Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TYhHyO9a6mLRSROIciaqI9TOQqk.roa
File: TYhHyO9a6mLRSROIciaqI9TOQqk.roa (raw, json)
Hash identifier: K60wo1liZQKWC5n7hV0xIYQa76R+12ksxS0o/Y6DKnE=
Subject key identifier: 4D:88:47:C8:EF:5A:EA:62:D1:49:13:88:72:26:AA:23:D4:CE:42:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01880A2BE77981ECE4D3C1BF2BE85BC641F7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TYhHyO9a6mLRSROIciaqI9TOQqk.roa
Signing time: Thu 11 May 2023 09:37:09 +0000
ROA not before: Thu 11 May 2023 09:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 212.193.15.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:2b:e7:79:81:ec:e4:d3:c1:bf:2b:e8:5b:c6:41:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 11 09:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d8847c8ef5aea62d14913887226aa23d4ce42a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bd:20:d2:a3:e2:85:3d:fc:4b:77:f1:4f:1e:
3c:4d:3b:9b:ae:f2:16:e5:57:b2:1a:1a:b5:24:2a:
20:74:f4:99:8b:c5:c4:a8:9b:10:e4:96:38:ea:9f:
4e:43:ce:d8:4c:8c:29:9d:ff:42:99:1e:46:12:21:
8a:fa:7e:aa:9e:9e:e1:ca:a0:b1:69:a4:1e:72:65:
e6:8b:8b:cc:60:fe:31:c2:ce:73:66:39:88:3e:e6:
c5:5b:23:a1:38:b6:a7:87:97:ed:86:e3:e5:3b:2d:
32:cf:49:c6:a7:7b:43:f8:d3:5a:31:14:dd:34:7f:
1a:41:cf:b9:48:4a:73:80:74:9f:0e:64:a0:a7:a1:
0b:5e:5c:10:52:56:57:da:1e:31:67:fa:7f:27:f9:
83:7a:7a:a6:45:79:c0:0a:d5:e4:35:99:4c:7c:09:
88:53:1b:62:d8:ee:25:28:3e:ac:6a:1e:10:2c:ed:
11:f0:09:1c:a4:ce:7b:ce:7e:63:48:d0:e1:16:af:
b8:c1:6f:a9:3d:99:84:5f:db:5a:0d:92:d7:27:3a:
6e:56:08:00:fa:63:a5:8d:cc:e4:4e:29:8e:e1:c9:
7d:89:d0:72:d6:90:38:84:98:54:88:a9:3d:df:43:
ac:06:bf:4c:ee:d9:c5:91:27:d1:e3:f1:48:d8:28:
95:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:88:47:C8:EF:5A:EA:62:D1:49:13:88:72:26:AA:23:D4:CE:42:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TYhHyO9a6mLRSROIciaqI9TOQqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.38.0/24
194.58.67.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
94:93:d8:04:c5:07:dd:1b:3e:62:10:af:c6:1c:0a:d0:c5:33:
9e:36:20:73:c1:40:58:d4:4c:56:8c:0d:02:70:76:11:3a:91:
31:21:a5:40:2d:48:4b:68:1c:fe:84:4e:49:05:5b:41:62:d5:
97:ec:46:73:40:26:b5:b4:41:40:65:8b:79:cb:86:3b:8a:d4:
36:f8:41:aa:e2:c3:79:1d:62:e1:c7:57:c1:74:f6:6b:e3:71:
c5:7b:f7:f9:48:0e:44:88:6d:14:e7:3d:f6:aa:f1:38:25:a5:
71:d4:cc:40:84:a4:67:51:ba:37:5c:9b:70:b5:99:24:ee:52:
29:4a:b3:bf:ae:f5:5d:00:92:51:40:c6:54:09:90:51:1c:88:
99:4f:42:60:b1:19:37:8d:5f:4d:17:79:92:ef:24:98:8d:dd:
77:b2:cd:c0:76:2e:5a:fb:ec:91:b1:57:6e:f0:b5:4b:f8:69:
5d:75:2b:fe:57:f4:04:43:d6:2d:66:30:ec:7c:c4:0a:fd:c6:
76:f0:fb:33:68:c6:76:f8:f6:0d:e4:69:aa:d0:f7:2c:65:2a:
ac:fe:8d:c3:6a:34:4d:41:e3:85:a9:84:c2:a4:99:94:8e:84:
30:06:ec:83:ae:7d:08:62:23:59:d5:20:aa:99:16:5e:ea:51:
ff:5e:32:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgKK+d5gezk08G/K+hbxkH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTExMDkzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg4NDdjOGVmNWFlYTYyZDE0OTEzODg3MjI2YWEyM2Q0Y2U0MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj70g0qPihT38S3fxTx48TTubrvIW
5VeyGhq1JCogdPSZi8XEqJsQ5JY46p9OQ87YTIwpnf9CmR5GEiGK+n6qnp7hyqCx
aaQecmXmi4vMYP4xws5zZjmIPubFWyOhOLanh5fthuPlOy0yz0nGp3tD+NNaMRTd
NH8aQc+5SEpzgHSfDmSgp6ELXlwQUlZX2h4xZ/p/J/mDenqmRXnACtXkNZlMfAmI
Uxti2O4lKD6sah4QLO0R8AkcpM57zn5jSNDhFq+4wW+pPZmEX9taDZLXJzpuVggA
+mOljczkTimO4cl9idBy1pA4hJhUiKk930OsBr9M7tnFkSfR4/FI2CiVBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE2IR8jvWupi0UkTiHImqiPUzkKpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFloSHlPOWE2bUxSU1JPSWNpYXFJOVRPUXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjomAwQA
wjpDAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQCUk9gExQfdGz5iEK/GHArQxTOe
NiBzwUBY1ExWjA0CcHYROpExIaVALUhLaBz+hE5JBVtBYtWX7EZzQCa1tEFAZYt5
y4Y7itQ2+EGq4sN5HWLhx1fBdPZr43HFe/f5SA5EiG0U5z32qvE4JaVx1MxAhKRn
Ubo3XJtwtZkk7lIpSrO/rvVdAJJRQMZUCZBRHIiZT0JgsRk3jV9NF3mS7ySYjd13
ss3Adi5a++yRsVdu8LVL+GlddSv+V/QEQ9YtZjDsfMQK/cZ28PszaMZ2+PYN5Gmq
0PcsZSqs/o3DajRNQeOFqYTCpJmUjoQwBuyDrn0IYiNZ1SCqmRZe6lH/XjLG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org