM_CJMjomY.roa (raw, json)
Hash identifier: oOdQZ0+OPxr82WlzWnPl4RUCDirxhS0WhUynoOhj8Eg=
Subject key identifier: 4D:69:D2:0D:96:9E:24:B4:3A:2E:AD:0B:96:C3:3F:08:93:23:A2:66
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189DE02179FCBEC78CC8877503D6E7755D9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWnSDZaeJLQ6Lq0LlsM_CJMjomY.roa
Signing time: Thu 10 Aug 2023 05:53:46 +0000
ROA not before: Thu 10 Aug 2023 05:53:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.166.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:02:17:9f:cb:ec:78:cc:88:77:50:3d:6e:77:55:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 05:53:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d69d20d969e24b43a2ead0b96c33f089323a266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:9d:20:34:b2:b4:4b:bd:86:0b:ed:29:6d:
c7:fe:d6:e8:92:b3:a6:5d:b2:1f:4b:c1:1d:73:c6:
fc:e3:80:d7:86:63:da:d5:21:09:31:b9:6e:69:d6:
c6:c1:0e:45:79:4b:6d:0a:58:b7:cc:73:3f:6c:0c:
da:70:59:44:38:66:dd:76:5b:54:7c:d8:32:aa:08:
73:e8:66:b2:be:83:2b:9a:7b:82:9a:a5:c6:e8:73:
9e:32:c1:d1:73:a6:16:df:7c:d3:1d:26:d0:c6:ce:
3a:b8:7f:67:ec:51:9a:49:9e:d9:9d:ab:4c:a5:5f:
bc:8a:bc:6e:d0:a0:10:82:9a:f3:06:c9:04:80:59:
a5:6f:b7:68:b4:a6:d0:ce:cd:82:dd:57:87:41:f1:
50:ae:13:ec:69:26:f0:e9:43:72:e7:71:94:ba:48:
b5:d0:cd:04:a1:f4:11:17:8b:66:56:12:92:f3:1b:
29:4d:22:ff:2f:a0:d5:62:82:0b:ca:69:dd:a9:e0:
d7:e2:bd:9a:76:9f:06:8a:59:aa:ca:30:53:8c:b6:
48:ce:6d:c1:4a:5a:dc:71:a2:46:0c:9e:4e:e8:e1:
ed:c0:52:ae:98:61:05:4b:fb:71:4c:0a:dc:ff:7f:
6a:30:f3:9f:c5:a3:6a:51:b7:fd:1f:40:5b:5d:a7:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:69:D2:0D:96:9E:24:B4:3A:2E:AD:0B:96:C3:3F:08:93:23:A2:66
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TWnSDZaeJLQ6Lq0LlsM_CJMjomY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.201.0/24
194.87.166.0/24
194.87.181.0/24
194.87.187.0/24
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
06:83:d4:62:c2:28:fd:ac:ff:e4:84:9b:2a:69:50:24:71:ed:
d8:3b:d5:bf:b0:32:7b:54:75:71:d6:ea:0b:b9:c1:cf:70:64:
16:6c:cb:ea:4c:33:c3:2b:dc:9d:39:ab:4a:40:49:9c:31:61:
a8:49:5c:da:3a:40:1c:4c:b7:f2:f3:2c:c6:20:a8:e9:23:31:
66:74:79:af:6f:4d:16:1c:0e:ed:b6:1b:12:b2:9d:d9:33:15:
af:a3:d4:99:c7:2f:0c:08:23:16:52:95:81:2b:56:fb:61:3b:
10:0a:a1:12:3b:77:22:66:a9:18:4b:12:e6:c4:1a:d3:24:a1:
b3:46:74:0f:26:82:a4:36:2e:77:86:c1:52:75:f2:39:ed:98:
ba:dd:24:22:a5:08:98:f7:3d:ac:ff:30:8f:06:0e:af:46:34:
ce:5b:9d:96:0e:a5:f0:3f:26:89:66:d5:9e:b0:ca:1e:ba:32:
46:21:5d:c4:23:b4:01:15:61:31:59:f0:e3:14:86:84:6b:02:
6a:ed:70:42:cc:99:91:01:a7:85:37:ff:49:81:60:bf:d0:79:
36:f4:59:00:76:b4:f0:b3:ea:b4:80:71:d2:31:3e:5a:2e:87:
1b:b0:ec:fe:87:5f:cd:22:4d:24:5d:41:a1:c9:7f:8a:15:4b:
75:bf:19:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYneAhefy+x4zIh3UD1ud1XZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODEwMDU1MzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY5ZDIwZDk2OWUyNGI0M2EyZWFkMGI5NmMzM2YwODkzMjNhMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCadIDSytEu9hgvtKW3H/tbokrOm
XbIfS8Edc8b844DXhmPa1SEJMbluadbGwQ5FeUttCli3zHM/bAzacFlEOGbddltU
fNgyqghz6GayvoMrmnuCmqXG6HOeMsHRc6YW33zTHSbQxs46uH9n7FGaSZ7ZnatM
pV+8irxu0KAQgprzBskEgFmlb7dotKbQzs2C3VeHQfFQrhPsaSbw6UNy53GUuki1
0M0EofQRF4tmVhKS8xspTSL/L6DVYoILymndqeDX4r2adp8GilmqyjBTjLZIzm3B
SlrccaJGDJ5O6OHtwFKumGEFS/txTArc/39qMPOfxaNqUbf9H0BbXafpSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE1p0g2WniS0Oi6tC5bDPwiTI6JmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFduU0RaYWVKTFE2THEwTGxzTV9DSk1qb21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXzJAwQA
wlemAwQAwle1AwQAwle7AwQA1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUAA4IBAQAG
g9Riwij9rP/khJsqaVAkce3YO9W/sDJ7VHVx1uoLucHPcGQWbMvqTDPDK9ydOatK
QEmcMWGoSVzaOkAcTLfy8yzGIKjpIzFmdHmvb00WHA7tthsSsp3ZMxWvo9SZxy8M
CCMWUpWBK1b7YTsQCqESO3ciZqkYSxLmxBrTJKGzRnQPJoKkNi53hsFSdfI57Zi6
3SQipQiY9z2s/zCPBg6vRjTOW52WDqXwPyaJZtWesMoeujJGIV3EI7QBFWExWfDj
FIaEawJq7XBCzJmRAaeFN/9JgWC/0Hk29FkAdrTws+q0gHHSMT5aLocbsOz+h1/N
Ik0kXUGhyX+KFUt1vxnC
-----END CERTIFICATE-----
Generated at Thu Aug 10 09:32:52 2023 by rpki-client on console-ams.rpki-client.org