Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XCf6pRKkp59hM2D8BlQ-njE9fio.roa
File: XCf6pRKkp59hM2D8BlQ-njE9fio.roa (raw, json)
Hash identifier: fyok2N2+W+5Fq8yx1I6NE1y1+mXJ4L8R8PZzSMEoii8=
Subject key identifier: 5C:27:FA:A5:12:A4:A7:9F:61:33:60:FC:06:54:3E:9E:31:3D:7E:2A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01872C81143780355C859F43A06D51DCA09D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XCf6pRKkp59hM2D8BlQ-njE9fio.roa
Signing time: Wed 29 Mar 2023 08:34:29 +0000
ROA not before: Wed 29 Mar 2023 08:34:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50321
IP address blocks: 194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:81:14:37:80:35:5c:85:9f:43:a0:6d:51:dc:a0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 29 08:34:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c27faa512a4a79f613360fc06543e9e313d7e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:ba:a1:a7:58:5b:9a:af:80:c3:85:9a:58:
55:ad:36:21:92:7c:c4:d7:59:d9:e6:1a:f3:97:de:
7d:ce:88:35:f7:3c:bf:1d:da:0e:6d:b3:05:44:d6:
30:cd:64:0d:02:f6:21:e4:15:3b:da:19:43:b7:59:
c0:6c:70:42:79:fa:17:a2:30:71:22:32:98:e6:bf:
1e:86:38:ef:e6:2c:67:12:9b:2e:66:6f:e9:98:ae:
6e:fe:56:85:44:dc:56:60:ca:25:c2:92:a4:51:31:
31:a2:a0:d3:6f:60:80:09:d5:32:1f:d4:25:24:17:
a4:06:e4:09:21:73:21:ca:c8:28:fb:71:9a:82:68:
cf:81:35:91:cf:f8:d1:2d:ee:8a:57:52:e7:47:bc:
5f:13:ef:fa:c5:ea:4a:fc:06:0b:30:b6:2f:51:a5:
85:55:74:53:66:64:e7:73:3f:d5:2f:0b:e3:93:fb:
be:f6:4c:2e:8a:65:09:30:1c:03:4f:4b:74:4c:39:
2f:70:0f:00:3c:d6:95:5d:e1:63:e6:eb:44:3b:82:
a4:59:b9:ce:a8:3d:3e:1a:f9:24:5b:17:db:75:6a:
16:e5:aa:55:3e:2b:4b:aa:37:e8:d3:d4:bb:99:1e:
a3:c3:14:ed:dd:29:a0:ea:64:2a:31:26:ea:a4:d4:
db:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:27:FA:A5:12:A4:A7:9F:61:33:60:FC:06:54:3E:9E:31:3D:7E:2A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XCf6pRKkp59hM2D8BlQ-njE9fio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.30.0/24
212.192.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:31:ef:f4:7e:f2:16:4b:f9:e5:dd:52:1f:24:1c:fa:a6:12:
3e:90:1a:af:05:11:fc:0d:c7:c6:e7:45:a6:b4:bb:ba:de:bf:
51:38:5c:e8:97:b8:b6:86:27:dc:f5:66:23:57:5b:53:60:ba:
a6:aa:2d:47:49:04:6c:89:9c:1a:48:d1:d5:87:4c:2e:d1:e5:
0f:54:7a:aa:ab:da:68:99:ad:b2:af:a5:d1:d3:77:05:21:08:
11:08:59:8b:4a:3b:5d:e0:ab:fd:42:26:17:07:b6:6c:3f:95:
b3:41:60:32:87:03:9a:8b:f2:97:e5:36:8d:82:7b:f9:7b:b0:
03:20:ab:a3:ff:0c:26:25:a4:e6:b9:59:8e:bf:8b:ac:23:e7:
62:4b:84:75:69:29:55:7a:24:7b:dc:18:5c:46:0e:9a:1a:09:
ce:13:65:68:22:b6:ed:1a:89:74:af:71:18:dc:30:68:bc:69:
61:97:67:c7:d5:a1:b7:e9:db:32:63:34:67:e7:3b:10:7c:10:
67:5b:c7:6c:78:37:6f:84:71:60:92:3d:16:11:ad:00:58:a4:
22:4b:1e:56:5f:5e:98:55:fc:3c:92:34:01:8c:bb:4b:63:32:
8b:1c:00:85:2b:8f:bd:79:ed:08:d3:73:2c:39:46:f7:6f:78:
87:25:1f:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcsgRQ3gDVchZ9DoG1R3KCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI5MDgzNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI3ZmFhNTEyYTRhNzlmNjEzMzYwZmMwNjU0M2U5ZTMxM2Q3ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlm6oadYW5qvgMOFmlhVrTYhknzE
11nZ5hrzl959zog19zy/HdoObbMFRNYwzWQNAvYh5BU72hlDt1nAbHBCefoXojBx
IjKY5r8ehjjv5ixnEpsuZm/pmK5u/laFRNxWYMolwpKkUTExoqDTb2CACdUyH9Ql
JBekBuQJIXMhysgo+3GagmjPgTWRz/jRLe6KV1LnR7xfE+/6xepK/AYLMLYvUaWF
VXRTZmTncz/VLwvjk/u+9kwuimUJMBwDT0t0TDkvcA8APNaVXeFj5utEO4KkWbnO
qD0+GvkkWxfbdWoW5apVPitLqjfo09S7mR6jwxTt3Smg6mQqMSbqpNTbCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFwn+qUSpKefYTNg/AZUPp4xPX4qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWENmNnBSS2twNTloTTJEOEJsUS1uakU5ZmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwoceAwQA
1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqMe/0fvIWS/nl3VIfJBz6phI+kBqvBRH8
DcfG50WmtLu63r9ROFzol7i2hifc9WYjV1tTYLqmqi1HSQRsiZwaSNHVh0wu0eUP
VHqqq9poma2yr6XR03cFIQgRCFmLSjtd4Kv9QiYXB7ZsP5WzQWAyhwOai/KX5TaN
gnv5e7ADIKuj/wwmJaTmuVmOv4usI+diS4R1aSlVeiR73BhcRg6aGgnOE2VoIrbt
Gol0r3EY3DBovGlhl2fH1aG36dsyYzRn5zsQfBBnW8dseDdvhHFgkj0WEa0AWKQi
Sx5WX16YVfw8kjQBjLtLYzKLHACFK4+9ee0I03MsOUb3b3iHJR90
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:05 2023 by rpki-client on console-fra.rpki-client.org