Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aT5xT66H2fA-jlllsW3L0z003zc.roa
File: aT5xT66H2fA-jlllsW3L0z003zc.roa (raw, json)
Hash identifier: EWLlNayZ0Bq1Ro/Fm80r4TlY5BpbCl8DIgwVnUKbGsQ=
Subject key identifier: 69:3E:71:4F:AE:87:D9:F0:3E:8E:59:65:B1:6D:CB:D3:3D:34:DF:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01876A2379F92992055AA3D5C3F49506404E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aT5xT66H2fA-jlllsW3L0z003zc.roa
Signing time: Mon 10 Apr 2023 07:48:42 +0000
ROA not before: Mon 10 Apr 2023 07:48:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 212.192.212.0/22 maxlen: 24
195.58.34.0/24 maxlen: 24
212.192.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:23:79:f9:29:92:05:5a:a3:d5:c3:f4:95:06:40:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 07:48:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=693e714fae87d9f03e8e5965b16dcbd33d34df37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9c:ef:0b:a8:b9:f8:a5:12:fe:65:06:d5:a3:
97:8f:21:01:d1:4d:77:33:bf:0f:86:85:9d:48:8c:
0b:d1:91:4d:8e:8b:34:7a:df:24:c5:c1:f3:f5:ee:
a3:26:8f:bc:2e:ef:bc:4a:42:ff:c7:11:5b:fb:fd:
12:40:f0:3f:45:51:f9:f8:47:76:b2:bc:7d:13:f3:
96:cf:de:07:cb:4e:5b:b3:9d:76:bf:f7:17:33:31:
d0:bc:51:8b:c0:dd:62:f2:ce:70:f2:df:21:cf:23:
0b:7a:09:ad:8d:bd:8f:cd:a8:f0:8a:2f:82:65:f6:
62:95:e0:2e:27:50:cb:c0:e8:3f:eb:94:53:ed:de:
da:39:22:37:e3:bd:b1:23:59:bd:ba:54:b5:7d:2a:
28:99:15:8d:e4:e5:01:bc:38:b8:6a:32:c5:62:80:
eb:4f:27:e6:8c:6d:e1:ca:62:88:da:08:4d:0f:2b:
70:1b:47:84:a8:ce:fb:88:5f:6e:7e:d8:82:8e:75:
9c:82:45:1e:24:59:72:b3:10:6e:15:4d:72:3d:0a:
0f:d5:74:77:0e:9a:ef:27:9b:c1:37:8a:22:a4:2d:
a7:66:7b:93:71:53:1e:f3:f3:b7:89:82:46:df:29:
97:6a:32:ae:37:6c:c5:1d:b7:ce:c3:2c:b1:b8:6f:
06:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3E:71:4F:AE:87:D9:F0:3E:8E:59:65:B1:6D:CB:D3:3D:34:DF:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aT5xT66H2fA-jlllsW3L0z003zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.34.0/24
212.192.212.0/22
212.192.252.0/22
Signature Algorithm: sha256WithRSAEncryption
24:b0:6c:e0:61:e2:86:69:cb:aa:7a:2d:63:ee:dd:fc:f0:82:
f6:d7:4f:82:1b:21:9b:41:63:72:91:d2:ed:d1:af:15:e6:c4:
5b:1b:d3:32:9b:92:e0:ef:d3:f8:db:e9:15:ef:2f:c5:88:e4:
4c:5a:59:cb:13:4d:05:14:19:94:1b:7e:18:2b:81:9f:4f:c3:
39:8d:7b:c0:c9:be:03:b0:cf:ed:55:96:3a:92:07:0c:45:51:
64:b0:c0:20:f4:d6:e5:d1:2f:c1:4b:a1:2d:3e:86:b7:38:7f:
83:8d:1f:d3:47:ea:e9:31:f0:20:d0:a1:c1:c5:c4:f7:b1:08:
c9:2b:fb:f1:c5:bc:33:d6:3e:97:72:1a:da:c2:c0:60:7b:3f:
39:60:f6:05:e9:ed:9f:0a:9d:86:35:cd:a1:7c:02:c9:c5:ef:
2a:ee:07:c0:f0:3a:3f:67:ff:92:4f:6f:4f:15:4b:24:66:9f:
64:7b:bf:59:5e:7f:94:7a:af:79:42:8a:2f:eb:df:3a:c6:8c:
2a:7c:1e:42:ba:d4:9b:ec:ec:c5:26:25:d5:98:92:12:7c:f5:
7c:c1:fb:b6:5c:00:de:94:50:6f:58:ef:9c:3d:0b:80:b3:f2:
f4:30:6d:9a:8c:f0:f5:16:08:e7:51:4f:cc:61:eb:75:6b:29:
5a:56:f3:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdqI3n5KZIFWqPVw/SVBkBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDEwMDc0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNlNzE0ZmFlODdkOWYwM2U4ZTU5NjViMTZkY2JkMzNkMzRkZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJzvC6i5+KUS/mUG1aOXjyEB0U13
M78PhoWdSIwL0ZFNjos0et8kxcHz9e6jJo+8Lu+8SkL/xxFb+/0SQPA/RVH5+Ed2
srx9E/OWz94Hy05bs512v/cXMzHQvFGLwN1i8s5w8t8hzyMLegmtjb2Pzajwii+C
ZfZileAuJ1DLwOg/65RT7d7aOSI3472xI1m9ulS1fSoomRWN5OUBvDi4ajLFYoDr
TyfmjG3hymKI2ghNDytwG0eEqM77iF9uftiCjnWcgkUeJFlysxBuFU1yPQoP1XR3
DprvJ5vBN4oipC2nZnuTcVMe8/O3iYJG3ymXajKuN2zFHbfOwyyxuG8GzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGk+cU+uh9nwPo5ZZbFty9M9NN83MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYVQ1eFQ2NkgyZkEtamxsbHNXM0wwejAwM3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwzoiAwQC
1MDUAwQC1MD8MA0GCSqGSIb3DQEBCwUAA4IBAQAksGzgYeKGacuqei1j7t388IL2
10+CGyGbQWNykdLt0a8V5sRbG9Mym5Lg79P42+kV7y/FiORMWlnLE00FFBmUG34Y
K4GfT8M5jXvAyb4DsM/tVZY6kgcMRVFksMAg9Nbl0S/BS6EtPoa3OH+DjR/TR+rp
MfAg0KHBxcT3sQjJK/vxxbwz1j6XchrawsBgez85YPYF6e2fCp2GNc2hfALJxe8q
7gfA8Do/Z/+ST29PFUskZp9ke79ZXn+Ueq95Qoov6986xowqfB5CutSb7OzFJiXV
mJISfPV8wfu2XADelFBvWO+cPQuAs/L0MG2ajPD1FgjnUU/MYet1aylaVvOP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:07 2023 by rpki-client on console-fra.rpki-client.org