Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z6cUGp6DHekW0yYqQMlLRSiBzTA.roa
File: Z6cUGp6DHekW0yYqQMlLRSiBzTA.roa (raw, json)
Hash identifier: F6Cb7JLoV3/4soHxe4sWKDw9jqnRMj/z5bKczbCu458=
Subject key identifier: 67:A7:14:1A:9E:83:1D:E9:16:D3:26:2A:40:C9:4B:45:28:81:CD:30
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D9C19EFBDB6CCD4D9D07B5F73E22190C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z6cUGp6DHekW0yYqQMlLRSiBzTA.roa
Signing time: Tue 20 Jun 2023 17:02:04 +0000
ROA not before: Tue 20 Jun 2023 17:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:c1:9e:fb:db:6c:cd:4d:9d:07:b5:f7:3e:22:19:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 20 17:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a7141a9e831de916d3262a40c94b452881cd30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cf:8b:a2:6c:40:78:4a:80:53:9b:87:43:10:
e6:30:fe:e8:48:05:d0:86:9f:66:fa:61:d2:74:5a:
80:89:df:79:24:c5:cf:c6:4b:00:7b:e3:73:a0:ac:
6c:f6:80:cb:8f:91:cb:11:67:24:10:ec:a8:a3:2e:
9e:3d:32:8b:76:9d:20:01:5c:05:cc:41:36:9b:62:
a4:65:1f:10:1d:9c:10:2f:45:4e:b7:9a:74:e7:d3:
a3:9f:1c:65:8a:e1:41:14:e7:6d:b6:0c:f2:f2:29:
6e:75:2e:7d:8d:38:9f:a6:27:8e:5d:19:83:c1:75:
95:a6:3a:9a:df:b1:de:5d:d7:a1:80:db:6b:99:e1:
4f:a5:ba:f5:9a:71:d0:dc:9d:84:d2:2b:87:92:c1:
a0:cb:1a:18:ab:ef:73:91:f0:39:50:b4:0a:22:31:
71:4f:00:a9:af:0e:45:d8:2b:28:70:27:50:da:35:
ba:65:b6:bf:8c:da:7a:f6:3f:84:23:b6:58:6d:ba:
75:5d:42:17:65:f2:58:d8:ea:94:45:53:ed:46:57:
42:2e:80:99:15:f0:df:30:ae:32:c7:3b:89:8f:ac:
f2:d4:27:0b:75:d9:77:68:f1:07:eb:f4:68:ed:04:
a6:17:ca:29:b7:63:49:a0:08:7a:d0:63:66:ca:90:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A7:14:1A:9E:83:1D:E9:16:D3:26:2A:40:C9:4B:45:28:81:CD:30
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Z6cUGp6DHekW0yYqQMlLRSiBzTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.149.0/24
194.87.161.0/24
194.87.163.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a3:fa:3a:25:cc:35:89:20:39:18:1f:27:a0:c8:be:8a:7f:
7a:bb:94:92:af:e6:4e:ed:a9:41:f6:37:b5:70:bf:74:b1:b3:
bf:46:87:8d:3d:ac:ae:9c:6b:8d:8b:bf:8b:d0:6a:61:de:94:
ae:94:9c:ad:53:47:fa:a7:36:f4:94:c0:98:63:54:24:9b:84:
8d:19:d1:c5:f8:b9:d7:4f:bf:74:0f:96:b3:2e:9a:27:8e:0a:
14:b0:6a:65:0d:07:1d:2f:5c:e8:22:7f:1a:2d:95:d8:93:6c:
ab:99:1f:14:be:c4:86:70:a7:f2:35:ac:a4:85:a1:6b:6a:c0:
8f:90:7b:9b:cc:30:a9:f2:1f:67:8a:02:f1:45:d1:02:8e:73:
de:e7:45:cb:89:48:f0:58:b7:76:48:d9:30:6f:e4:90:79:cb:
96:cf:e3:35:3d:4f:a7:a1:57:f4:99:bd:22:00:22:04:d6:be:
16:77:36:ea:5f:70:84:92:a1:ec:d7:f7:b0:f2:2a:5f:ad:d2:
eb:1f:d3:ce:0f:55:64:c2:02:b2:44:2c:4a:2b:a8:42:ee:be:
a2:19:3d:63:ab:f1:08:ce:cb:b2:ab:ce:97:83:f8:ec:a4:f5:
1b:50:fe:df:98:af:47:ff:8e:11:1c:f9:e4:f8:28:54:13:35:
1b:ab:cf:14
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjZwZ7722zNTZ0Htfc+IhkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIwMTcwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E3MTQxYTllODMxZGU5MTZkMzI2MmE0MGM5NGI0NTI4ODFjZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8+LomxAeEqAU5uHQxDmMP7oSAXQ
hp9m+mHSdFqAid95JMXPxksAe+NzoKxs9oDLj5HLEWckEOyooy6ePTKLdp0gAVwF
zEE2m2KkZR8QHZwQL0VOt5p059OjnxxliuFBFOdttgzy8iludS59jTifpieOXRmD
wXWVpjqa37HeXdehgNtrmeFPpbr1mnHQ3J2E0iuHksGgyxoYq+9zkfA5ULQKIjFx
TwCprw5F2CsocCdQ2jW6Zba/jNp69j+EI7ZYbbp1XUIXZfJY2OqURVPtRldCLoCZ
FfDfMK4yxzuJj6zy1CcLddl3aPEH6/Ro7QSmF8opt2NJoAh60GNmypCIlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGenFBqegx3pFtMmKkDJS0Uogc0wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWjZjVUdwNkRIZWtXMHlZcVFNbExSU2lCelRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwvAwQA
wleVAwQAwlehAwQAwlejAwQAwlfPMA0GCSqGSIb3DQEBCwUAA4IBAQCGo/o6Jcw1
iSA5GB8noMi+in96u5SSr+ZO7alB9je1cL90sbO/RoeNPayunGuNi7+L0Gph3pSu
lJytU0f6pzb0lMCYY1Qkm4SNGdHF+LnXT790D5azLponjgoUsGplDQcdL1zoIn8a
LZXYk2yrmR8UvsSGcKfyNaykhaFrasCPkHubzDCp8h9nigLxRdECjnPe50XLiUjw
WLd2SNkwb+SQecuWz+M1PU+noVf0mb0iACIE1r4WdzbqX3CEkqHs1/ew8ipfrdLr
H9POD1VkwgKyRCxKK6hC7r6iGT1jq/EIzsuyq86Xg/jspPUbUP7fmK9H/44RHPnk
+ChUEzUbq88U
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org