Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnW0-CqmoR9_dK2Flt-TngkC7Q0.roa
File: XnW0-CqmoR9_dK2Flt-TngkC7Q0.roa (raw, json)
Hash identifier: 9E9TNZHueFl5HUNOPhFu4UNNERzCoAfwMhRUibMbVxU=
Subject key identifier: 5E:75:B4:F8:2A:A6:A1:1F:7F:74:AD:85:96:DF:93:9E:09:02:ED:0D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189920EC870C4010D5BDF29FB28BF05ADE9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnW0-CqmoR9_dK2Flt-TngkC7Q0.roa
Signing time: Wed 26 Jul 2023 11:56:29 +0000
ROA not before: Wed 26 Jul 2023 11:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:0e:c8:70:c4:01:0d:5b:df:29:fb:28:bf:05:ad:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 26 11:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e75b4f82aa6a11f7f74ad8596df939e0902ed0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:28:cc:dc:fd:bb:dc:79:9a:e3:42:4d:f1:46:
e7:77:3b:29:76:ce:80:42:bb:3d:a1:3a:d9:4c:bd:
51:4c:65:7d:8a:a3:db:d2:f6:ee:1f:2e:63:91:3b:
e6:9b:48:5b:fc:ae:80:2e:aa:21:50:60:27:c7:0c:
c7:26:47:7c:af:1a:76:51:fb:2d:84:eb:53:ae:52:
f7:70:65:16:5f:c5:a7:8f:7b:7a:54:a6:73:35:b9:
63:62:0b:df:50:e7:73:de:bb:4a:aa:b5:dc:5c:29:
a1:d5:69:e8:ce:bc:04:e9:2f:e6:53:9f:b5:85:c9:
62:9e:01:e2:10:b9:e0:4f:0f:c9:57:06:4d:1f:37:
f2:03:64:4b:5a:b7:f9:d5:7a:e0:a0:d5:ff:46:d1:
db:09:e1:88:ac:6e:48:ea:61:64:49:84:e8:db:b6:
9c:4b:85:40:1f:67:7e:e3:3f:6e:f6:79:b8:44:6d:
c6:84:59:06:68:f1:db:a2:47:c1:80:43:af:fc:9d:
4f:87:c1:53:1e:5c:8f:fd:da:59:59:3c:33:f7:39:
69:18:f0:9a:66:bd:93:70:82:07:57:4c:49:c6:a3:
0d:35:0a:72:fc:37:92:ad:7f:e1:7b:56:bd:51:05:
2d:cb:ed:fa:e7:87:76:65:c4:b6:0c:62:8b:c0:b4:
46:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:75:B4:F8:2A:A6:A1:1F:7F:74:AD:85:96:DF:93:9E:09:02:ED:0D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnW0-CqmoR9_dK2Flt-TngkC7Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
195.133.55.0/24
212.192.0.0/23
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:cb:23:7b:24:c5:82:6d:25:35:9e:3f:5a:5b:e2:76:7b:6f:
4e:86:6d:43:bf:1f:ef:d8:ee:0e:29:d6:63:06:5c:38:59:a9:
9f:31:9c:77:18:0c:ef:80:9f:37:88:65:4c:98:f6:41:a4:4a:
e4:ba:9c:68:b4:cd:fe:98:78:e7:69:4b:f4:5e:ed:fa:cd:ef:
ae:40:cd:54:62:b3:27:39:de:f9:06:e7:d9:fc:be:de:d1:4f:
ab:e0:f5:54:d6:7f:f9:cb:0f:49:0d:6e:49:8b:c1:a6:f6:08:
38:53:7a:e7:7f:c1:a5:56:b8:4e:48:02:f8:f9:13:dd:f2:4a:
06:0c:8c:ad:2f:15:8d:22:a4:b2:28:75:03:f7:41:c5:37:81:
91:b9:21:5b:27:8d:5d:df:73:35:55:1d:7e:e1:81:ee:d9:7f:
30:d6:3c:5e:63:56:f8:e7:a3:fe:d8:d2:e4:25:4d:ac:3b:5b:
e6:cd:82:9b:32:43:5d:2d:f8:09:4c:34:5b:12:57:25:5e:8d:
ff:00:85:89:63:5a:ce:0f:db:46:04:9c:f4:89:50:0b:a1:4a:
25:9a:7a:46:42:e5:fb:77:85:bf:6c:ea:bf:3f:bd:dd:42:27:
79:38:eb:2e:00:37:d7:54:49:95:61:0a:96:61:bc:40:da:a6:
f1:e5:c5:3e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYmSDshwxAENW98p+yi/Ba3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI2MTE1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc1YjRmODJhYTZhMTFmN2Y3NGFkODU5NmRmOTM5ZTA5MDJlZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCjM3P273Hma40JN8Ubndzspds6A
Qrs9oTrZTL1RTGV9iqPb0vbuHy5jkTvmm0hb/K6ALqohUGAnxwzHJkd8rxp2Ufst
hOtTrlL3cGUWX8Wnj3t6VKZzNbljYgvfUOdz3rtKqrXcXCmh1WnozrwE6S/mU5+1
hclingHiELngTw/JVwZNHzfyA2RLWrf51XrgoNX/RtHbCeGIrG5I6mFkSYTo27ac
S4VAH2d+4z9u9nm4RG3GhFkGaPHbokfBgEOv/J1Ph8FTHlyP/dpZWTwz9zlpGPCa
Zr2TcIIHV0xJxqMNNQpy/DeSrX/he1a9UQUty+3654d2ZcS2DGKLwLRG4wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFF51tPgqpqEff3SthZbfk54JAu0NMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWG5XMC1DcW1vUjlfZEsyRmx0LVRuZ2tDN1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBADCOi0D
BATCOiADBADCVxsDBADCV8YDBAHCV9ADBAHCV94DBAPDOjgDBADDhTcDBAHUwAAD
BADUwQAwDQYJKoZIhvcNAQELBQADggEBAC/LI3skxYJtJTWeP1pb4nZ7b06GbUO/
H+/Y7g4p1mMGXDhZqZ8xnHcYDO+AnzeIZUyY9kGkSuS6nGi0zf6YeOdpS/Re7frN
765AzVRisyc53vkG59n8vt7RT6vg9VTWf/nLD0kNbkmLwab2CDhTeud/waVWuE5I
Avj5E93ySgYMjK0vFY0ipLIodQP3QcU3gZG5IVsnjV3fczVVHX7hge7ZfzDWPF5j
Vvjno/7Y0uQlTaw7W+bNgpsyQ10t+AlMNFsSVyVejf8AhYljWs4P20YEnPSJUAuh
SiWaekZC5ft3hb9s6r8/vd1CJ3k46y4AN9dUSZVhCpZhvEDapvHlxT4=
-----END CERTIFICATE-----
Generated at Sun Sep 17 08:57:10 2023 by rpki-client on console-ams.rpki-client.org