Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cqAw1tiJTEK-tVCkyxlYCSeQHzM.roa
File: cqAw1tiJTEK-tVCkyxlYCSeQHzM.roa (raw, json)
Hash identifier: 95y+ldYpFknWmS9NBYfAHrVk9AsNKIl/kogz9siey04=
Subject key identifier: 72:A0:30:D6:D8:89:4C:42:BE:B5:50:A4:CB:19:58:09:27:90:1F:33
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018689055C42E19FA8EEEB717E7EB380C367
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cqAw1tiJTEK-tVCkyxlYCSeQHzM.roa
Signing time: Sat 25 Feb 2023 14:41:15 +0000
ROA not before: Sat 25 Feb 2023 14:41:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.58.33.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:05:5c:42:e1:9f:a8:ee:eb:71:7e:7e:b3:80:c3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 25 14:41:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a030d6d8894c42beb550a4cb19580927901f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0d:fc:95:b0:ba:f9:7c:da:81:b6:16:bf:c5:
91:0d:5d:b9:ac:e9:45:4f:a8:8f:61:ef:9a:90:dd:
32:a8:f7:9b:e1:71:09:06:00:f7:a9:29:53:b8:d4:
83:ed:f1:b6:3c:ed:a5:6c:1e:f5:7d:b5:bc:46:ea:
6b:4a:ac:73:2e:7f:ae:61:c0:15:43:8f:f9:5a:58:
53:53:ec:05:3b:db:98:83:4f:6a:61:c5:82:fb:5f:
cb:7d:cc:8e:31:74:97:44:b0:3f:d9:87:7d:de:f3:
fe:cf:44:30:78:b1:20:df:7d:06:8b:97:cb:d7:97:
8e:e1:3d:a8:9e:77:13:21:12:f6:fb:45:85:49:e3:
37:2c:c2:df:73:ef:f2:d6:8d:c5:cc:59:2a:2d:c6:
ff:30:f4:69:c7:63:d6:9e:42:20:db:f3:7b:91:3a:
aa:14:8d:1f:15:ce:c1:7f:6c:b6:39:1c:75:84:33:
08:09:9f:df:82:32:5a:7e:22:ac:01:f7:5e:ef:0f:
dd:1f:90:09:ad:d4:0c:b1:de:fb:d2:1f:02:33:45:
cd:c6:e5:30:c9:b6:7d:29:5d:af:5e:e8:f4:24:6b:
61:2f:47:cd:a9:94:0b:75:38:df:62:e5:d3:40:bb:
4b:b8:f6:16:be:c7:4f:e8:16:f6:39:80:5a:bc:1f:
52:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A0:30:D6:D8:89:4C:42:BE:B5:50:A4:CB:19:58:09:27:90:1F:33
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cqAw1tiJTEK-tVCkyxlYCSeQHzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.199.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
94:65:d4:47:5c:3e:65:6a:98:eb:80:ef:2e:ea:c4:8e:0d:66:
13:c0:7b:8a:aa:75:54:26:89:3e:a8:7f:46:2d:11:91:57:6a:
c3:7e:6f:2a:26:6e:99:80:5b:7a:4e:36:c4:85:76:73:b7:c0:
da:54:cc:c5:70:36:83:c5:8c:a9:6a:7f:09:09:c7:ef:7a:03:
eb:4a:3e:26:1e:c6:a7:fa:8f:9b:6a:d9:9b:b2:c1:62:7d:a5:
83:90:40:f2:f1:ed:2f:ff:bf:b9:5b:4d:ef:66:10:75:eb:db:
10:7a:57:ec:38:23:c6:4b:df:4c:35:11:0d:af:0a:cb:61:48:
96:e8:34:7c:9f:8e:4f:1b:a8:3a:de:24:c2:2f:b2:0c:dd:8d:
94:f6:90:70:1c:82:13:f3:0c:70:4d:12:e4:7e:fc:c8:36:5e:
a5:18:79:66:88:6c:e5:f5:15:a8:ee:a9:a2:75:dd:d9:78:ee:
55:7e:44:f3:14:5a:f1:10:36:73:8e:9e:e6:f5:fd:74:6f:64:
e8:01:51:01:5a:00:11:cd:23:f0:30:de:49:ad:7b:4c:8f:91:
1a:f0:09:56:60:a9:1e:09:5b:cb:bb:82:10:3f:d0:8d:3e:71:
7a:b1:a1:f7:ee:16:71:61:90:47:78:16:3e:2f:6f:89:f9:45:
f8:e2:12:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaJBVxC4Z+o7utxfn6zgMNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI1MTQ0MTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEwMzBkNmQ4ODk0YzQyYmViNTUwYTRjYjE5NTgwOTI3OTAxZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg38lbC6+XzagbYWv8WRDV25rOlF
T6iPYe+akN0yqPeb4XEJBgD3qSlTuNSD7fG2PO2lbB71fbW8RuprSqxzLn+uYcAV
Q4/5WlhTU+wFO9uYg09qYcWC+1/LfcyOMXSXRLA/2Yd93vP+z0QweLEg330Gi5fL
15eO4T2onncTIRL2+0WFSeM3LMLfc+/y1o3FzFkqLcb/MPRpx2PWnkIg2/N7kTqq
FI0fFc7Bf2y2ORx1hDMICZ/fgjJafiKsAfde7w/dH5AJrdQMsd770h8CM0XNxuUw
ybZ9KV2vXuj0JGthL0fNqZQLdTjfYuXTQLtLuPYWvsdP6Bb2OYBavB9SFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHKgMNbYiUxCvrVQpMsZWAknkB8zMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY3FBdzF0aUpURUstdFZDa3l4bFlDU2VRSHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjohAwQA
wlfHAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQCUZdRHXD5lapjrgO8u6sSODWYT
wHuKqnVUJok+qH9GLRGRV2rDfm8qJm6ZgFt6TjbEhXZzt8DaVMzFcDaDxYypan8J
CcfvegPrSj4mHsan+o+batmbssFifaWDkEDy8e0v/7+5W03vZhB169sQelfsOCPG
S99MNRENrwrLYUiW6DR8n45PG6g63iTCL7IM3Y2U9pBwHIIT8wxwTRLkfvzINl6l
GHlmiGzl9RWo7qmidd3ZeO5VfkTzFFrxEDZzjp7m9f10b2ToAVEBWgARzSPwMN5J
rXtMj5Ea8AlWYKkeCVvLu4IQP9CNPnF6saH37hZxYZBHeBY+L2+J+UX44hIx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org