Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRv9votARkHWtGFKN9-bNprPW24.roa
File: aRv9votARkHWtGFKN9-bNprPW24.roa (raw, json)
Hash identifier: bJ73MUYH3DRMI9ccR4+WnoQGb53r6RQXs2LrPJ8cmBM=
Subject key identifier: 69:1B:FD:BE:8B:40:46:41:D6:B4:61:4A:37:DF:9B:36:9A:CF:5B:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB271B1E9A758E8AA9A42C0DB120EE4BA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRv9votARkHWtGFKN9-bNprPW24.roa
Signing time: Thu 09 Nov 2023 04:57:57 +0000
ROA not before: Thu 09 Nov 2023 04:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 194.87.220.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b2:71:b1:e9:a7:58:e8:aa:9a:42:c0:db:12:0e:e4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 9 04:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=691bfdbe8b404641d6b4614a37df9b369acf5b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:86:4e:db:ca:e9:39:dd:ec:1d:28:9c:66:
1c:29:b4:10:bd:dd:45:ce:eb:ae:a7:64:e7:12:c7:
2f:68:07:61:3c:f0:ef:9e:68:0b:60:da:c2:01:8a:
ab:59:3e:f1:00:19:38:90:29:96:27:88:1c:df:2e:
0f:20:d0:a8:ca:4d:2d:1b:26:75:78:8d:3f:f4:dc:
3e:87:89:7b:a1:57:46:b0:c9:3f:87:06:da:45:6a:
88:f1:35:db:b9:48:9d:81:62:01:bd:14:54:f6:4f:
14:d8:20:e1:9a:bd:65:49:ba:9d:56:4d:47:7b:f9:
8c:85:b9:30:04:c6:ae:8d:ad:9c:69:2a:62:a0:40:
9a:3e:70:c1:48:cb:96:ba:8e:81:97:bd:f0:6a:33:
db:3c:0c:22:a4:cc:b3:ff:60:2c:4b:2c:ee:f5:c0:
78:a3:cf:e6:a3:69:d8:7d:9c:f4:29:fb:e8:ad:ee:
5b:cd:32:3d:6f:29:72:46:e5:e9:0d:8b:d7:3c:c0:
1e:3f:78:ef:f4:bf:a8:94:c6:77:5e:35:94:4d:4a:
e6:3f:4b:00:9a:d3:aa:b9:0f:44:05:0f:d8:57:2d:
55:ab:20:6c:15:11:86:7b:6f:ed:18:2e:d1:7a:d5:
0e:b1:8c:fc:69:f5:77:6d:f3:0c:a7:32:70:98:76:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1B:FD:BE:8B:40:46:41:D6:B4:61:4A:37:DF:9B:36:9A:CF:5B:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aRv9votARkHWtGFKN9-bNprPW24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.220.0/24
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
09:60:57:27:b4:90:ea:c6:b1:3e:ec:a1:71:cb:99:cc:59:bd:
f7:9d:59:32:13:9b:72:f9:2f:92:bb:da:e7:2c:24:5c:33:c0:
23:24:34:6e:2d:f8:dc:89:21:ae:ca:02:c7:50:98:df:8a:01:
e6:50:7b:38:43:43:e8:b9:36:d9:5d:e1:e3:88:5a:91:a8:27:
e6:70:1f:7f:70:4c:ce:55:b4:ab:c0:34:6c:0d:3a:87:39:20:
d1:23:26:a7:d4:45:3d:b6:a5:de:15:42:f1:29:25:40:90:0b:
dd:3c:2a:57:5a:74:40:8e:d3:bf:45:30:35:72:5d:40:6b:de:
6f:4d:cd:20:3a:3e:13:03:88:4d:67:3d:4b:9b:fd:e5:b2:9b:
94:e6:03:a5:68:6a:27:3c:6f:97:9d:a8:85:a8:79:0b:92:95:
40:e0:29:e5:69:53:0c:ca:bd:13:e2:2d:ed:10:5c:5e:b4:f9:
7d:09:87:25:ef:75:e8:9b:3f:fb:7c:11:7b:43:33:d3:67:21:
73:86:ff:c0:06:0b:75:05:4f:d0:4a:f6:e7:d8:18:69:a7:0f:
ca:74:a4:82:b0:e7:3a:43:1c:a0:28:e0:db:98:50:d9:b9:b8:
16:39:8c:03:cc:7e:3c:75:9f:c1:cc:e9:39:87:5c:81:04:48:
96:59:83:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuycbHpp1joqppCwNsSDuS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA5MDQ1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFiZmRiZThiNDA0NjQxZDZiNDYxNGEzN2RmOWIzNjlhY2Y1YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTuGTtvK6Tnd7B0onGYcKbQQvd1F
zuuup2TnEscvaAdhPPDvnmgLYNrCAYqrWT7xABk4kCmWJ4gc3y4PINCoyk0tGyZ1
eI0/9Nw+h4l7oVdGsMk/hwbaRWqI8TXbuUidgWIBvRRU9k8U2CDhmr1lSbqdVk1H
e/mMhbkwBMauja2caSpioECaPnDBSMuWuo6Bl73wajPbPAwipMyz/2AsSyzu9cB4
o8/mo2nYfZz0Kfvore5bzTI9bylyRuXpDYvXPMAeP3jv9L+olMZ3XjWUTUrmP0sA
mtOquQ9EBQ/YVy1VqyBsFRGGe2/tGC7RetUOsYz8afV3bfMMpzJwmHbk/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGkb/b6LQEZB1rRhSjffmzaaz1tuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYVJ2OXZvdEFSa0hXdEdGS045LWJOcHJQVzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlfcAwQA
w4U/AwQA1MD2MA0GCSqGSIb3DQEBCwUAA4IBAQAJYFcntJDqxrE+7KFxy5nMWb33
nVkyE5ty+S+Su9rnLCRcM8AjJDRuLfjciSGuygLHUJjfigHmUHs4Q0PouTbZXeHj
iFqRqCfmcB9/cEzOVbSrwDRsDTqHOSDRIyan1EU9tqXeFULxKSVAkAvdPCpXWnRA
jtO/RTA1cl1Aa95vTc0gOj4TA4hNZz1Lm/3lspuU5gOlaGonPG+XnaiFqHkLkpVA
4CnlaVMMyr0T4i3tEFxetPl9CYcl73Xomz/7fBF7QzPTZyFzhv/ABgt1BU/QSvbn
2Bhppw/KdKSCsOc6QxygKODbmFDZubgWOYwDzH48dZ/BzOk5h1yBBEiWWYP6
-----END CERTIFICATE-----
Generated at Thu Nov 9 08:50:46 2023 by rpki-client on console-ams.rpki-client.org