Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlKsoM9KzLxRfEB_F8WOYmzHbNE.roa
File: YlKsoM9KzLxRfEB_F8WOYmzHbNE.roa (raw, json)
Hash identifier: sV2DV0yYXdiAmIg4SyWWyFR+NzJZxSwERjZbKAFTYN4=
Subject key identifier: 62:52:AC:A0:CF:4A:CC:BC:51:7C:40:7F:17:C5:8E:62:6C:C7:6C:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A2E6054CFDF66EC7BD85255839EE47B46
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlKsoM9KzLxRfEB_F8WOYmzHbNE.roa
Signing time: Fri 25 Aug 2023 20:26:19 +0000
ROA not before: Fri 25 Aug 2023 20:26:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.21.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2e:60:54:cf:df:66:ec:7b:d8:52:55:83:9e:e4:7b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 25 20:26:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6252aca0cf4accbc517c407f17c58e626cc76cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7b:69:cc:bb:cc:6c:f1:2b:a9:16:2e:04:81:
0c:73:1c:b8:36:94:02:95:54:a7:fb:0b:68:90:2c:
7f:07:82:8c:d8:81:0e:3a:c2:5a:9e:24:00:c1:d4:
7b:2e:42:36:c4:fd:ae:55:0c:a5:21:b4:01:29:93:
e0:a2:ba:4b:8a:8f:ab:ea:c0:fa:a7:e7:c4:16:d5:
0e:af:d6:0f:4f:e4:c2:ea:6e:0e:55:81:b5:26:47:
22:43:c3:6f:32:ac:d1:9f:2a:16:55:ef:0f:fa:d2:
b8:61:6f:87:34:d1:c8:63:67:f8:e8:9f:99:06:0e:
ca:d4:78:61:a3:b8:51:15:9c:a5:4f:4d:ad:24:7d:
55:3c:99:4d:13:58:66:13:dd:09:57:e9:e5:0d:d6:
5b:ca:35:d5:63:26:17:ad:7e:1b:ce:32:6a:58:ba:
43:37:39:44:0f:26:3a:86:c7:46:a6:36:ce:ec:b0:
a2:31:a3:f9:91:e9:7f:56:ca:06:ce:bf:7c:7c:5b:
0b:e2:13:b6:e2:90:13:17:92:05:72:93:24:33:c1:
51:f9:70:c7:6b:dc:fa:91:eb:2a:d8:14:ac:0f:8c:
c6:4b:16:dd:bd:7e:6a:30:aa:08:89:72:fa:34:40:
23:ff:d3:44:fc:7f:53:2a:9e:53:16:1a:98:7c:a6:
31:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:52:AC:A0:CF:4A:CC:BC:51:7C:40:7F:17:C5:8E:62:6C:C7:6C:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlKsoM9KzLxRfEB_F8WOYmzHbNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.21.0/24
194.87.170.0/24
194.87.187.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cf:29:42:61:f5:41:22:af:1c:2f:1b:cc:99:f5:0d:c0:bc:
d3:44:97:6b:26:6b:9e:c4:23:56:cb:ac:5a:7e:de:e4:6d:4d:
05:b6:55:f9:21:26:c0:0a:2c:be:ab:23:9d:7c:a3:0d:8a:63:
10:a0:25:14:64:02:b9:8b:25:18:8e:3c:9b:a8:41:2e:d6:42:
25:01:13:09:19:ae:ae:ee:2f:c0:43:c9:2e:13:d2:74:2b:4b:
76:d0:4b:0c:53:bd:e9:cb:c2:79:0a:38:12:d7:32:a2:12:51:
65:dd:77:4a:36:a2:1a:be:4e:40:6f:7d:41:2b:ea:ed:79:f8:
01:ec:d4:f8:11:70:ee:b9:bb:3f:67:c6:b9:d8:57:bd:55:a7:
8d:01:cc:3d:e9:30:5d:b4:28:6b:2b:25:43:c8:4d:77:17:b8:
07:b6:84:24:a9:63:ac:64:5d:94:6a:71:7c:82:e0:56:f0:c9:
8f:94:42:73:ee:83:b1:df:70:89:60:97:3f:3f:2c:22:4e:5d:
20:25:7e:85:15:58:42:53:b2:f8:69:85:c9:dc:f3:80:40:38:
fe:91:bb:89:fe:d8:3b:75:9b:1b:71:b0:51:98:c7:f8:b8:c7:
f1:ce:80:a8:eb:cd:a6:de:20:f1:cc:e6:64:59:e0:3b:20:8a:
a2:f6:ae:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYouYFTP32bse9hSVYOe5HtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI1MjAyNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUyYWNhMGNmNGFjY2JjNTE3YzQwN2YxN2M1OGU2MjZjYzc2Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHtpzLvMbPErqRYuBIEMcxy4NpQC
lVSn+wtokCx/B4KM2IEOOsJaniQAwdR7LkI2xP2uVQylIbQBKZPgorpLio+r6sD6
p+fEFtUOr9YPT+TC6m4OVYG1JkciQ8NvMqzRnyoWVe8P+tK4YW+HNNHIY2f46J+Z
Bg7K1Hhho7hRFZylT02tJH1VPJlNE1hmE90JV+nlDdZbyjXVYyYXrX4bzjJqWLpD
NzlEDyY6hsdGpjbO7LCiMaP5kel/VsoGzr98fFsL4hO24pATF5IFcpMkM8FR+XDH
a9z6kesq2BSsD4zGSxbdvX5qMKoIiXL6NEAj/9NE/H9TKp5TFhqYfKYxhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGJSrKDPSsy8UXxAfxfFjmJsx2zRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWxLc29NOUt6THhSZkVCX0Y4V09ZbXpIYk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxfAwQA
wlcVAwQAwleqAwQAwle7MA0GCSqGSIb3DQEBCwUAA4IBAQA0zylCYfVBIq8cLxvM
mfUNwLzTRJdrJmuexCNWy6xaft7kbU0FtlX5ISbACiy+qyOdfKMNimMQoCUUZAK5
iyUYjjybqEEu1kIlARMJGa6u7i/AQ8kuE9J0K0t20EsMU73py8J5CjgS1zKiElFl
3XdKNqIavk5Ab31BK+rtefgB7NT4EXDuubs/Z8a52Fe9VaeNAcw96TBdtChrKyVD
yE13F7gHtoQkqWOsZF2UanF8guBW8MmPlEJz7oOx33CJYJc/PywiTl0gJX6FFVhC
U7L4aYXJ3POAQDj+kbuJ/tg7dZsbcbBRmMf4uMfxzoCo682m3iDxzOZkWeA7IIqi
9q5C
-----END CERTIFICATE-----
Generated at Sun Sep 10 17:43:22 2023 by rpki-client on console-ams.rpki-client.org