Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XToMwDHdaeuytJYs1sE75xUrDiw.roa
File: XToMwDHdaeuytJYs1sE75xUrDiw.roa (raw, json)
Hash identifier: Z77y1EKPGXRov8AD6LYU+J3puDso1vilr/6far+VMWY=
Subject key identifier: 5D:3A:0C:C0:31:DD:69:EB:B2:B4:96:2C:D6:C1:3B:E7:15:2B:0E:2C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC91152C537384B6655153B4A56DC12DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XToMwDHdaeuytJYs1sE75xUrDiw.roa
Signing time: Mon 13 Nov 2023 14:23:57 +0000
ROA not before: Mon 13 Nov 2023 14:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:11:52:c5:37:38:4b:66:55:15:3b:4a:56:dc:12:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 14:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d3a0cc031dd69ebb2b4962cd6c13be7152b0e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:18:82:40:51:1b:7b:32:95:a9:8a:a6:de:c9:
b1:b5:e9:ce:c2:da:98:83:3c:3e:1a:e3:94:54:6f:
15:a5:3a:26:ea:63:e7:f6:35:06:36:aa:97:8f:68:
cb:c2:b9:4a:fa:5a:87:85:b6:4e:aa:4f:e9:36:b9:
ba:31:a2:24:4a:6f:e4:84:71:49:68:87:4e:3a:b3:
1b:be:1a:c3:fc:f2:87:85:32:a4:80:87:55:dd:9b:
3a:6d:77:52:f4:07:38:13:a9:08:3b:af:e4:e6:a6:
60:fa:f0:c7:1d:f5:0a:fe:dc:fd:ba:45:76:cb:ea:
04:88:f4:ac:fd:49:01:34:cb:61:b0:3e:6c:99:2c:
c5:70:8b:84:b9:15:a8:5e:82:f1:1f:3f:65:ce:d5:
a6:48:21:93:53:ec:3b:41:03:13:38:d5:11:17:28:
9c:3c:af:e7:86:63:52:4e:a5:02:ab:f5:f6:4b:bd:
b7:24:04:85:ea:92:8c:0d:8e:0b:35:0a:b3:ea:3a:
63:b7:46:f2:48:7d:cc:f9:85:88:9d:e6:5d:56:41:
92:9e:1e:f3:3a:60:4e:eb:ca:8b:45:6b:82:39:87:
b8:72:61:1d:6a:8b:bd:99:ad:0f:1e:e7:77:13:5d:
0b:bb:7d:16:1b:e7:eb:85:52:0b:49:a0:88:e3:53:
b8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3A:0C:C0:31:DD:69:EB:B2:B4:96:2C:D6:C1:3B:E7:15:2B:0E:2C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XToMwDHdaeuytJYs1sE75xUrDiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.190.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:79:5d:fe:a2:4d:3f:c6:c2:3a:af:d8:e1:9a:dd:60:2c:75:
e4:36:c6:35:c3:04:5b:33:a5:75:3d:ee:c6:f9:c3:96:4c:35:
33:7e:f8:fa:74:40:55:3d:9b:34:3e:61:b1:2a:28:f3:05:e0:
4e:14:3f:6e:28:7a:fe:d1:85:84:94:a7:96:4a:17:68:a9:4b:
93:56:93:3a:aa:c3:6d:eb:7b:3d:56:73:e4:6c:c6:3f:24:70:
dc:dc:bc:fd:24:ad:91:ad:be:26:2d:91:70:fb:1a:f3:0d:53:
bb:4c:0d:7f:6b:2d:78:9c:d1:9b:f7:84:a3:85:1b:f9:63:9e:
b2:75:a7:ab:5c:b2:e9:97:9d:3f:83:a1:4b:27:a4:ac:3f:44:
88:24:ce:68:2d:16:0f:63:87:14:28:58:a0:05:29:e5:64:01:
9e:05:02:f1:d4:3d:68:8f:53:c5:f1:a9:b5:05:43:67:09:b5:
fc:b5:f6:88:ee:b4:19:9a:87:3c:0e:05:d7:25:5f:8d:7b:ff:
99:02:f2:dc:35:c7:a3:cf:05:8b:fc:c7:cf:8f:1d:44:78:0e:
1a:1b:4f:7b:3a:dc:ce:1b:2e:bd:ab:6b:21:b7:75:37:4f:2b:
c3:62:91:82:ba:88:28:02:83:92:82:1f:14:1c:c6:1d:49:d6:
b8:7b:c0:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvJEVLFNzhLZlUVO0pW3BLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMTQyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNhMGNjMDMxZGQ2OWViYjJiNDk2MmNkNmMxM2JlNzE1MmIwZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhiCQFEbezKVqYqm3smxtenOwtqY
gzw+GuOUVG8VpTom6mPn9jUGNqqXj2jLwrlK+lqHhbZOqk/pNrm6MaIkSm/khHFJ
aIdOOrMbvhrD/PKHhTKkgIdV3Zs6bXdS9Ac4E6kIO6/k5qZg+vDHHfUK/tz9ukV2
y+oEiPSs/UkBNMthsD5smSzFcIuEuRWoXoLxHz9lztWmSCGTU+w7QQMTONURFyic
PK/nhmNSTqUCq/X2S723JASF6pKMDY4LNQqz6jpjt0bySH3M+YWIneZdVkGSnh7z
OmBO68qLRWuCOYe4cmEdaou9ma0PHud3E10Lu30WG+frhVILSaCI41O4NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF06DMAx3WnrsrSWLNbBO+cVKw4sMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWFRvTXdESGRhZXV5dEpZczFzRTc1eFVyRGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwHAwQA
wle+AwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQCPeV3+ok0/xsI6r9jhmt1gLHXk
NsY1wwRbM6V1Pe7G+cOWTDUzfvj6dEBVPZs0PmGxKijzBeBOFD9uKHr+0YWElKeW
ShdoqUuTVpM6qsNt63s9VnPkbMY/JHDc3Lz9JK2Rrb4mLZFw+xrzDVO7TA1/ay14
nNGb94SjhRv5Y56ydaerXLLpl50/g6FLJ6SsP0SIJM5oLRYPY4cUKFigBSnlZAGe
BQLx1D1oj1PF8am1BUNnCbX8tfaI7rQZmoc8DgXXJV+Ne/+ZAvLcNcejzwWL/MfP
jx1EeA4aG097OtzOGy69q2sht3U3TyvDYpGCuogoAoOSgh8UHMYdSda4e8CL
-----END CERTIFICATE-----
Generated at Wed Nov 22 14:15:02 2023 by rpki-client on console-ams.rpki-client.org