Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF8XqZmnuV_6qkRlcnM6LLUoE54.roa
File: cF8XqZmnuV_6qkRlcnM6LLUoE54.roa (raw, json)
Hash identifier: gl7CKHpWz8MQj6pDrbtrry6dTJbYtxSMU00oDMku0rs=
Subject key identifier: 70:5F:17:A9:99:A7:B9:5F:FA:AA:44:65:72:73:3A:2C:B5:28:13:9E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A204CE747469AF279515F0B1F8C0BCD2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF8XqZmnuV_6qkRlcnM6LLUoE54.roa
Signing time: Thu 02 Mar 2023 11:11:09 +0000
ROA not before: Thu 02 Mar 2023 11:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:04:ce:74:74:69:af:27:95:15:f0:b1:f8:c0:bc:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 2 11:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=705f17a999a7b95ffaaa446572733a2cb528139e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:1a:33:6d:2a:36:94:c7:08:e4:66:c7:05:
7c:3f:1f:6f:f4:9e:18:df:3a:ee:97:a7:ba:f8:94:
72:a0:a6:4f:eb:41:a2:9f:d5:56:6b:df:ab:ec:e3:
73:6e:c2:fa:c3:c4:0d:c9:82:0f:6a:39:c3:b2:7a:
f4:e8:38:85:f0:95:5e:6a:84:5b:59:e8:63:1e:9b:
90:a8:10:fe:8c:92:a6:70:3f:3d:9d:58:8a:bb:fd:
87:39:f2:e9:63:e1:ab:39:7f:1a:ea:ce:97:1c:2b:
ab:b7:4e:d7:9d:65:aa:d6:d8:54:fa:5f:42:42:79:
d6:89:e9:f6:88:6e:25:bc:5b:8c:a0:13:5b:5c:79:
22:a4:90:71:c5:d5:1a:3a:9b:d4:35:82:60:6b:86:
68:65:c7:21:5b:80:a1:e0:3e:5a:26:ec:86:e9:28:
fb:8c:84:e3:8e:ce:37:7f:95:78:9f:d1:ab:34:b5:
8e:23:68:a8:94:2c:09:97:01:d2:16:20:08:cd:04:
6f:6c:97:ae:c6:33:90:4f:d4:ab:91:55:83:bd:99:
4d:31:ce:fe:6c:d4:23:b3:6e:26:7c:51:c2:e6:37:
30:81:d6:7d:38:ea:1d:5d:01:6c:c0:bc:6e:ce:ee:
bc:2b:22:fd:0a:c9:2e:0d:04:21:b0:b2:88:c4:fc:
3c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5F:17:A9:99:A7:B9:5F:FA:AA:44:65:72:73:3A:2C:B5:28:13:9E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cF8XqZmnuV_6qkRlcnM6LLUoE54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.82.0/24
194.87.191.0/24
194.87.219.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
95:35:f1:12:55:b6:d7:13:8e:10:11:68:73:62:ef:41:c5:10:
82:c9:61:52:5b:33:70:82:49:82:b7:1c:af:bc:5c:7b:32:1e:
c9:ae:42:94:02:96:b8:8c:d4:25:2b:87:f7:fa:9f:75:c2:42:
11:b2:71:97:ae:e7:ea:f2:a0:72:a4:e0:1f:6e:70:07:2b:71:
ab:fd:8d:2d:b0:46:91:a5:f6:09:1f:76:21:64:12:ef:3e:0a:
ab:63:a1:5d:8e:2d:0c:7f:e7:7f:d0:01:dc:76:85:8a:43:01:
7d:40:18:ce:cf:f3:8e:4b:6c:d3:88:80:76:4a:27:8e:6b:c8:
57:07:06:b7:19:14:7e:b7:30:7f:d1:b8:1d:1f:63:0a:a2:a0:
34:c1:54:d4:5d:7d:31:f6:a5:ac:e8:e3:ee:1d:34:19:a5:73:
58:a1:90:96:a5:c9:b4:1e:df:8c:d8:dd:95:48:aa:fc:81:76:
cd:8e:c5:55:73:fd:fd:19:35:8c:d9:c8:41:d9:c0:5e:58:a6:
e1:72:80:7f:7b:b0:fc:b2:c7:d0:99:6b:ee:52:a7:8d:2d:d8:
d8:9b:d1:bc:99:7e:1b:81:c8:fa:de:fe:59:74:03:ff:16:b6:
c1:b5:07:56:24:3a:16:93:01:78:96:86:8a:e5:cd:0e:50:8f:
c3:22:71:88
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaiBM50dGmvJ5UV8LH4wLzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAyMTExMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVmMTdhOTk5YTdiOTVmZmFhYTQ0NjU3MjczM2EyY2I1MjgxMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGEaM20qNpTHCORmxwV8Px9v9J4Y
3zrul6e6+JRyoKZP60Gin9VWa9+r7ONzbsL6w8QNyYIPajnDsnr06DiF8JVeaoRb
WehjHpuQqBD+jJKmcD89nViKu/2HOfLpY+GrOX8a6s6XHCurt07XnWWq1thU+l9C
QnnWien2iG4lvFuMoBNbXHkipJBxxdUaOpvUNYJga4ZoZcchW4Ch4D5aJuyG6Sj7
jITjjs43f5V4n9GrNLWOI2iolCwJlwHSFiAIzQRvbJeuxjOQT9SrkVWDvZlNMc7+
bNQjs24mfFHC5jcwgdZ9OOodXQFswLxuzu68KyL9CskuDQQhsLKIxPw8owIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHBfF6mZp7lf+qpEZXJzOiy1KBOeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0Y4WHFabW51Vl82cWtSbGNuTTZMTFVvRTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwhAwQA
wlcjAwQAwlc+AwQAwldSAwQAwle/AwQAwlfbAwQAw4VLMA0GCSqGSIb3DQEBCwUA
A4IBAQCVNfESVbbXE44QEWhzYu9BxRCCyWFSWzNwgkmCtxyvvFx7Mh7JrkKUApa4
jNQlK4f3+p91wkIRsnGXrufq8qBypOAfbnAHK3Gr/Y0tsEaRpfYJH3YhZBLvPgqr
Y6Fdji0Mf+d/0AHcdoWKQwF9QBjOz/OOS2zTiIB2SieOa8hXBwa3GRR+tzB/0bgd
H2MKoqA0wVTUXX0x9qWs6OPuHTQZpXNYoZCWpcm0Ht+M2N2VSKr8gXbNjsVVc/39
GTWM2chB2cBeWKbhcoB/e7D8ssfQmWvuUqeNLdjYm9G8mX4bgcj63v5ZdAP/FrbB
tQdWJDoWkwF4loaK5c0OUI/DInGI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org