Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cTD0sOFSCxelXQckql0RNDcwFqE.roa
File: cTD0sOFSCxelXQckql0RNDcwFqE.roa (raw, json)
Hash identifier: eH03RwkfWgrYFQUmxGda6XvtK3x1KWaevvaNk0mcx/Y=
Subject key identifier: 71:30:F4:B0:E1:52:0B:17:A5:5D:07:24:AA:5D:11:34:37:30:16:A1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67128A60E9B133CD1764F94DEA8D28
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cTD0sOFSCxelXQckql0RNDcwFqE.roa
Signing time: Sun 01 Jan 2023 22:15:04 +0000
ROA not before: Sun 01 Jan 2023 22:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:12:8a:60:e9:b1:33:cd:17:64:f9:4d:ea:8d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7130f4b0e1520b17a55d0724aa5d1134373016a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8f:99:a2:c3:d2:7d:45:f2:12:7e:55:28:8c:
c1:8a:95:da:3a:20:0f:7d:a6:6d:cc:9a:98:b0:ff:
48:b6:3f:7b:de:74:ec:11:9d:dc:a2:9a:ff:8e:d1:
db:49:6c:f0:cc:54:fa:e3:23:3f:2c:82:df:2a:b8:
52:ed:19:a1:56:9d:61:c0:72:88:e5:1f:6b:87:85:
70:d8:1b:c3:ae:c3:b2:e8:82:12:c9:0c:46:59:11:
4e:39:46:43:8d:ff:68:59:69:4e:f3:1b:07:9f:6c:
1f:09:29:44:8b:e3:03:3d:9a:73:62:44:33:49:6b:
0c:40:c3:ca:0b:06:69:da:96:1e:7a:3d:4f:ad:23:
48:3c:03:7e:4d:65:5d:92:78:9c:8a:db:81:d0:6b:
aa:75:f9:45:6d:68:ff:62:da:fe:12:ba:ed:ff:1b:
aa:f1:26:43:a5:84:3f:ee:cb:93:26:f5:ef:ec:ad:
a7:ad:b2:de:bc:ea:8d:06:0a:18:63:49:7c:1d:cb:
14:01:7d:65:a1:77:42:48:c5:cc:cc:27:13:c6:4e:
fe:1e:c4:23:b7:a6:51:25:ab:5f:a0:11:0a:a1:5b:
46:c2:e8:c3:5b:e2:7a:2e:70:4f:e1:d5:e0:de:38:
fd:f4:e7:b9:b2:f3:61:b0:42:52:bb:7c:10:fa:65:
7b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:30:F4:B0:E1:52:0B:17:A5:5D:07:24:AA:5D:11:34:37:30:16:A1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cTD0sOFSCxelXQckql0RNDcwFqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.209.0/24
193.108.112.0/24
194.58.60.0/24
195.133.31.0/24
212.192.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:87:ec:9e:fb:e7:7a:74:bb:75:c1:8b:fc:4e:78:d8:9a:f6:
c2:23:43:c8:33:41:66:34:a9:ff:82:97:44:66:bd:12:c1:3b:
22:78:43:87:57:4d:9a:ce:21:0b:6b:45:72:77:03:87:4a:09:
f9:44:79:5b:21:0f:35:ed:db:d5:18:f8:6c:ad:15:9e:dc:2d:
bd:85:97:13:b2:97:23:05:e3:f4:4e:fa:f5:42:8a:d2:24:fb:
bc:6e:f7:aa:94:8b:ac:7f:65:97:84:7f:b4:f9:a1:cc:07:45:
f8:06:c9:db:a6:12:81:61:8a:fe:89:52:b1:ac:08:4f:4c:78:
f3:eb:f2:2d:ea:a8:ca:00:66:2b:ab:89:ee:5b:ab:aa:9f:67:
d4:b4:84:18:d3:6a:93:89:cd:38:93:65:75:2e:ae:a2:ed:a6:
e0:1a:e5:b7:0d:29:df:1e:3d:5b:c2:86:d5:67:ae:82:b3:a3:
47:b7:ea:56:b5:38:ed:0b:46:e1:b4:9a:a2:0a:57:d0:b9:9d:
75:cd:19:a6:68:ac:06:74:50:bf:aa:61:04:7d:2e:54:9d:33:
7e:f8:14:9f:28:14:1b:46:a4:21:4b:a5:55:15:2f:cb:f1:ae:
28:83:67:91:46:86:a6:34:1d:75:ff:b3:81:44:da:e0:2d:d4:
b2:e0:58:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvZxKKYOmxM80XZPlN6o0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTMwZjRiMGUxNTIwYjE3YTU1ZDA3MjRhYTVkMTEzNDM3MzAxNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4+ZosPSfUXyEn5VKIzBipXaOiAP
faZtzJqYsP9Itj973nTsEZ3copr/jtHbSWzwzFT64yM/LILfKrhS7RmhVp1hwHKI
5R9rh4Vw2BvDrsOy6IISyQxGWRFOOUZDjf9oWWlO8xsHn2wfCSlEi+MDPZpzYkQz
SWsMQMPKCwZp2pYeej1PrSNIPAN+TWVdknicituB0GuqdflFbWj/Ytr+Errt/xuq
8SZDpYQ/7suTJvXv7K2nrbLevOqNBgoYY0l8HcsUAX1loXdCSMXMzCcTxk7+HsQj
t6ZRJatfoBEKoVtGwujDW+J6LnBP4dXg3jj99Oe5svNhsEJSu3wQ+mV7MQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHEw9LDhUgsXpV0HJKpdETQ3MBahMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY1REMHNPRlNDeGVsWFFja3FsMFJORGN3RnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHzRAwQA
wWxwAwQAwjo8AwQAw4UfAwQA1MAGMA0GCSqGSIb3DQEBCwUAA4IBAQBsh+ye++d6
dLt1wYv8TnjYmvbCI0PIM0FmNKn/gpdEZr0SwTsieEOHV02aziELa0VydwOHSgn5
RHlbIQ817dvVGPhsrRWe3C29hZcTspcjBeP0Tvr1QorSJPu8bveqlIusf2WXhH+0
+aHMB0X4BsnbphKBYYr+iVKxrAhPTHjz6/It6qjKAGYrq4nuW6uqn2fUtIQY02qT
ic04k2V1Lq6i7abgGuW3DSnfHj1bwobVZ66Cs6NHt+pWtTjtC0bhtJqiClfQuZ11
zRmmaKwGdFC/qmEEfS5UnTN++BSfKBQbRqQhS6VVFS/L8a4og2eRRoamNB11/7OB
RNrgLdSy4Fi5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:07 2023 by rpki-client on console-fra.rpki-client.org