Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UoRrKJe8c3topf79YTDan9oXjjk.roa
File: UoRrKJe8c3topf79YTDan9oXjjk.roa (raw, json)
Hash identifier: Moszh2oT1fXufuofmM6cUGH5aWZ0Lr962EeOJzXAOf0=
Subject key identifier: 52:84:6B:28:97:BC:73:7B:68:A5:FE:FD:61:30:DA:9F:DA:17:8E:39
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875B9C9A372604E8E8C0DACC81714101E5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UoRrKJe8c3topf79YTDan9oXjjk.roa
Signing time: Fri 07 Apr 2023 12:06:42 +0000
ROA not before: Fri 07 Apr 2023 12:06:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206446
IP address blocks: 194.87.211.0/24 maxlen: 24
195.133.95.0/24 maxlen: 24
195.133.33.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:9c:9a:37:26:04:e8:e8:c0:da:cc:81:71:41:01:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 7 12:06:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52846b2897bc737b68a5fefd6130da9fda178e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4e:8d:a6:e9:6c:9c:aa:1b:de:a5:22:37:62:
b1:e0:82:03:7f:14:7c:28:c3:d7:24:bd:4e:7b:34:
18:c6:3d:bf:06:6a:09:ca:71:94:90:51:43:d2:59:
f0:5a:a1:c6:6f:4b:af:c3:e6:92:f9:1c:1f:8c:89:
1f:ad:ff:76:dc:9f:fd:06:9e:87:98:03:16:84:14:
54:fd:ee:cd:d8:e8:c6:d8:b5:2c:71:5b:86:2e:54:
11:19:6e:cc:3f:21:3e:9d:fc:e5:a7:3c:55:d4:c8:
ff:51:87:54:a2:50:a0:e6:8f:7c:84:9e:6b:61:2d:
7a:17:d1:08:df:48:e6:b0:55:42:06:fd:1c:ac:3a:
df:7f:a2:14:f6:b1:b8:fa:f7:1a:05:6f:d1:69:10:
f2:ca:fa:c2:4c:29:42:d9:9a:5b:a0:8f:79:11:6c:
f1:da:f9:13:14:84:f7:87:56:ed:c4:53:bf:be:79:
eb:dd:0d:3c:29:8a:9d:0b:fc:c2:bf:46:4a:87:fc:
0b:83:e4:11:8e:d2:72:a7:88:6c:38:b2:d1:36:c5:
1a:f2:08:cb:d0:83:d3:9e:e2:c0:03:0f:0f:74:af:
77:da:56:84:54:eb:be:27:b3:70:50:22:28:c3:6d:
86:67:11:0a:27:9d:f0:27:c2:27:2e:b1:01:09:02:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:84:6B:28:97:BC:73:7B:68:A5:FE:FD:61:30:DA:9F:DA:17:8E:39
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UoRrKJe8c3topf79YTDan9oXjjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.183.0/24
194.87.211.0/24
195.133.33.0/24
195.133.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:69:07:30:4a:cd:a2:2f:ab:97:d2:4d:b6:76:7b:21:b4:c8:
ac:d3:79:35:03:fa:f0:62:72:89:32:6c:d5:03:05:a4:b7:dc:
fb:13:89:ab:02:a3:15:9d:38:05:f7:47:87:6f:e8:63:c5:55:
36:9a:fc:ee:b6:7d:10:d6:e1:05:8d:c6:e0:43:e2:58:80:b6:
6a:6c:5c:36:c5:4a:17:35:07:6b:d9:93:28:2e:46:5c:35:13:
91:0f:f6:ff:b4:bf:53:d1:bd:e6:94:fb:52:fc:a4:5c:e9:fb:
09:f7:d9:26:b5:32:70:d3:04:06:42:5d:da:99:ed:1f:b0:76:
be:2d:42:b9:5f:e9:1c:76:fc:14:56:49:b3:0c:b4:3f:cc:07:
fa:64:43:ec:2e:82:d8:97:8c:a6:db:06:15:41:5a:15:66:4f:
b7:ac:5f:67:2c:db:68:41:03:65:d2:c2:82:19:bc:f6:4b:10:
7c:94:bd:8a:40:a5:5c:41:17:bc:8b:d2:57:db:55:2d:b7:15:
5d:d3:f4:db:b8:c7:8b:09:eb:2f:50:5c:c6:63:94:ec:23:2d:
9c:21:df:c7:5a:6b:e6:9d:d4:94:3a:85:bc:e0:14:59:9c:78:
92:06:30:58:4a:1d:45:e1:d5:75:51:e2:46:0d:a0:25:7c:f1:
93:5b:0e:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdbnJo3JgTo6MDazIFxQQHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA3MTIwNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg0NmIyODk3YmM3MzdiNjhhNWZlZmQ2MTMwZGE5ZmRhMTc4ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU6NpulsnKob3qUiN2Kx4IIDfxR8
KMPXJL1OezQYxj2/BmoJynGUkFFD0lnwWqHGb0uvw+aS+RwfjIkfrf923J/9Bp6H
mAMWhBRU/e7N2OjG2LUscVuGLlQRGW7MPyE+nfzlpzxV1Mj/UYdUolCg5o98hJ5r
YS16F9EI30jmsFVCBv0crDrff6IU9rG4+vcaBW/RaRDyyvrCTClC2ZpboI95EWzx
2vkTFIT3h1btxFO/vnnr3Q08KYqdC/zCv0ZKh/wLg+QRjtJyp4hsOLLRNsUa8gjL
0IPTnuLAAw8PdK932laEVOu+J7NwUCIow22GZxEKJ53wJ8InLrEBCQIWfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFKEayiXvHN7aKX+/WEw2p/aF445MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVW9ScktKZThjM3RvcGY3OVlURGFuOW9YamprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwle3AwQA
wlfTAwQAw4UhAwQAw4VfMA0GCSqGSIb3DQEBCwUAA4IBAQB7aQcwSs2iL6uX0k22
dnshtMis03k1A/rwYnKJMmzVAwWkt9z7E4mrAqMVnTgF90eHb+hjxVU2mvzutn0Q
1uEFjcbgQ+JYgLZqbFw2xUoXNQdr2ZMoLkZcNRORD/b/tL9T0b3mlPtS/KRc6fsJ
99kmtTJw0wQGQl3ame0fsHa+LUK5X+kcdvwUVkmzDLQ/zAf6ZEPsLoLYl4ym2wYV
QVoVZk+3rF9nLNtoQQNl0sKCGbz2SxB8lL2KQKVcQRe8i9JX21UttxVd0/TbuMeL
CesvUFzGY5TsIy2cId/HWmvmndSUOoW84BRZnHiSBjBYSh1F4dV1UeJGDaAlfPGT
Ww5v
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org