Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/e6KyQNsjcNgu7hRnlRu11WaFq6I.roa
File: e6KyQNsjcNgu7hRnlRu11WaFq6I.roa (raw, json)
Hash identifier: /0YOi5cIXiVKvyG7bbxzgYT/q9r+FmQRwQRVhKSPTqk=
Subject key identifier: 7B:A2:B2:40:DB:23:70:D8:2E:EE:14:67:95:1B:B5:D5:66:85:AB:A2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018998DA41E1BC6F17C8374169D740CAD864
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/e6KyQNsjcNgu7hRnlRu11WaFq6I.roa
Signing time: Thu 27 Jul 2023 19:36:27 +0000
ROA not before: Thu 27 Jul 2023 19:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:da:41:e1:bc:6f:17:c8:37:41:69:d7:40:ca:d8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 27 19:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ba2b240db2370d82eee1467951bb5d56685aba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:42:1a:76:3f:b6:c6:91:76:03:37:80:48:0d:
fb:63:43:32:59:95:1c:c5:05:0f:d8:cc:0a:66:7d:
74:76:2b:33:e1:b6:c9:21:f4:d8:61:b6:f0:bb:30:
8d:ab:ad:28:2e:51:4a:08:c7:b6:87:8f:11:f9:59:
6b:52:66:29:a1:c3:6c:0e:6d:a3:47:9c:d9:fc:55:
a2:f3:bd:5c:11:1b:af:4a:37:f8:75:ec:76:55:16:
c6:49:d5:fd:f5:fc:f1:12:31:89:0b:1d:73:c4:04:
97:81:95:c7:fa:8b:b3:1d:64:73:70:d6:eb:ed:3c:
49:10:6f:5c:0b:2c:e3:b8:99:f9:d5:97:1c:b5:b9:
7b:2d:5b:f7:79:5b:3a:48:72:82:46:27:d5:37:5b:
20:3e:a7:65:67:99:a0:a1:c3:60:30:d8:3f:e6:bf:
49:ef:d9:6a:f3:6a:51:ef:dc:d0:78:91:42:4e:ac:
47:f0:92:8e:75:85:a6:a3:19:d1:ce:7a:6f:0d:b3:
9c:e5:71:ea:6d:0b:74:24:f2:ae:72:e5:3a:c8:b1:
73:b5:81:7d:12:16:67:46:dc:28:6f:62:30:45:9a:
15:7f:5c:f9:4a:24:0b:e6:35:fc:bd:a9:d5:ed:62:
e4:d9:1b:ae:bc:ba:9f:a8:0d:65:73:22:3c:de:56:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A2:B2:40:DB:23:70:D8:2E:EE:14:67:95:1B:B5:D5:66:85:AB:A2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/e6KyQNsjcNgu7hRnlRu11WaFq6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
3d:45:56:ca:a3:8d:04:ad:68:de:9a:c2:b1:bd:42:4b:21:3a:
54:8f:8d:7b:fa:6c:57:4d:03:af:f1:d6:c4:25:c1:af:46:10:
14:98:42:ff:c6:85:04:1b:b7:db:93:ed:e1:a0:ae:e9:22:ab:
b1:b7:e7:a1:73:b9:24:36:ce:77:c5:0c:c5:b3:9a:67:b6:b2:
a4:37:7c:ca:af:85:8d:89:8f:3a:4f:58:77:aa:7b:7f:16:71:
92:9c:0a:ba:68:79:d1:29:f0:11:41:42:43:02:8d:d4:ee:9d:
c6:5d:23:a3:54:d2:18:8f:d8:3d:33:54:86:3e:fd:46:68:06:
b9:f8:fc:b8:ce:eb:1f:42:8d:36:4f:97:d8:cc:7d:3e:81:a2:
2f:39:3c:16:71:f0:eb:25:e4:f4:5e:1f:de:96:52:c7:30:79:
3a:b0:ec:cf:33:4b:90:34:6f:0b:b0:4d:fe:fc:62:35:6f:7e:
a4:67:9f:bf:51:4d:f1:c4:b6:bb:db:ec:a4:09:f0:f6:f3:f4:
78:68:43:c2:7c:cf:23:60:99:d7:37:0a:78:9c:11:59:5c:d6:
af:12:93:b8:b4:9a:3d:ac:66:95:72:07:08:6a:57:cb:62:c1:
28:7e:d6:a8:6d:c9:f5:90:0e:c0:79:8a:c7:eb:1b:7b:1b:64:
26:63:2a:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmY2kHhvG8XyDdBaddAythkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTkzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmEyYjI0MGRiMjM3MGQ4MmVlZTE0Njc5NTFiYjVkNTY2ODVhYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0Iadj+2xpF2AzeASA37Y0MyWZUc
xQUP2MwKZn10disz4bbJIfTYYbbwuzCNq60oLlFKCMe2h48R+VlrUmYpocNsDm2j
R5zZ/FWi871cERuvSjf4dex2VRbGSdX99fzxEjGJCx1zxASXgZXH+ouzHWRzcNbr
7TxJEG9cCyzjuJn51Zcctbl7LVv3eVs6SHKCRifVN1sgPqdlZ5mgocNgMNg/5r9J
79lq82pR79zQeJFCTqxH8JKOdYWmoxnRznpvDbOc5XHqbQt0JPKucuU6yLFztYF9
EhZnRtwob2IwRZoVf1z5SiQL5jX8vanV7WLk2RuuvLqfqA1lcyI83laCMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHuiskDbI3DYLu4UZ5UbtdVmhauiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZTZLeVFOc2pjTmd1N2hSbmxSdTExV2FGcTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwlX6AwQA
w4UnMAwDBADUwPUDBADUwPYwDQYJKoZIhvcNAQELBQADggEBAD1FVsqjjQStaN6a
wrG9QkshOlSPjXv6bFdNA6/x1sQlwa9GEBSYQv/GhQQbt9uT7eGgrukiq7G356Fz
uSQ2znfFDMWzmme2sqQ3fMqvhY2JjzpPWHeqe38WcZKcCrpoedEp8BFBQkMCjdTu
ncZdI6NU0hiP2D0zVIY+/UZoBrn4/LjO6x9CjTZPl9jMfT6Boi85PBZx8Osl5PRe
H96WUscweTqw7M8zS5A0bwuwTf78YjVvfqRnn79RTfHEtrvb7KQJ8Pbz9HhoQ8J8
zyNgmdc3CnicEVlc1q8Sk7i0mj2sZpVyBwhqV8tiwSh+1qhtyfWQDsB5isfrG3sb
ZCZjKtg=
-----END CERTIFICATE-----
Generated at Mon Aug 7 11:03:53 2023 by rpki-client on console-ams.rpki-client.org