Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_1YOeVRz9Ym_o_kft9qooZ1XpgE.roa
File: _1YOeVRz9Ym_o_kft9qooZ1XpgE.roa (raw, json)
Hash identifier: 6mtn1fDlAmbkCk/XeuCHN6bn1eizbznokckfEMqK7GQ=
Subject key identifier: FF:56:0E:79:54:73:F5:89:BF:A3:F9:1F:B7:DA:A8:A1:9D:57:A6:01
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018756E999313F5E41832902760986363AF6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_1YOeVRz9Ym_o_kft9qooZ1XpgE.roa
Signing time: Thu 06 Apr 2023 14:12:42 +0000
ROA not before: Thu 06 Apr 2023 14:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.26.0/23 maxlen: 24
195.133.52.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:e9:99:31:3f:5e:41:83:29:02:76:09:86:36:3a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 14:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff560e795473f589bfa3f91fb7daa8a19d57a601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5e:28:2d:fe:8f:b9:61:a7:54:fd:9e:ba:2a:
28:36:88:48:a8:2d:d4:69:5c:0a:ef:fc:f2:b4:85:
1f:d2:03:2c:3f:25:f0:f2:7f:d5:e9:fa:47:0d:5f:
a9:6d:56:c8:3a:4f:0e:30:66:e0:41:e1:43:27:3f:
a4:aa:37:21:7f:63:ec:60:9a:81:10:3f:55:e4:8c:
fe:0a:44:e6:70:40:59:e7:a7:30:d9:e0:46:0d:ba:
26:93:22:e4:a3:c1:bd:c7:e3:79:25:bb:8e:a5:f2:
f3:8e:1f:e2:93:d1:23:5f:02:94:b5:5f:67:5c:b5:
4a:ec:94:3b:76:43:a7:25:2a:e3:45:64:b8:03:9b:
f0:b7:93:3c:67:b2:eb:b7:34:95:bd:77:db:d2:46:
69:74:1f:6c:b1:8a:8a:7f:18:dc:5a:5d:4c:11:a3:
71:c2:04:99:78:64:e6:5e:d1:e5:46:41:d5:ec:3f:
1b:77:f0:0b:8c:bf:70:1b:93:e8:1b:da:39:41:05:
25:96:04:00:00:4e:c7:9d:b6:cc:88:e9:ec:d4:08:
7b:91:1b:c3:35:d2:bf:15:6b:be:ce:d3:bb:68:01:
75:0a:9e:a1:4b:f8:aa:48:ec:1c:6e:42:68:0f:d9:
36:74:5f:bd:34:27:38:2d:71:8d:36:1c:09:bf:67:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:0E:79:54:73:F5:89:BF:A3:F9:1F:B7:DA:A8:A1:9D:57:A6:01
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_1YOeVRz9Ym_o_kft9qooZ1XpgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.118.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:5f:a8:70:81:3c:14:d9:a6:5f:19:ca:c5:8b:9f:88:3a:02:
12:c5:d7:03:4d:cd:a6:a6:b6:d5:bf:f0:c0:bc:90:e6:d0:13:
83:5a:22:27:ee:1d:47:62:ff:5c:db:41:71:b5:05:bb:f0:5b:
91:b0:7c:b4:e7:d5:cc:b9:e5:27:91:ca:dc:42:6c:c8:b4:be:
f2:bb:4c:72:66:5c:5f:6a:6e:01:c0:a5:21:04:95:5c:a1:2f:
9a:ca:8f:01:09:92:a3:76:d2:8d:76:98:bc:f4:2a:bd:e7:d2:
63:5c:6a:4e:2d:73:4b:9b:aa:f6:cb:d9:77:b7:ac:d2:a6:04:
10:5c:7d:c7:94:d3:5d:f6:7e:89:18:be:db:51:d5:6d:7a:e6:
52:c8:69:d0:72:47:5e:8e:8e:7b:97:23:49:e1:a9:99:ca:82:
c7:69:bc:be:3a:37:40:cd:ee:d6:d2:3e:e2:00:7c:17:3c:7e:
64:01:e8:ec:95:80:f4:34:b7:5b:5e:68:c6:76:e5:76:88:e9:
17:3c:17:72:58:1a:3e:a7:40:fa:52:52:bb:53:e6:c0:3c:68:
62:5d:9b:6b:3a:7a:fb:c7:dc:2a:15:50:8f:51:82:f5:f9:00:
25:b4:f6:9b:16:d7:47:59:a8:a7:59:1c:fa:0b:e0:c0:85:76:
dc:7a:86:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdW6ZkxP15BgykCdgmGNjr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTQxMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU2MGU3OTU0NzNmNTg5YmZhM2Y5MWZiN2RhYThhMTlkNTdhNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp14oLf6PuWGnVP2euiooNohIqC3U
aVwK7/zytIUf0gMsPyXw8n/V6fpHDV+pbVbIOk8OMGbgQeFDJz+kqjchf2PsYJqB
ED9V5Iz+CkTmcEBZ56cw2eBGDbomkyLko8G9x+N5JbuOpfLzjh/ik9EjXwKUtV9n
XLVK7JQ7dkOnJSrjRWS4A5vwt5M8Z7LrtzSVvXfb0kZpdB9ssYqKfxjcWl1MEaNx
wgSZeGTmXtHlRkHV7D8bd/ALjL9wG5PoG9o5QQUllgQAAE7HnbbMiOns1Ah7kRvD
NdK/FWu+ztO7aAF1Cp6hS/iqSOwcbkJoD9k2dF+9NCc4LXGNNhwJv2fxnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP9WDnlUc/WJv6P5H7faqKGdV6YBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvXzFZT2VWUno5WW1fb19rZnQ5cW9vWjFYcGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwld2AwQB
w4UKAwQBw4UaAwQBw4U0AwQAw4U7MA0GCSqGSIb3DQEBCwUAA4IBAQB6X6hwgTwU
2aZfGcrFi5+IOgISxdcDTc2mprbVv/DAvJDm0BODWiIn7h1HYv9c20FxtQW78FuR
sHy059XMueUnkcrcQmzItL7yu0xyZlxfam4BwKUhBJVcoS+ayo8BCZKjdtKNdpi8
9Cq959JjXGpOLXNLm6r2y9l3t6zSpgQQXH3HlNNd9n6JGL7bUdVteuZSyGnQckde
jo57lyNJ4amZyoLHaby+OjdAze7W0j7iAHwXPH5kAejslYD0NLdbXmjGduV2iOkX
PBdyWBo+p0D6UlK7U+bAPGhiXZtrOnr7x9wqFVCPUYL1+QAltPabFtdHWainWRz6
C+DAhXbceobk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org