Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b7ROeY9vLzLMK90hPCqLkI6Kl78.roa
File: b7ROeY9vLzLMK90hPCqLkI6Kl78.roa (raw, json)
Hash identifier: aI103zwUOTRLuyH3K8RQh+2DW3GYIK5/TC1H0bpzWBM=
Subject key identifier: 6F:B4:4E:79:8F:6F:2F:32:CC:2B:DD:21:3C:2A:8B:90:8E:8A:97:BF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189D3C08F0D6884B2EDE030577BA70A3893
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b7ROeY9vLzLMK90hPCqLkI6Kl78.roa
Signing time: Tue 08 Aug 2023 06:05:59 +0000
ROA not before: Tue 08 Aug 2023 06:05:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.7.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:c0:8f:0d:68:84:b2:ed:e0:30:57:7b:a7:0a:38:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 8 06:05:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fb44e798f6f2f32cc2bdd213c2a8b908e8a97bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9a:64:9d:ff:80:92:98:31:f4:12:ba:0b:96:
41:a3:06:10:75:66:79:45:3e:d4:ca:e1:d7:ff:39:
31:0e:b4:95:64:89:24:a2:fe:25:42:18:c8:c3:06:
e0:92:1b:19:ee:c0:3a:e2:2e:7b:37:be:13:a3:c8:
24:af:dd:74:05:f4:ad:fb:db:e2:44:c4:bc:9f:fd:
fd:df:e1:1f:d6:12:a7:bd:49:c1:ce:ac:56:77:52:
3e:72:37:0d:91:94:62:9d:96:13:bd:6a:e6:40:96:
c3:03:68:3e:41:57:e2:6c:6a:0e:2e:ac:cd:43:59:
d3:19:f8:55:03:16:3b:39:13:bf:f0:77:2a:76:c1:
ca:e5:a8:9e:c6:e8:74:cc:8e:6d:b3:71:5d:ca:51:
0c:b9:bc:12:4f:33:e2:a7:21:cb:ec:18:89:2c:88:
cc:50:c8:85:1c:b6:3f:04:28:fd:b9:4c:d9:8b:12:
65:ed:7d:f6:7d:c9:bd:c4:26:a7:90:ec:aa:bf:7a:
18:a4:fb:ea:95:1f:a2:4e:b7:dd:38:b2:e7:7e:0f:
09:d0:b2:04:0f:d4:09:f9:2d:3a:3f:ec:eb:34:7f:
29:fc:40:54:33:36:9c:83:4f:11:c2:42:8b:34:39:
87:70:94:4f:d8:dc:77:f9:85:88:90:7d:38:17:fa:
1a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B4:4E:79:8F:6F:2F:32:CC:2B:DD:21:3C:2A:8B:90:8E:8A:97:BF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b7ROeY9vLzLMK90hPCqLkI6Kl78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.87.7.0/24
194.87.25.0/24
194.87.51.0/24
194.87.54.0/23
194.87.163.0/24
195.58.35.0/24
195.58.38.0/24
195.133.14.0/24
195.133.195.0/24
Signature Algorithm: sha256WithRSAEncryption
97:91:5b:6a:dd:cf:0d:5c:f4:6c:b5:af:01:45:8c:5c:85:eb:
f7:5e:d5:6b:9e:4f:1b:6e:c4:70:da:d9:b3:90:9e:0d:64:4b:
ae:70:71:fc:3a:c8:d4:8c:48:cb:9a:7f:5c:de:d5:ec:e8:33:
0a:94:ff:7a:72:f8:87:41:e9:8e:2d:04:da:e5:9d:b3:c3:8e:
6f:43:78:86:99:a0:ba:a5:fe:c6:04:c6:05:f4:5f:3c:ee:0a:
e2:fb:c6:d5:7b:4a:ac:ce:fb:6a:83:ba:dc:bf:87:e0:0c:c6:
bb:2a:b7:e9:98:6b:f8:0f:bf:c6:eb:c0:60:df:bc:a0:5e:91:
60:7e:84:9c:65:39:ef:18:3f:35:5f:30:08:73:b3:0a:a3:1b:
55:4b:ab:9d:09:97:1e:b9:50:ca:be:57:60:88:1d:d3:59:8b:
ba:11:83:0d:3d:d7:72:c4:c3:c0:ea:ef:5a:d0:ad:9b:48:1a:
8a:4b:1c:49:31:52:4a:7a:54:53:ce:cc:cb:1a:23:ad:2b:18:
72:d3:cb:f4:56:ca:10:f6:52:ff:36:40:20:a4:63:a7:47:78:
96:37:88:cf:f6:99:42:7a:1f:fc:02:d8:fd:2e:bc:a5:b4:d8:
2c:1d:48:87:f7:8d:07:70:df:72:29:51:da:bd:b9:60:12:6c:
e1:d3:c1:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYnTwI8NaISy7eAwV3unCjiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA4MDYwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI0NGU3OThmNmYyZjMyY2MyYmRkMjEzYzJhOGI5MDhlOGE5N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkppknf+Akpgx9BK6C5ZBowYQdWZ5
RT7UyuHX/zkxDrSVZIkkov4lQhjIwwbgkhsZ7sA64i57N74To8gkr910BfSt+9vi
RMS8n/393+Ef1hKnvUnBzqxWd1I+cjcNkZRinZYTvWrmQJbDA2g+QVfibGoOLqzN
Q1nTGfhVAxY7ORO/8HcqdsHK5aiexuh0zI5ts3FdylEMubwSTzPipyHL7BiJLIjM
UMiFHLY/BCj9uUzZixJl7X32fcm9xCankOyqv3oYpPvqlR+iTrfdOLLnfg8J0LIE
D9QJ+S06P+zrNH8p/EBUMzacg08RwkKLNDmHcJRP2Nx3+YWIkH04F/oagQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG+0TnmPby8yzCvdITwqi5COipe/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYjdST2VZOXZMekxNSzkwaFBDcUxrSTZLbDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy1AwQA
wlcHAwQAwlcZAwQAwlczAwQBwlc2AwQAwlejAwQAwzojAwQAwzomAwQAw4UOAwQA
w4XDMA0GCSqGSIb3DQEBCwUAA4IBAQCXkVtq3c8NXPRsta8BRYxchev3XtVrnk8b
bsRw2tmzkJ4NZEuucHH8OsjUjEjLmn9c3tXs6DMKlP96cviHQemOLQTa5Z2zw45v
Q3iGmaC6pf7GBMYF9F887gri+8bVe0qszvtqg7rcv4fgDMa7KrfpmGv4D7/G68Bg
37ygXpFgfoScZTnvGD81XzAIc7MKoxtVS6udCZceuVDKvldgiB3TWYu6EYMNPddy
xMPA6u9a0K2bSBqKSxxJMVJKelRTzszLGiOtKxhy08v0VsoQ9lL/NkAgpGOnR3iW
N4jP9plCeh/8Atj9LryltNgsHUiH940HcN9yKVHavblgEmzh08HT
-----END CERTIFICATE-----
Generated at Thu Aug 17 11:28:51 2023 by rpki-client on console-fra.rpki-client.org