Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cesWSXx3y0UL20mKEWK3b4CQXps.roa
File: cesWSXx3y0UL20mKEWK3b4CQXps.roa (raw, json)
Hash identifier: D/wDS5Bsib1iDHzz49gjx6ZRLxGoKiOZlEhs7iKRj+s=
Subject key identifier: 71:EB:16:49:7C:77:CB:45:0B:DB:49:8A:11:62:B7:6F:80:90:5E:9B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01858DB405C78149C9081D9A196BEA61CB32
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cesWSXx3y0UL20mKEWK3b4CQXps.roa
Signing time: Sat 07 Jan 2023 19:27:43 +0000
ROA not before: Sat 07 Jan 2023 19:27:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8d:b4:05:c7:81:49:c9:08:1d:9a:19:6b:ea:61:cb:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 7 19:27:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71eb16497c77cb450bdb498a1162b76f80905e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:ea:98:5a:73:e7:b4:7a:d7:17:09:61:42:
fd:77:a1:09:85:35:5f:9c:1b:be:b0:6c:39:7c:66:
3a:56:2c:d7:61:5d:c7:1f:c6:bb:59:a9:44:00:d8:
10:51:77:8e:31:59:19:54:a1:53:c6:89:ad:a1:d7:
2b:cb:fd:0c:5d:25:c0:95:5e:61:53:03:e4:43:0a:
0f:8a:62:2c:9e:8c:fc:84:94:39:2b:23:8d:a7:e9:
ae:41:97:9c:53:46:9a:3b:19:a6:57:04:ab:39:4b:
6e:b4:28:5d:2e:33:21:07:e9:2a:24:5a:34:b8:1f:
42:1a:4c:5f:3a:d8:ce:25:91:e3:41:11:20:08:1b:
a1:b8:1a:3e:68:26:ff:aa:a8:7a:b0:7a:cb:2e:49:
17:6c:6c:e4:ad:08:e3:5c:66:5c:75:11:00:2d:00:
ac:fd:9c:c6:f8:bf:f0:e1:a2:e2:a5:fc:ca:b3:68:
1c:88:e4:5e:2a:8a:9b:43:b8:6a:e1:0b:9f:f0:eb:
17:bd:cf:cb:f3:1b:cb:55:02:86:42:b1:7a:0b:ae:
1f:50:35:b8:bc:8a:73:84:20:ca:df:e7:59:c9:77:
9d:29:3a:e6:bc:04:ea:a9:87:a3:9f:0d:03:1f:36:
46:d6:89:67:6c:61:b3:75:55:bd:6a:18:28:ae:ac:
1e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EB:16:49:7C:77:CB:45:0B:DB:49:8A:11:62:B7:6F:80:90:5E:9B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cesWSXx3y0UL20mKEWK3b4CQXps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.37.0/24
194.87.162.0/24
194.87.200.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
10:36:24:66:0b:00:6b:33:b8:ab:fc:0e:f0:f9:3b:ff:28:70:
92:79:1a:24:27:f4:e1:6a:8d:eb:bd:e7:bf:ad:07:d1:52:a9:
a6:18:de:2a:99:15:62:be:ed:34:f9:ec:6a:a3:0b:bb:d4:14:
d1:d7:58:a0:70:77:b3:6b:52:d2:1e:d7:0c:f7:fb:ed:42:92:
8f:40:20:55:fc:0b:a9:84:05:58:9f:e8:10:7a:e5:60:4b:25:
20:20:f3:d0:66:ef:c2:15:f6:86:17:47:23:ca:89:36:7c:0e:
a1:fe:b5:b9:77:b0:e8:98:ff:53:bb:5b:4d:a3:b4:57:4e:24:
9b:e1:d3:6a:43:a8:78:94:17:56:80:b4:e4:a7:26:c1:d8:0c:
c3:dd:02:e1:0a:4a:70:e8:c9:ec:74:84:d2:e2:b5:e1:c5:10:
38:65:3d:9f:40:f0:ab:dc:7e:15:63:26:9d:2e:73:60:30:82:
f9:2b:4a:0e:90:36:f1:18:f6:ab:67:c5:12:9c:e1:70:8b:3e:
2d:86:38:74:c7:ca:9f:72:65:a4:8d:ea:2c:d0:a5:d3:0e:95:
0f:06:29:03:8c:11:0b:4d:23:b6:b3:2a:69:6a:1e:c4:93:e8:
87:fb:59:d1:0c:30:d9:50:ca:eb:23:2d:4f:45:bf:c1:c2:53:
8a:4d:90:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWNtAXHgUnJCB2aGWvqYcsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA3MTkyNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWViMTY0OTdjNzdjYjQ1MGJkYjQ5OGExMTYyYjc2ZjgwOTA1ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPnqmFpz57R61xcJYUL9d6EJhTVf
nBu+sGw5fGY6VizXYV3HH8a7WalEANgQUXeOMVkZVKFTxomtodcry/0MXSXAlV5h
UwPkQwoPimIsnoz8hJQ5KyONp+muQZecU0aaOxmmVwSrOUtutChdLjMhB+kqJFo0
uB9CGkxfOtjOJZHjQREgCBuhuBo+aCb/qqh6sHrLLkkXbGzkrQjjXGZcdREALQCs
/ZzG+L/w4aLipfzKs2gciOReKoqbQ7hq4Quf8OsXvc/L8xvLVQKGQrF6C64fUDW4
vIpzhCDK3+dZyXedKTrmvATqqYejnw0DHzZG1olnbGGzdVW9ahgorqweZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHHrFkl8d8tFC9tJihFit2+AkF6bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY2VzV1NYeDN5MFVMMjBtS0VXSzNiNENRWHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwvAwQA
wlclAwQAwleiAwQAwlfIAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
NiRmCwBrM7ir/A7w+Tv/KHCSeRokJ/Thao3rvee/rQfRUqmmGN4qmRVivu00+exq
owu71BTR11igcHeza1LSHtcM9/vtQpKPQCBV/AuphAVYn+gQeuVgSyUgIPPQZu/C
FfaGF0cjyok2fA6h/rW5d7DomP9Tu1tNo7RXTiSb4dNqQ6h4lBdWgLTkpybB2AzD
3QLhCkpw6MnsdITS4rXhxRA4ZT2fQPCr3H4VYyadLnNgMIL5K0oOkDbxGParZ8US
nOFwiz4thjh0x8qfcmWkjeos0KXTDpUPBikDjBELTSO2syppah7Ek+iH+1nRDDDZ
UMrrIy1PRb/BwlOKTZD9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org