Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0zFUTZp6MCzXC7BlTGhwMZqi7I.roa
File: Y0zFUTZp6MCzXC7BlTGhwMZqi7I.roa (raw, json)
Hash identifier: C9wHUysSIGNl1weHLlOSJmSzlZOFmCt0X56K59YSoRk=
Subject key identifier: 63:4C:C5:51:36:69:E8:C0:B3:5C:2E:C1:95:31:A1:C0:C6:6A:8B:B2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188ADC115159EC7521560649A7E8F6F5394
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0zFUTZp6MCzXC7BlTGhwMZqi7I.roa
Signing time: Mon 12 Jun 2023 03:58:12 +0000
ROA not before: Mon 12 Jun 2023 03:58:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ad:c1:15:15:9e:c7:52:15:60:64:9a:7e:8f:6f:53:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 03:58:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=634cc5513669e8c0b35c2ec19531a1c0c66a8bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:af:fe:e3:b8:a1:70:77:f4:09:a2:1d:78:17:
57:04:43:8b:44:9b:af:78:04:c4:82:c0:5d:ac:d3:
83:bf:3a:9f:60:09:97:2e:90:1c:08:e1:01:c9:75:
07:21:71:2b:cf:54:0d:8d:95:1c:81:31:a8:b8:06:
9a:84:de:24:20:8f:c6:1f:0e:8e:a3:cb:0e:f4:5e:
53:24:8e:eb:2f:46:d9:39:08:dd:c2:ef:a3:9a:18:
46:3f:91:1a:3b:85:af:6c:8d:21:5e:a1:f6:d7:57:
29:33:5e:c7:98:c2:d0:a1:eb:0b:c3:dd:3b:f7:ca:
22:20:01:2d:be:31:0a:5a:ac:1c:42:6c:cf:bf:16:
a5:e7:dd:0a:d9:b0:7d:63:a1:54:38:98:24:f4:70:
fd:69:29:dc:5b:b3:ec:93:0d:91:74:18:a6:c1:a5:
41:52:dd:b4:b5:ae:1a:63:8e:73:e1:19:c1:aa:5b:
b9:fd:1e:dd:e5:56:2b:b4:78:bb:44:07:5c:3c:e8:
64:5a:de:69:cd:a3:af:65:db:9e:83:15:e1:3f:99:
c0:c4:d1:14:98:ee:d0:7b:e5:41:52:6e:5d:04:2d:
7b:24:5a:87:6c:f3:f2:44:ec:c1:79:4e:fd:9e:a2:
dd:ca:a6:d8:96:fe:1a:06:c7:b4:65:2c:38:2f:e7:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4C:C5:51:36:69:E8:C0:B3:5C:2E:C1:95:31:A1:C0:C6:6A:8B:B2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y0zFUTZp6MCzXC7BlTGhwMZqi7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.58.46.0/24
194.87.161.0/24
194.87.163.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:54:14:ec:cf:f5:23:25:a7:04:26:ba:07:5c:b8:8f:e0:a3:
c0:e8:86:ee:f3:ce:16:84:8d:95:54:c0:74:cc:62:86:a4:0a:
f8:7e:24:89:f9:15:0d:ee:4e:37:8c:4e:21:89:ec:fa:16:ed:
bc:b9:c3:9f:e5:f5:f4:d2:39:44:8f:0b:e3:27:3a:46:55:a2:
50:1a:0d:0d:6b:ee:63:21:d2:ac:28:c5:61:53:73:09:ee:08:
38:37:69:af:09:22:63:d3:45:75:26:46:d1:26:8c:f2:f4:84:
51:7d:42:18:97:39:93:12:6a:a5:d3:7b:2d:f1:d1:19:73:db:
0d:b2:96:f4:0c:e2:30:f4:bf:82:91:0c:35:7c:f2:68:cb:27:
9c:fa:27:86:b3:74:08:e1:45:a8:fd:46:66:c8:9d:e2:ab:03:
dc:6b:80:a7:e0:19:ec:15:5f:c1:44:85:c6:dd:f1:b8:2b:fb:
22:69:2a:62:19:ca:5d:13:54:93:3c:12:9d:71:40:10:f1:cb:
1c:c7:f4:5f:59:ea:8e:5d:ba:b3:54:d5:a4:0f:e9:c8:ee:70:
d8:93:40:80:da:15:8f:6e:04:d4:5d:d7:68:0a:ac:d2:d4:25:
51:82:78:3c:4e:4a:f0:af:58:fb:fb:e9:37:8e:5f:3b:c4:66:
3e:74:d7:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYitwRUVnsdSFWBkmn6Pb1OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEyMDM1ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRjYzU1MTM2NjllOGMwYjM1YzJlYzE5NTMxYTFjMGM2NmE4YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq/+47ihcHf0CaIdeBdXBEOLRJuv
eATEgsBdrNODvzqfYAmXLpAcCOEByXUHIXErz1QNjZUcgTGouAaahN4kII/GHw6O
o8sO9F5TJI7rL0bZOQjdwu+jmhhGP5EaO4WvbI0hXqH211cpM17HmMLQoesLw907
98oiIAEtvjEKWqwcQmzPvxal590K2bB9Y6FUOJgk9HD9aSncW7Pskw2RdBimwaVB
Ut20ta4aY45z4RnBqlu5/R7d5VYrtHi7RAdcPOhkWt5pzaOvZduegxXhP5nAxNEU
mO7Qe+VBUm5dBC17JFqHbPPyROzBeU79nqLdyqbYlv4aBse0ZSw4L+eB2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGNMxVE2aejAs1wuwZUxocDGaouyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWTB6RlVUWnA2TUN6WEM3QmxUR2h3TVpxaTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwvAwQA
wjouAwQAwlehAwQAwlejAwQAwlfPMA0GCSqGSIb3DQEBCwUAA4IBAQAvVBTsz/Uj
JacEJroHXLiP4KPA6Ibu884WhI2VVMB0zGKGpAr4fiSJ+RUN7k43jE4hiez6Fu28
ucOf5fX00jlEjwvjJzpGVaJQGg0Na+5jIdKsKMVhU3MJ7gg4N2mvCSJj00V1JkbR
Jozy9IRRfUIYlzmTEmql03st8dEZc9sNspb0DOIw9L+CkQw1fPJoyyec+ieGs3QI
4UWo/UZmyJ3iqwPca4Cn4BnsFV/BRIXG3fG4K/siaSpiGcpdE1STPBKdcUAQ8csc
x/RfWeqOXbqzVNWkD+nI7nDYk0CA2hWPbgTUXddoCqzS1CVRgng8Tkrwr1j7++k3
jl87xGY+dNdT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org