Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UiOtFVDQBUqcxec14VU2e08tcDg.roa
File: UiOtFVDQBUqcxec14VU2e08tcDg.roa (raw, json)
Hash identifier: N12vGqD8ywxZMoSp9bbJeeyV4XY2wVNI3cC/ogJALC4=
Subject key identifier: 52:23:AD:15:50:D0:05:4A:9C:C5:E7:35:E1:55:36:7B:4F:2D:70:38
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188C391B00D1257E98A7BAFE114FB2B1A12
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UiOtFVDQBUqcxec14VU2e08tcDg.roa
Signing time: Fri 16 Jun 2023 09:38:04 +0000
ROA not before: Fri 16 Jun 2023 09:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206216
IP address blocks: 212.192.210.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:91:b0:0d:12:57:e9:8a:7b:af:e1:14:fb:2b:1a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 16 09:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5223ad1550d0054a9cc5e735e155367b4f2d7038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:20:67:c8:b2:76:36:7a:5a:94:e7:ae:bc:4b:
4b:11:19:df:a3:07:21:75:e3:b5:4a:81:5d:3c:e9:
51:34:ba:cc:e2:ab:fb:26:ad:20:2b:0c:27:01:b4:
d7:a5:fe:b6:fd:d8:fe:e6:14:32:61:c7:5c:0d:2a:
d1:ac:2c:52:7e:01:4d:99:4b:83:41:66:b4:04:23:
c3:9d:ef:c8:a5:8e:04:f6:f0:87:4f:ec:ef:cd:e9:
42:a4:1a:d0:d5:3b:2d:52:ed:8a:65:4f:d3:48:84:
44:fc:62:3f:86:e3:7d:62:ad:06:03:1b:89:f0:dd:
72:b1:bf:11:fa:b0:ad:3d:aa:69:08:04:fc:e5:5b:
8a:53:32:de:e8:bc:37:2b:ed:44:b0:07:a7:05:b5:
79:73:f3:29:d6:2d:97:f0:dd:6f:fd:b8:d3:58:ea:
8d:f6:99:d7:4a:74:78:c5:bb:c0:93:a8:c9:f8:7c:
d4:dc:6b:30:02:8d:bf:b3:0c:e5:7e:a1:a0:fe:a1:
a0:3d:7e:75:c1:4b:eb:8e:44:e0:d1:e0:75:d6:08:
ac:4f:fa:36:75:41:3d:da:a4:29:57:72:22:c6:b5:
1e:0c:1d:fc:7c:71:ba:5f:a2:5e:a3:6f:bd:46:83:
c2:c7:cc:03:60:b3:7a:74:a3:d8:05:24:51:0e:c2:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:23:AD:15:50:D0:05:4A:9C:C5:E7:35:E1:55:36:7B:4F:2D:70:38
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UiOtFVDQBUqcxec14VU2e08tcDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.87.169.0/24
212.192.210.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6a:ae:0f:8f:59:b2:fc:f8:4f:9d:2c:8d:d1:47:f1:21:88:
16:67:f4:d4:38:17:a5:0d:47:85:6d:fd:f1:d3:d3:0f:c4:fd:
d1:1b:be:de:73:95:60:51:b8:29:08:ac:32:52:72:fe:c1:fa:
cf:a2:71:f3:0f:1c:80:03:26:d6:87:6c:a2:00:3f:6e:1d:8d:
37:8c:e0:fb:17:5f:58:0e:39:c6:b5:7b:75:81:2c:e2:55:22:
2c:ef:f0:ce:7c:78:87:86:af:c0:e2:68:6f:d5:1c:29:28:38:
33:7f:27:4e:ca:bb:1c:4d:39:49:cc:f2:fa:0e:37:87:d4:99:
ac:8f:13:37:0e:be:49:aa:92:41:a8:8f:9f:cd:7c:47:a4:c5:
aa:c1:ae:7b:32:7d:bb:5b:e7:6e:fc:df:f5:3b:2b:cc:1a:e2:
7a:4e:21:90:d5:b0:19:ab:fc:61:09:83:d6:cd:8d:a3:16:a7:
46:8b:4b:63:71:95:40:50:46:98:29:94:bf:3c:db:68:08:aa:
9d:00:b4:47:63:a1:d6:9d:97:88:cd:a1:15:a4:e9:fe:2b:bc:
41:4f:6f:e0:32:e8:31:ed:77:5a:db:dc:16:80:54:40:e7:07:
d5:e0:38:6d:db:91:27:a4:bc:d5:f0:dd:ac:56:44:4e:42:63:
9d:d7:95:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjDkbANElfpinuv4RT7KxoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE2MDkzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIzYWQxNTUwZDAwNTRhOWNjNWU3MzVlMTU1MzY3YjRmMmQ3MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyBnyLJ2NnpalOeuvEtLERnfowch
deO1SoFdPOlRNLrM4qv7Jq0gKwwnAbTXpf62/dj+5hQyYcdcDSrRrCxSfgFNmUuD
QWa0BCPDne/IpY4E9vCHT+zvzelCpBrQ1TstUu2KZU/TSIRE/GI/huN9Yq0GAxuJ
8N1ysb8R+rCtPappCAT85VuKUzLe6Lw3K+1EsAenBbV5c/Mp1i2X8N1v/bjTWOqN
9pnXSnR4xbvAk6jJ+HzU3GswAo2/swzlfqGg/qGgPX51wUvrjkTg0eB11gisT/o2
dUE92qQpV3IixrUeDB38fHG6X6Jeo2+9RoPCx8wDYLN6dKPYBSRRDsJ6OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFIjrRVQ0AVKnMXnNeFVNntPLXA4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWlPdEZWRFFCVXFjeGVjMTRWVTJlMDh0Y0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzLAwQA
wlepAwQA1MDSAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQBbaq4Pj1my/PhPnSyN
0UfxIYgWZ/TUOBelDUeFbf3x09MPxP3RG77ec5VgUbgpCKwyUnL+wfrPonHzDxyA
AybWh2yiAD9uHY03jOD7F19YDjnGtXt1gSziVSIs7/DOfHiHhq/A4mhv1RwpKDgz
fydOyrscTTlJzPL6DjeH1JmsjxM3Dr5JqpJBqI+fzXxHpMWqwa57Mn27W+du/N/1
OyvMGuJ6TiGQ1bAZq/xhCYPWzY2jFqdGi0tjcZVAUEaYKZS/PNtoCKqdALRHY6HW
nZeIzaEVpOn+K7xBT2/gMugx7Xda29wWgFRA5wfV4Dht25EnpLzV8N2sVkROQmOd
15Xl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org