Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eDe85W9askdrO1I0vX0xRdmsgiQ.roa
File: eDe85W9askdrO1I0vX0xRdmsgiQ.roa (raw, json)
Hash identifier: 2te7h/j2gUO3siGK+HZR+Zdi/kgUaaibzOGgZFS0ZJw=
Subject key identifier: 78:37:BC:E5:6F:5A:B2:47:6B:3B:52:34:BD:7D:31:45:D9:AC:82:24
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A7EF3AA48C9FD5DBA53789C2F6191278F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eDe85W9askdrO1I0vX0xRdmsgiQ.roa
Signing time: Sun 10 Sep 2023 11:56:52 +0000
ROA not before: Sun 10 Sep 2023 11:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7e:f3:aa:48:c9:fd:5d:ba:53:78:9c:2f:61:91:27:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 10 11:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7837bce56f5ab2476b3b5234bd7d3145d9ac8224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:48:42:ee:f1:48:3e:28:98:50:29:fa:62:
cf:24:9c:0e:87:16:df:71:31:44:b1:e8:57:53:3a:
a5:4f:f2:fb:28:76:3a:21:66:e7:1d:9b:50:63:80:
61:e1:87:ac:56:c2:fd:92:2d:fa:2d:c8:f5:1c:85:
71:50:a7:ee:ef:17:33:1e:58:35:34:fc:0f:4c:b5:
95:97:4a:b2:33:8e:cf:95:20:63:44:ae:39:a5:e9:
69:5c:52:c3:8f:a9:c7:bb:56:1d:95:6d:88:75:4b:
2b:27:8a:64:79:25:f7:14:cc:66:90:1b:fd:a9:a8:
3a:e2:c7:00:4a:70:d4:86:aa:ac:12:ce:d6:e4:4b:
8b:2d:97:ae:f2:40:e5:fc:f0:e6:67:a0:76:0b:8f:
b6:cc:0c:95:28:83:54:af:49:70:b4:3c:c1:93:10:
1b:83:7f:00:7a:8a:bd:79:17:63:8c:9e:22:04:c5:
60:34:69:36:2a:97:d0:1c:20:1d:a9:5e:52:3d:f4:
75:55:1f:6b:b7:16:97:4a:a6:68:2e:80:66:32:59:
4b:13:a1:ee:aa:f2:e2:ed:3e:af:05:82:29:cb:09:
48:97:5b:e9:0a:41:97:bc:42:2c:56:21:94:5c:7c:
5c:7e:37:ea:f7:ae:33:b9:86:81:63:5a:dd:35:64:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:37:BC:E5:6F:5A:B2:47:6B:3B:52:34:BD:7D:31:45:D9:AC:82:24
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eDe85W9askdrO1I0vX0xRdmsgiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
193.124.4.0/24
194.87.2.0/24
194.87.30.0/24
194.87.44.0/24
194.87.221.0/24
195.133.78.0/24
195.133.94.0/24
212.192.8.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
13:08:67:7d:e8:5d:b5:ef:6d:64:31:1c:35:51:6a:4d:dc:68:
c4:b4:98:51:a9:85:99:ae:93:e4:99:e1:6a:4c:9e:3f:39:e6:
37:d8:2f:08:93:ac:19:a2:26:09:e5:ea:0a:0d:8e:6a:97:56:
03:6a:27:4b:18:b7:6d:c4:16:f9:dd:c3:8e:ae:d1:22:2d:19:
68:6c:eb:26:7d:dd:c8:16:7c:c6:bc:a2:92:a0:59:12:93:bd:
54:90:59:15:66:c5:f3:e8:e4:0d:31:e9:03:ff:0b:5d:9c:61:
07:2f:f2:85:c3:5f:72:49:64:be:ff:46:ec:f4:8e:d9:fb:b5:
78:0e:f7:0d:50:4b:e9:cc:32:74:0f:03:6e:d2:1e:2e:20:77:
a7:3c:50:00:e0:da:35:96:04:f5:93:2d:84:ad:0e:4b:26:2d:
25:16:bb:74:d6:c3:ae:ad:63:c0:1b:42:51:e7:53:0d:0f:2c:
eb:3f:b7:3d:04:88:a2:38:fd:49:58:bf:6d:54:3b:4a:46:73:
01:2c:ea:99:51:ed:31:d0:73:e6:ee:b0:1e:7e:c3:17:af:8b:
3d:14:85:18:d6:de:e1:1c:a9:bc:bc:26:36:20:a3:c9:40:15:
9b:f9:56:fe:ec:eb:55:bb:b4:ca:d0:0b:b9:cf:c8:30:69:a4:
77:68:27:57
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYp+86pIyf1dulN4nC9hkSePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTEwMTE1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODM3YmNlNTZmNWFiMjQ3NmIzYjUyMzRiZDdkMzE0NWQ5YWM4MjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk11IQu7xSD4omFAp+mLPJJwOhxbf
cTFEsehXUzqlT/L7KHY6IWbnHZtQY4Bh4YesVsL9ki36Lcj1HIVxUKfu7xczHlg1
NPwPTLWVl0qyM47PlSBjRK45pelpXFLDj6nHu1YdlW2IdUsrJ4pkeSX3FMxmkBv9
qag64scASnDUhqqsEs7W5EuLLZeu8kDl/PDmZ6B2C4+2zAyVKINUr0lwtDzBkxAb
g38Aeoq9eRdjjJ4iBMVgNGk2KpfQHCAdqV5SPfR1VR9rtxaXSqZoLoBmMllLE6Hu
qvLi7T6vBYIpywlIl1vpCkGXvEIsViGUXHxcfjfq964zuYaBY1rdNWT7KwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHg3vOVvWrJHaztSNL19MUXZrIIkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZURlODVXOWFza2RyTzFJMHZYMHhSZG1zZ2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy3AwQA
wXwEAwQAwlcCAwQAwlceAwQAwlcsAwQAwlfdAwQAw4VOAwQAw4VeAwQA1MAIAwQA
1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQATCGd96F21721kMRw1UWpN3GjEtJhRqYWZ
rpPkmeFqTJ4/OeY32C8Ik6wZoiYJ5eoKDY5ql1YDaidLGLdtxBb53cOOrtEiLRlo
bOsmfd3IFnzGvKKSoFkSk71UkFkVZsXz6OQNMekD/wtdnGEHL/KFw19ySWS+/0bs
9I7Z+7V4DvcNUEvpzDJ0DwNu0h4uIHenPFAA4No1lgT1ky2ErQ5LJi0lFrt01sOu
rWPAG0JR51MNDyzrP7c9BIiiOP1JWL9tVDtKRnMBLOqZUe0x0HPm7rAefsMXr4s9
FIUY1t7hHKm8vCY2IKPJQBWb+Vb+7OtVu7TK0Au5z8gwaaR3aCdX
-----END CERTIFICATE-----
Generated at Sun Sep 10 15:02:26 2023 by rpki-client on console-fra.rpki-client.org