Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eOTbc1mLLN1GY_8CMeWmh8ZhN-A.roa
File: eOTbc1mLLN1GY_8CMeWmh8ZhN-A.roa (raw, json)
Hash identifier: Z0OmsOvlHpaTzdRZcwf0FSBqmpVkK/5GuaQwatjBufs=
Subject key identifier: 78:E4:DB:73:59:8B:2C:DD:46:63:FF:02:31:E5:A6:87:C6:61:37:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8BE326724039B13271583F45A363
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eOTbc1mLLN1GY_8CMeWmh8ZhN-A.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210107
IP address blocks: 195.133.2.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8b:e3:26:72:40:39:b1:32:71:58:3f:45:a3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78e4db73598b2cdd4663ff0231e5a687c66137e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:32:68:b9:38:55:2a:f1:f6:96:1d:2b:e0:
e7:c0:f2:64:b7:64:dd:84:cb:d9:d9:8f:12:85:7b:
b5:9e:80:20:d2:2f:71:59:21:71:b6:60:cc:18:f6:
67:c9:05:b2:eb:d1:cf:97:58:7f:be:1b:52:8e:c5:
d0:39:1e:ca:c4:c9:3a:50:32:f4:59:90:63:22:76:
66:27:1d:eb:dc:38:73:13:b7:33:88:aa:aa:fb:31:
b0:a5:7b:1d:c2:ce:87:e1:c5:37:b3:37:3b:33:b7:
54:e5:4f:c9:73:0a:d4:69:b0:d5:4f:6e:b6:5e:8b:
e8:fd:7e:76:e3:66:93:e7:ff:36:6a:fb:d5:2b:03:
b1:cb:1e:81:c7:17:0b:81:62:f9:05:89:cf:d8:0f:
1c:d9:43:45:f5:6c:ef:ae:e2:ef:82:db:c0:4a:ec:
3e:61:f3:ac:90:62:05:bc:71:41:e8:e8:67:21:58:
07:41:98:79:63:5b:5b:f3:11:ec:a9:ec:56:e6:dc:
f6:36:7e:97:7c:b0:3c:5a:7e:36:c3:63:f8:99:be:
77:71:af:f1:e3:1a:99:77:01:51:67:ae:37:f0:98:
f7:f6:19:96:b6:d9:d8:04:4d:3b:ba:44:bb:ab:35:
3c:f7:45:37:96:25:f1:29:8d:57:03:7f:63:68:15:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E4:DB:73:59:8B:2C:DD:46:63:FF:02:31:E5:A6:87:C6:61:37:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eOTbc1mLLN1GY_8CMeWmh8ZhN-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
194.58.42.0/24
194.87.81.0/24
195.133.2.0/24
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f9:3c:f1:e3:a9:67:60:52:63:f1:e2:e4:7a:67:25:5a:c1:
c2:a5:b6:64:76:46:82:22:b9:d9:28:35:99:76:8d:16:f9:13:
4b:69:c8:15:2e:3f:ea:c9:62:13:1d:34:5f:8c:3a:27:4d:26:
e2:d6:0e:56:f9:e3:24:38:17:ef:1a:f3:e7:55:f4:b8:e1:7d:
ca:0d:b6:1b:16:7a:5b:7d:a2:34:c8:1c:d9:fa:86:a6:6f:24:
c1:c7:12:f3:5a:3c:a7:c7:4e:ff:b8:d4:a6:08:d0:06:49:43:
e6:bd:1c:e4:81:97:71:f9:13:37:b2:50:4d:45:73:5f:ee:de:
2b:68:8b:e1:91:bc:4f:63:32:23:ed:21:16:49:7f:f2:b4:48:
c2:eb:7e:70:87:1d:78:78:ac:fb:f1:71:7b:ac:d1:b4:15:e6:
9a:36:bf:17:97:22:49:57:df:a7:a4:9f:f9:6a:36:f8:0b:66:
31:c2:49:64:19:04:cb:47:87:14:f2:de:c2:30:19:e1:c6:ea:
78:9a:79:85:10:75:ec:ca:bd:7c:bb:1a:d2:52:44:00:c6:f9:
87:3e:12:9a:62:bd:8b:c9:88:5e:e1:1a:af:fd:17:1c:df:df:
44:1c:8d:f4:cd:22:2a:21:19:7d:87:3b:21:54:52:1b:af:ce:
83:de:f1:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKovjJnJAObEycVg/RaNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGU0ZGI3MzU5OGIyY2RkNDY2M2ZmMDIzMWU1YTY4N2M2NjEzN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0QyaLk4VSrx9pYdK+DnwPJkt2Td
hMvZ2Y8ShXu1noAg0i9xWSFxtmDMGPZnyQWy69HPl1h/vhtSjsXQOR7KxMk6UDL0
WZBjInZmJx3r3DhzE7cziKqq+zGwpXsdws6H4cU3szc7M7dU5U/JcwrUabDVT262
Xovo/X5242aT5/82avvVKwOxyx6BxxcLgWL5BYnP2A8c2UNF9WzvruLvgtvASuw+
YfOskGIFvHFB6OhnIVgHQZh5Y1tb8xHsqexW5tz2Nn6XfLA8Wn42w2P4mb53ca/x
4xqZdwFRZ6438Jj39hmWttnYBE07ukS7qzU890U3liXxKY1XA39jaBVoCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHjk23NZiyzdRmP/AjHlpofGYTfgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZU9UYmMxbUxMTjFHWV84Q01lV21oOFpoTi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy3AwQA
wjoqAwQAwldRAwQAw4UCAwQA1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQBw+Tzx46ln
YFJj8eLkemclWsHCpbZkdkaCIrnZKDWZdo0W+RNLacgVLj/qyWITHTRfjDonTSbi
1g5W+eMkOBfvGvPnVfS44X3KDbYbFnpbfaI0yBzZ+oambyTBxxLzWjynx07/uNSm
CNAGSUPmvRzkgZdx+RM3slBNRXNf7t4raIvhkbxPYzIj7SEWSX/ytEjC635whx14
eKz78XF7rNG0FeaaNr8XlyJJV9+npJ/5ajb4C2YxwklkGQTLR4cU8t7CMBnhxup4
mnmFEHXsyr18uxrSUkQAxvmHPhKaYr2LyYhe4Rqv/Rcc399EHI30zSIqIRl9hzsh
VFIbr86D3vFQ
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:09:56 2024 by rpki-client on console-fra.rpki-client.org