Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsUz3w1rr67Hm-xqy4H4x5m4UYs.roa
File: XsUz3w1rr67Hm-xqy4H4x5m4UYs.roa (raw, json)
Hash identifier: 4kmMemPx2fL1hd5HnprYXMk1zPQNNEOoAnQJhy7Mv1s=
Subject key identifier: 5E:C5:33:DF:0D:6B:AF:AE:C7:9B:EC:6A:CB:81:F8:C7:99:B8:51:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188237FAC5950559412DD0814A6F6C5F9C9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsUz3w1rr67Hm-xqy4H4x5m4UYs.roa
Signing time: Tue 16 May 2023 07:39:09 +0000
ROA not before: Tue 16 May 2023 07:39:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:7f:ac:59:50:55:94:12:dd:08:14:a6:f6:c5:f9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 16 07:39:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ec533df0d6bafaec79bec6acb81f8c799b8518b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:d9:bf:32:b0:44:24:1c:07:5f:e1:d8:c9:
95:31:b6:fb:07:25:24:fe:e2:82:e6:ca:30:8d:0c:
70:d0:39:c1:8c:c1:1f:e4:86:8f:7c:be:aa:4e:a7:
c1:99:e0:0b:8b:35:fc:dd:35:2a:e0:b6:e5:66:ea:
70:34:4d:c8:e0:12:7e:ed:93:4a:6a:b7:bd:d1:d8:
13:a3:69:99:57:93:c4:6b:ba:01:86:02:e5:99:c6:
ba:00:81:30:5f:5d:42:a4:bd:7a:68:17:bd:a9:41:
da:5f:d2:90:2c:b4:01:d7:7b:ac:4c:09:79:62:ed:
c8:5c:11:a8:36:3e:cc:5f:1f:fd:c8:81:68:cc:5e:
a8:c2:23:59:cf:35:a2:a5:ab:d7:47:3f:41:57:2d:
34:21:ed:05:15:56:ee:70:3f:f7:ab:f3:42:f2:fa:
fe:a5:dd:c9:60:af:db:f8:5f:9a:e1:1c:ca:72:43:
50:76:99:2c:c0:2c:99:fc:cf:4d:2e:f6:17:6d:a0:
0d:81:88:6b:c2:48:a7:5a:e3:92:51:cf:23:c9:4c:
f4:fd:51:ea:25:2f:02:f5:40:26:9a:76:ee:26:e6:
09:ec:77:02:2a:81:a6:2f:8c:df:28:c0:b1:a7:20:
38:9e:25:53:bd:47:a2:21:b2:90:d6:9b:4b:50:88:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C5:33:DF:0D:6B:AF:AE:C7:9B:EC:6A:CB:81:F8:C7:99:B8:51:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XsUz3w1rr67Hm-xqy4H4x5m4UYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.47.0/24
194.58.46.0/24
194.58.155.0/24
194.87.30.0/24
194.87.42.0/24
194.87.108.0/24
194.87.161.0/24
194.87.163.0/24
194.87.205.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
39:bc:a4:c8:9e:d8:4b:55:89:0f:7c:7a:39:52:ec:8b:74:41:
fd:01:e1:23:60:a6:40:2d:30:58:77:04:f8:0d:a8:3b:3b:fd:
b2:eb:c9:e6:2e:de:d3:64:23:c5:9a:5a:73:e6:1b:d4:44:2e:
a3:0b:66:dc:f0:d0:04:cc:80:0b:9c:10:f6:8d:b7:c8:a0:50:
e8:8a:82:22:2e:51:49:f4:75:92:7e:6b:c8:95:ed:d4:de:89:
97:a0:aa:9d:0b:fe:d8:48:b8:51:ba:22:d4:a2:f5:0c:54:ba:
b7:00:53:88:38:b1:83:f9:8d:e8:aa:aa:b3:8c:95:70:63:fb:
75:f4:69:71:eb:d3:3f:43:a2:8b:b7:ad:f8:f2:15:6e:c1:25:
97:a7:4f:0a:e7:6b:4f:5c:09:6c:a5:fe:0d:e8:70:27:62:48:
3b:70:55:23:04:89:ab:59:39:bf:30:01:3d:38:31:d3:7a:19:
fd:80:b3:f7:08:97:c6:d1:25:53:4a:ae:f2:ab:b9:3c:45:e0:
74:d1:e2:90:41:bd:09:44:a1:4f:5d:db:05:bd:06:79:50:79:
64:0b:9f:e4:f9:ba:fe:20:72:05:28:3b:b3:65:df:d8:2b:d3:
72:79:7e:34:6a:29:1e:a0:a7:65:63:cf:ef:0e:e9:88:ed:5b:
fb:c4:8d:eb
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYgjf6xZUFWUEt0IFKb2xfnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE2MDczOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWM1MzNkZjBkNmJhZmFlYzc5YmVjNmFjYjgxZjhjNzk5Yjg1MThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVjZvzKwRCQcB1/h2MmVMbb7ByUk
/uKC5sowjQxw0DnBjMEf5IaPfL6qTqfBmeALizX83TUq4LblZupwNE3I4BJ+7ZNK
are90dgTo2mZV5PEa7oBhgLlmca6AIEwX11CpL16aBe9qUHaX9KQLLQB13usTAl5
Yu3IXBGoNj7MXx/9yIFozF6owiNZzzWipavXRz9BVy00Ie0FFVbucD/3q/NC8vr+
pd3JYK/b+F+a4RzKckNQdpkswCyZ/M9NLvYXbaANgYhrwkinWuOSUc8jyUz0/VHq
JS8C9UAmmnbuJuYJ7HcCKoGmL4zfKMCxpyA4niVTvUeiIbKQ1ptLUIgFbwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFF7FM98Na6+ux5vsasuB+MeZuFGLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWHNVejN3MXJyNjdIbS14cXk0SDR4NW00VVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXwSAwQA
wXwvAwQAwjouAwQAwjqbAwQAwlceAwQAwlcqAwQAwldsAwQAwlehAwQAwlejAwQA
wlfNAwQAwlfPMA0GCSqGSIb3DQEBCwUAA4IBAQA5vKTInthLVYkPfHo5UuyLdEH9
AeEjYKZALTBYdwT4Dag7O/2y68nmLt7TZCPFmlpz5hvURC6jC2bc8NAEzIALnBD2
jbfIoFDoioIiLlFJ9HWSfmvIle3U3omXoKqdC/7YSLhRuiLUovUMVLq3AFOIOLGD
+Y3oqqqzjJVwY/t19Glx69M/Q6KLt6348hVuwSWXp08K52tPXAlspf4N6HAnYkg7
cFUjBImrWTm/MAE9ODHTehn9gLP3CJfG0SVTSq7yq7k8ReB00eKQQb0JRKFPXdsF
vQZ5UHlkC5/k+br+IHIFKDuzZd/YK9NyeX40aikeoKdlY8/vDumI7Vv7xI3r
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org