Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c8ntwt13kPShakAIJWgR1uwMIaA.roa
File: c8ntwt13kPShakAIJWgR1uwMIaA.roa (raw, json)
Hash identifier: s5bwoRijNXITYf4kifK4OxDRLlVF3q8lAEJukv+LXpQ=
Subject key identifier: 73:C9:ED:C2:DD:77:90:F4:A1:6A:40:08:25:68:11:D6:EC:0C:21:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01889E5D927470621C3DFD515AD00C532F7C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c8ntwt13kPShakAIJWgR1uwMIaA.roa
Signing time: Fri 09 Jun 2023 04:15:12 +0000
ROA not before: Fri 09 Jun 2023 04:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 194.87.220.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:5d:92:74:70:62:1c:3d:fd:51:5a:d0:0c:53:2f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 9 04:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73c9edc2dd7790f4a16a4008256811d6ec0c21a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:29:3b:df:fc:84:28:5c:de:ce:ba:b2:75:
f6:07:c4:fc:0f:4b:9f:67:77:83:84:06:2d:60:d8:
15:b8:31:bd:9b:94:7f:af:76:34:15:5f:35:8a:92:
29:16:37:9b:a9:ec:63:61:33:48:7c:be:b5:d4:ef:
53:3f:2e:46:23:fb:e7:d6:13:6d:e2:5a:8c:28:fd:
e2:56:16:e2:e5:27:ac:17:91:54:b3:3d:0a:df:a2:
b7:6e:b2:4b:c9:fc:40:1b:a7:72:54:4d:79:3d:a9:
00:ea:27:5e:8a:fa:c2:42:84:ab:33:f7:90:cd:58:
6d:46:79:77:01:67:b6:11:39:1c:28:d3:fd:2e:d4:
93:5f:25:1e:30:9d:12:33:6f:d7:06:98:cd:85:c4:
f4:23:4c:9d:4c:e3:6a:7a:e6:58:9e:7c:07:75:82:
44:85:2f:ab:6e:8e:aa:c2:83:bd:59:b9:05:ef:9d:
9a:19:80:f2:cb:01:25:fc:31:65:0b:2d:32:93:18:
69:28:ab:d9:45:a5:09:bc:7e:b6:3e:ca:5c:86:df:
05:ab:a4:25:a6:ed:bd:b2:0b:b7:a9:38:fc:4e:00:
6a:ba:6c:7f:8f:4b:51:de:7c:02:f9:29:75:68:44:
c0:37:9d:c8:74:a8:9a:a0:7b:20:11:b0:ba:1f:6d:
69:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C9:ED:C2:DD:77:90:F4:A1:6A:40:08:25:68:11:D6:EC:0C:21:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c8ntwt13kPShakAIJWgR1uwMIaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
194.58.58.0/24
194.87.220.0/24
195.58.63.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:b5:c0:f8:b6:8d:14:c6:cb:df:58:6c:a3:56:95:a5:6b:46:
10:18:70:4f:87:dc:29:6a:28:7e:98:e1:c3:b0:cc:9a:ea:9e:
9f:8f:1c:ae:0f:54:3d:81:58:4a:cf:4c:ad:94:cb:00:10:b5:
e5:97:fe:ee:e8:d2:98:c6:98:dc:63:59:8d:fd:f9:6d:82:2f:
52:ae:6d:5d:32:e9:99:32:50:e6:b6:31:19:c8:b7:9e:b8:ac:
42:b1:c2:c5:7a:e2:8a:e2:4b:34:df:66:24:90:38:a0:a2:72:
41:f0:b0:50:d5:7a:4d:f0:9e:14:4a:c8:14:41:35:f0:59:45:
97:ee:6b:61:ac:82:1f:0c:d5:3c:ca:e1:99:7d:0f:1e:a7:cc:
9a:54:d8:69:58:ff:9d:22:68:2d:9f:36:07:2b:8a:52:20:19:
1c:37:85:85:19:5f:48:4e:b0:fa:fb:34:db:3e:dc:90:64:bb:
39:6a:b7:95:d9:77:7a:2c:f7:e0:2b:1c:7b:19:9e:05:ae:ea:
a7:62:41:51:a0:00:94:73:f8:5f:d2:d9:e8:5a:bd:88:ec:4a:
e9:88:38:51:0e:e3:00:76:61:f4:14:3c:04:e5:fa:35:7b:2a:
6d:fa:10:d3:6a:ff:29:3e:73:be:fb:be:3f:5f:7c:dd:3b:f5:
42:22:5f:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYieXZJ0cGIcPf1RWtAMUy98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA5MDQxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M5ZWRjMmRkNzc5MGY0YTE2YTQwMDgyNTY4MTFkNmVjMGMyMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH0pO9/8hChc3s66snX2B8T8D0uf
Z3eDhAYtYNgVuDG9m5R/r3Y0FV81ipIpFjebqexjYTNIfL611O9TPy5GI/vn1hNt
4lqMKP3iVhbi5SesF5FUsz0K36K3brJLyfxAG6dyVE15PakA6ideivrCQoSrM/eQ
zVhtRnl3AWe2ETkcKNP9LtSTXyUeMJ0SM2/XBpjNhcT0I0ydTONqeuZYnnwHdYJE
hS+rbo6qwoO9WbkF752aGYDyywEl/DFlCy0ykxhpKKvZRaUJvH62Pspcht8Fq6Ql
pu29sgu3qTj8TgBqumx/j0tR3nwC+Sl1aETAN53IdKiaoHsgEbC6H21p0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHPJ7cLdd5D0oWpACCVoEdbsDCGgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYzhudHd0MTNrUFNoYWtBSUpXZ1IxdXdNSWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwtAwQA
wjo6AwQAwlfcAwQAwzo/AwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQBftcD4to0U
xsvfWGyjVpWla0YQGHBPh9wpaih+mOHDsMya6p6fjxyuD1Q9gVhKz0ytlMsAELXl
l/7u6NKYxpjcY1mN/fltgi9Srm1dMumZMlDmtjEZyLeeuKxCscLFeuKK4ks032Yk
kDigonJB8LBQ1XpN8J4USsgUQTXwWUWX7mthrIIfDNU8yuGZfQ8ep8yaVNhpWP+d
ImgtnzYHK4pSIBkcN4WFGV9ITrD6+zTbPtyQZLs5areV2Xd6LPfgKxx7GZ4Fruqn
YkFRoACUc/hf0tnoWr2I7ErpiDhRDuMAdmH0FDwE5fo1eypt+hDTav8pPnO++74/
X3zdO/VCIl/D
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org