Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrklWbPCuLiwmjy1SVMOFpDufng.roa
File: UrklWbPCuLiwmjy1SVMOFpDufng.roa (raw, json)
Hash identifier: 1E/NDxyHb2iGcmqgQGnS3tVa+dLkFCElvIC/TwVw/ck=
Subject key identifier: 52:B9:25:59:B3:C2:B8:B8:B0:9A:3C:B5:49:53:0E:16:90:EE:7E:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185E4777CA5F295DEB8B8E46F14B8640490
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrklWbPCuLiwmjy1SVMOFpDufng.roa
Signing time: Tue 24 Jan 2023 15:48:33 +0000
ROA not before: Tue 24 Jan 2023 15:48:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 194.87.222.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
193.124.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:77:7c:a5:f2:95:de:b8:b8:e4:6f:14:b8:64:04:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 24 15:48:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b92559b3c2b8b8b09a3cb549530e1690ee7e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:4e:06:e8:bb:db:07:06:7b:f7:63:e9:9e:
a3:dd:41:83:9f:f2:33:3b:34:60:06:70:bb:83:6f:
80:f6:79:64:41:6c:cf:53:d8:83:cc:30:9e:6a:88:
9f:34:6f:92:a7:14:26:f5:4e:45:bb:53:4c:2c:a1:
05:18:93:24:37:34:50:d2:ca:b9:01:7e:b2:82:8f:
21:ef:4f:ef:f0:ab:fd:70:0f:0b:df:d5:69:07:24:
31:2f:42:ae:ac:ed:34:0b:d3:81:ec:4d:33:81:d3:
4d:92:d3:3d:f5:cc:6a:1a:4e:c7:10:2a:64:9d:75:
d0:2b:c5:86:39:40:5a:19:e5:54:70:3b:e2:36:79:
9e:b4:f4:58:6d:cb:e4:44:47:22:e6:0b:fc:74:a3:
6f:34:f2:3c:5d:0f:73:7d:fa:e9:84:56:7d:72:bc:
bf:fc:09:ae:aa:19:1c:ad:eb:72:b3:44:be:19:e9:
a7:2b:22:7e:12:c6:2d:5c:af:d7:c6:8e:87:0a:e1:
c0:f3:4b:d8:56:91:29:dd:01:ab:1c:76:27:aa:18:
f6:ba:83:8c:87:7d:25:cc:d8:6c:b3:19:d3:43:5a:
84:04:09:d8:42:f0:fd:41:ce:c6:45:9a:d8:11:e6:
41:e3:1b:50:bb:50:d9:53:23:b0:17:af:a1:1d:28:
c0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B9:25:59:B3:C2:B8:B8:B0:9A:3C:B5:49:53:0E:16:90:EE:7E:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UrklWbPCuLiwmjy1SVMOFpDufng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.119.0/24
194.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
44:59:90:cf:c6:75:ac:4b:7b:73:44:9a:20:f5:81:17:c5:e8:
a8:20:e2:b9:03:34:37:49:b7:fa:28:a1:bc:de:88:54:6f:6d:
e8:ae:16:12:4e:7e:ad:e5:31:7c:da:82:76:d8:32:0b:1c:c8:
78:7c:24:42:6c:73:69:dc:7c:a7:c6:e2:1f:82:7e:89:51:01:
42:70:19:93:0e:f9:cf:e0:c0:0c:2a:21:32:13:df:43:c8:1b:
6a:75:71:07:1a:76:e1:41:f9:86:80:ab:5c:60:81:01:8b:f2:
b1:7d:e2:fb:78:eb:65:8c:72:91:8f:66:33:c7:8e:f5:a6:5a:
c0:0c:a3:bb:16:ef:e5:64:40:3d:87:b8:ff:f5:dc:1b:b6:c9:
95:f7:03:14:b4:4e:3d:28:bf:7f:56:af:96:56:c9:ab:8c:c1:
03:af:85:1e:bf:bd:17:79:ae:3f:a8:81:31:26:23:f4:37:cd:
c3:d8:38:ed:37:f2:3a:5e:e7:56:57:85:e8:48:6e:ae:21:b1:
4f:05:17:27:32:12:c8:8f:a2:67:95:ef:a7:72:f5:b6:10:5f:
d9:38:1b:0e:59:43:a7:aa:ae:ad:0f:bd:a7:b6:fa:e9:3f:48:
69:30:f8:d9:82:67:a7:a4:65:bd:a7:ed:e7:a0:a3:38:34:0c:
50:8d:5d:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkd3yl8pXeuLjkbxS4ZASQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI0MTU0ODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI5MjU1OWIzYzJiOGI4YjA5YTNjYjU0OTUzMGUxNjkwZWU3ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArltOBui72wcGe/dj6Z6j3UGDn/Iz
OzRgBnC7g2+A9nlkQWzPU9iDzDCeaoifNG+SpxQm9U5Fu1NMLKEFGJMkNzRQ0sq5
AX6ygo8h70/v8Kv9cA8L39VpByQxL0KurO00C9OB7E0zgdNNktM99cxqGk7HECpk
nXXQK8WGOUBaGeVUcDviNnmetPRYbcvkREci5gv8dKNvNPI8XQ9zffrphFZ9cry/
/Amuqhkcretys0S+GemnKyJ+EsYtXK/Xxo6HCuHA80vYVpEp3QGrHHYnqhj2uoOM
h30lzNhssxnTQ1qEBAnYQvD9Qc7GRZrYEeZB4xtQu1DZUyOwF6+hHSjAXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFK5JVmzwri4sJo8tUlTDhaQ7n54MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVXJrbFdiUEN1TGl3bWp5MVNWTU9GcER1Zm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwhAwQA
wld3AwQAwlfeMA0GCSqGSIb3DQEBCwUAA4IBAQBEWZDPxnWsS3tzRJog9YEXxeio
IOK5AzQ3Sbf6KKG83ohUb23orhYSTn6t5TF82oJ22DILHMh4fCRCbHNp3HynxuIf
gn6JUQFCcBmTDvnP4MAMKiEyE99DyBtqdXEHGnbhQfmGgKtcYIEBi/KxfeL7eOtl
jHKRj2Yzx471plrADKO7Fu/lZEA9h7j/9dwbtsmV9wMUtE49KL9/Vq+WVsmrjMED
r4Uev70Xea4/qIExJiP0N83D2DjtN/I6XudWV4XoSG6uIbFPBRcnMhLIj6Jnle+n
cvW2EF/ZOBsOWUOnqq6tD72ntvrpP0hpMPjZgmenpGW9p+3noKM4NAxQjV2C
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org