Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUILkpHhVGhXRHnpt7Gr8n0A-QM.roa
File: bUILkpHhVGhXRHnpt7Gr8n0A-QM.roa (raw, json)
Hash identifier: MyZj4E1O+tenwslBUOoX6vhxcFoebADqvONeHAnh5JU=
Subject key identifier: 6D:42:0B:92:91:E1:54:68:57:44:79:E9:B7:B1:AB:F2:7D:00:F9:03
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C6799DE683C833D00E2DB642AC45F6821
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUILkpHhVGhXRHnpt7Gr8n0A-QM.roa
Signing time: Thu 14 Dec 2023 09:13:06 +0000
ROA not before: Thu 14 Dec 2023 09:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:99:de:68:3c:83:3d:00:e2:db:64:2a:c4:5f:68:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 14 09:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d420b9291e15468574479e9b7b1abf27d00f903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1c:00:e3:ef:fb:74:fd:68:30:c7:e3:46:d6:
16:73:cc:68:d9:6f:61:7f:9b:f4:20:5d:15:4d:8d:
74:33:14:9e:ac:b0:64:b3:3b:b0:c9:db:e4:3b:ea:
e0:ac:7c:a9:31:03:b0:72:4e:15:af:aa:14:35:ed:
29:96:bf:47:a7:00:ae:25:3d:b9:fd:e6:8c:d4:ac:
f1:e6:a4:d9:d9:b5:47:7c:4c:17:6f:7c:8a:9d:c7:
ca:3e:d6:2b:66:4c:90:63:62:a5:ef:6c:99:88:9c:
bd:84:f1:e9:80:b7:71:a4:62:8c:db:1f:4c:e9:e4:
da:ef:1c:6d:e5:8e:b9:22:91:b7:64:5a:c1:2c:04:
a1:17:45:29:07:db:ba:9c:76:f4:ba:27:c5:9a:1c:
23:a2:5d:ef:bf:d1:21:72:5b:f9:21:b8:fa:e8:8c:
44:c4:1f:3a:3a:81:8b:4d:00:5b:2f:ce:92:93:74:
92:4b:e1:d5:b1:da:5d:11:de:ea:c2:4f:e8:28:70:
77:2b:5a:30:5a:94:3d:67:11:3f:ef:24:30:15:69:
d9:5e:f6:22:3a:ba:55:53:7b:1d:77:ae:45:07:9e:
38:70:8b:04:b6:5b:c8:e7:61:76:f2:c8:06:03:da:
20:bd:81:7f:ff:31:85:ad:28:39:02:12:26:fc:b7:
eb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:42:0B:92:91:E1:54:68:57:44:79:E9:B7:B1:AB:F2:7D:00:F9:03
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bUILkpHhVGhXRHnpt7Gr8n0A-QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.200.0/24
194.58.154.0/24
194.87.190.0/24
194.87.215.0/24
212.192.217.0/24
Signature Algorithm: sha256WithRSAEncryption
25:b3:99:95:73:e5:80:d1:70:2e:49:6e:d0:3a:23:a1:7d:7c:
ae:80:d8:73:a7:39:e9:08:b6:ae:c7:a4:c9:c5:ef:17:f4:29:
34:b6:e1:fb:72:1a:04:eb:af:b8:2a:92:83:2c:e7:d7:7c:75:
48:59:37:fa:d0:78:f7:2d:01:cc:a8:e1:4f:17:15:34:c2:50:
01:75:ac:51:8c:d4:6a:8d:46:9e:11:10:69:8c:75:b3:8b:ac:
4a:36:79:4e:af:68:84:f2:26:20:c1:52:5b:3e:f2:58:2a:ea:
8b:fe:19:57:06:46:d0:35:68:9f:c3:2d:41:0a:0d:d4:02:db:
6f:d8:23:45:fd:09:61:6e:b3:6b:1e:ed:c5:2a:09:94:11:3f:
0c:ed:13:b1:4a:95:5b:2f:bb:67:d9:b1:2c:35:25:c5:6f:6f:
2e:07:79:79:1c:e1:2e:79:83:d3:f1:a5:dc:76:98:d1:f1:cf:
c1:ef:96:77:f4:6a:82:bf:df:21:1c:1e:49:59:1d:b0:4b:44:
0b:86:90:c2:35:e2:ec:76:dc:89:68:e1:cf:8f:ec:c3:57:02:
ac:3d:ce:e4:fa:7e:34:a2:86:f6:3f:5d:4f:b1:c3:a6:8f:42:
8d:e2:9c:4f:ea:25:10:55:78:4b:ac:8e:e8:76:a6:bd:2d:b7:
f3:67:2d:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxnmd5oPIM9AOLbZCrEX2ghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE0MDkxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQyMGI5MjkxZTE1NDY4NTc0NDc5ZTliN2IxYWJmMjdkMDBmOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxwA4+/7dP1oMMfjRtYWc8xo2W9h
f5v0IF0VTY10MxSerLBkszuwydvkO+rgrHypMQOwck4Vr6oUNe0plr9HpwCuJT25
/eaM1Kzx5qTZ2bVHfEwXb3yKncfKPtYrZkyQY2Kl72yZiJy9hPHpgLdxpGKM2x9M
6eTa7xxt5Y65IpG3ZFrBLAShF0UpB9u6nHb0uifFmhwjol3vv9Ehclv5Ibj66IxE
xB86OoGLTQBbL86Sk3SSS+HVsdpdEd7qwk/oKHB3K1owWpQ9ZxE/7yQwFWnZXvYi
OrpVU3sdd65FB544cIsEtlvI52F28sgGA9ogvYF//zGFrSg5AhIm/LfrTwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG1CC5KR4VRoV0R56bexq/J9APkDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYlVJTGtwSGhWR2hYUkhucHQ3R3I4bjBBLVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwHAwQA
wXzIAwQAwjqaAwQAwle+AwQAwlfXAwQA1MDZMA0GCSqGSIb3DQEBCwUAA4IBAQAl
s5mVc+WA0XAuSW7QOiOhfXyugNhzpznpCLaux6TJxe8X9Ck0tuH7choE66+4KpKD
LOfXfHVIWTf60Hj3LQHMqOFPFxU0wlABdaxRjNRqjUaeERBpjHWzi6xKNnlOr2iE
8iYgwVJbPvJYKuqL/hlXBkbQNWifwy1BCg3UAttv2CNF/QlhbrNrHu3FKgmUET8M
7ROxSpVbL7tn2bEsNSXFb28uB3l5HOEueYPT8aXcdpjR8c/B75Z39GqCv98hHB5J
WR2wS0QLhpDCNeLsdtyJaOHPj+zDVwKsPc7k+n40oob2P11PscOmj0KN4pxP6iUQ
VXhLrI7odqa9LbfzZy34
-----END CERTIFICATE-----
Generated at Fri Dec 15 10:55:40 2023 by rpki-client on console-fra.rpki-client.org