Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ePT-RHFOtpkN5J-EqAlkOyRp1oU.roa
File: ePT-RHFOtpkN5J-EqAlkOyRp1oU.roa (raw, json)
Hash identifier: dYMte/2UE2XUF27L72NEB1i/L+e8PolIFaeAjiWzixs=
Subject key identifier: 78:F4:FE:44:71:4E:B6:99:0D:E4:9F:84:A8:09:64:3B:24:69:D6:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BF2ABB177FF3EA709DAAFFFCA83925AF8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ePT-RHFOtpkN5J-EqAlkOyRp1oU.roa
Signing time: Tue 21 Nov 2023 16:17:00 +0000
ROA not before: Tue 21 Nov 2023 16:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:ab:b1:77:ff:3e:a7:09:da:af:ff:ca:83:92:5a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 21 16:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78f4fe44714eb6990de49f84a809643b2469d685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:af:71:40:cd:62:27:99:25:94:52:31:32:a6:
aa:be:4c:37:dd:55:59:6a:8b:d0:c5:1d:26:0b:f9:
84:f6:a0:f9:6b:d1:76:33:20:fe:87:be:24:15:9c:
05:2b:7f:58:10:4e:04:da:1e:f8:a0:85:9f:a1:8f:
91:6e:ce:02:39:6c:04:a2:0d:3e:49:1b:2f:ce:ab:
fb:d7:ec:e9:b6:77:87:37:2d:dc:cb:45:10:e8:c0:
4c:2b:22:4a:ee:bd:e1:61:b3:ce:db:63:a6:2a:a2:
bb:14:19:64:cd:3e:b3:f5:54:ac:e6:44:23:20:2b:
e3:a4:06:9f:41:ff:df:b2:cb:64:84:39:26:d9:19:
90:d9:89:48:33:8a:d8:12:cb:cd:81:55:d9:0c:92:
a7:b5:e4:c4:42:fa:65:6b:c5:40:b4:e0:d2:48:d3:
c6:04:fb:6c:8f:78:12:7c:c1:d7:cb:92:04:d6:c1:
d1:d2:f2:a7:3c:04:19:d1:48:06:ec:ff:c9:21:c4:
1b:29:87:47:31:d5:48:a7:c1:ec:5a:bf:00:57:c8:
d1:f9:1d:d7:68:bd:25:ec:4f:02:de:1a:65:7b:46:
43:e6:e3:08:f1:4d:ef:f0:00:60:f8:e2:2d:6a:ab:
45:a3:07:72:31:3d:fd:e6:6a:e1:3f:28:ef:04:40:
a5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F4:FE:44:71:4E:B6:99:0D:E4:9F:84:A8:09:64:3B:24:69:D6:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ePT-RHFOtpkN5J-EqAlkOyRp1oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
192.124.188.0/24
192.124.190.0/23
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e9:56:ed:9e:50:1f:9e:9c:aa:7b:47:80:dd:32:38:6b:fa:
d4:0f:f2:25:2f:fc:b8:46:94:26:47:a9:45:c0:22:e5:f2:b0:
cb:30:b8:34:bf:49:63:9d:ce:b2:35:b7:04:1e:ba:c7:47:43:
04:f5:cb:46:23:b9:7c:a8:68:e7:93:7b:9c:6f:da:8f:b7:d8:
d7:16:3c:f6:86:2b:f0:c5:f1:2f:36:9f:84:12:66:a6:aa:dc:
46:fb:86:f5:1d:1d:39:c1:a5:e7:3f:39:06:78:cc:95:33:fd:
a7:20:5c:cf:29:58:b0:2b:fa:fe:63:5f:10:c1:28:0a:98:bf:
9b:85:15:e4:e5:de:1b:f3:71:09:be:51:2a:20:67:98:12:73:
61:ee:cd:c8:1a:9a:c5:7d:68:48:fd:f2:76:9f:fe:ad:f5:3d:
2f:dd:ae:6c:dd:45:3c:f1:1a:12:44:bf:f7:0e:b1:33:09:e0:
df:ae:1c:51:99:52:8e:e8:c8:de:6e:88:da:d6:fd:f6:46:2c:
c5:76:4e:5e:e0:bf:83:d6:92:5d:d7:f6:0a:9b:06:4d:66:3d:
a4:0a:d0:00:c4:37:17:84:c7:92:8d:ce:b9:1a:c4:c6:dd:7c:
8a:46:b2:ea:ce:b4:6e:ed:ff:57:ac:61:21:26:c3:a4:45:7b:
63:5b:f2:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvyq7F3/z6nCdqv/8qDklr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIxMTYxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY0ZmU0NDcxNGViNjk5MGRlNDlmODRhODA5NjQzYjI0NjlkNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt69xQM1iJ5kllFIxMqaqvkw33VVZ
aovQxR0mC/mE9qD5a9F2MyD+h74kFZwFK39YEE4E2h74oIWfoY+Rbs4COWwEog0+
SRsvzqv71+zptneHNy3cy0UQ6MBMKyJK7r3hYbPO22OmKqK7FBlkzT6z9VSs5kQj
ICvjpAafQf/fsstkhDkm2RmQ2YlIM4rYEsvNgVXZDJKnteTEQvpla8VAtODSSNPG
BPtsj3gSfMHXy5IE1sHR0vKnPAQZ0UgG7P/JIcQbKYdHMdVIp8HsWr8AV8jR+R3X
aL0l7E8C3hple0ZD5uMI8U3v8ABg+OItaqtFowdyMT395mrhPyjvBEClhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHj0/kRxTraZDeSfhKgJZDskadaFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZVBULVJIRk90cGtONUotRXFBbGtPeVJwMW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy1AwQA
wHy8AwQBwHy+AwQAwHzRAwQA1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQBa6VbtnlAf
npyqe0eA3TI4a/rUD/IlL/y4RpQmR6lFwCLl8rDLMLg0v0ljnc6yNbcEHrrHR0ME
9ctGI7l8qGjnk3ucb9qPt9jXFjz2hivwxfEvNp+EEmamqtxG+4b1HR05waXnPzkG
eMyVM/2nIFzPKViwK/r+Y18QwSgKmL+bhRXk5d4b83EJvlEqIGeYEnNh7s3IGprF
fWhI/fJ2n/6t9T0v3a5s3UU88RoSRL/3DrEzCeDfrhxRmVKO6Mjeboja1v32RizF
dk5e4L+D1pJd1/YKmwZNZj2kCtAAxDcXhMeSjc65GsTG3XyKRrLqzrRu7f9XrGEh
JsOkRXtjW/K5
Generated at Thu Nov 30 19:26:23 2023 by rpki-client on console-fra.rpki-client.org