Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDcgrpHv2_XEaacrVrHZLHZZusI.roa
File: fDcgrpHv2_XEaacrVrHZLHZZusI.roa (raw, json)
Hash identifier: L3Bquscl0AoCxSjVPoxYVJnkIpevd5xrV3oxGfyjaOA=
Subject key identifier: 7C:37:20:AE:91:EF:DB:F5:C4:69:A7:2B:56:B1:D9:2C:76:59:BA:C2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188E1441BF4DB22B1E86DAEC7EFC2E7E49A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDcgrpHv2_XEaacrVrHZLHZZusI.roa
Signing time: Thu 22 Jun 2023 04:01:57 +0000
ROA not before: Thu 22 Jun 2023 04:01:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Jul 2023 09:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e1:44:1b:f4:db:22:b1:e8:6d:ae:c7:ef:c2:e7:e4:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 22 04:01:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c3720ae91efdbf5c469a72b56b1d92c7659bac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:e3:29:e7:ad:c2:34:44:83:0c:91:28:a0:
19:74:34:42:cf:c2:bd:1d:13:95:d8:3e:b0:59:99:
ea:b9:b0:2f:db:e9:c7:5e:eb:00:d7:04:30:ff:c3:
12:bc:7f:5e:b7:a7:54:6b:fc:d5:cb:35:94:1c:73:
5f:3d:98:05:f8:5d:3d:49:0d:b4:03:5c:ce:44:2a:
98:65:a3:a9:ec:16:d4:3b:da:a5:50:b5:cb:05:0f:
e2:25:da:cd:ea:f1:3b:da:cd:91:9d:20:6a:29:4d:
c4:e9:eb:a8:61:34:87:f2:0d:ba:70:ae:02:cd:3b:
db:3d:44:6b:a9:a8:68:7d:dd:f2:17:71:77:e1:cd:
2a:12:f5:ec:6f:f7:fc:a4:6d:3a:03:1c:2e:59:22:
d6:7a:e3:ed:93:ad:b4:f5:ae:ee:c3:f5:8d:1d:5c:
a0:41:8a:f6:2f:90:4e:3d:73:a5:1f:40:b8:11:30:
ba:d5:90:c7:56:62:b4:a4:0c:f9:5b:97:61:cc:bd:
5d:21:76:c4:54:65:04:7b:2a:b3:ce:b1:15:0c:cc:
50:3e:40:ff:40:ac:14:3b:61:c7:e3:45:fa:1e:ce:
94:d4:ad:a1:9e:12:bc:0e:71:4e:fe:c3:1c:6b:34:
e4:2c:6a:94:6c:f5:f5:ef:dd:17:41:ff:93:56:ce:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:37:20:AE:91:EF:DB:F5:C4:69:A7:2B:56:B1:D9:2C:76:59:BA:C2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDcgrpHv2_XEaacrVrHZLHZZusI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.149.0/24
194.87.163.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a9:97:8d:97:f8:3f:c9:80:f5:ec:72:94:63:de:00:c8:ee:
64:37:ab:1c:66:dd:cf:7f:1f:27:b7:db:cb:73:e4:9f:67:be:
cf:c8:40:df:68:79:c8:65:48:87:82:58:fd:f1:b2:f8:6a:b5:
ba:2a:b1:e9:76:2c:20:89:5f:b0:f7:de:45:b1:2f:52:ae:b2:
00:de:51:01:d6:17:ad:79:25:fb:37:3e:9f:98:80:7a:df:9d:
46:0e:98:11:cb:79:e3:2c:7b:35:53:ad:25:ad:6b:66:fd:16:
4e:ec:a4:e6:f9:48:50:03:b5:0e:de:e5:b1:ba:b2:27:f3:6f:
18:89:c0:80:96:2d:12:eb:c2:ee:cd:cf:00:24:57:13:6e:20:
35:46:d0:da:61:ac:f2:8d:e3:9c:01:7a:31:60:13:1f:4b:b6:
47:58:c0:06:b6:43:6d:06:b2:8f:c8:c9:9f:9e:29:2b:8d:4a:
67:e8:56:f0:73:89:7d:16:8f:f6:90:f8:f9:d2:b0:17:47:8a:
0d:fe:9d:58:4d:cf:a4:f1:51:d0:d8:4e:62:74:39:ba:48:84:
60:5c:36:33:f0:97:ec:e9:3d:49:10:77:68:4f:f3:f7:25:b8:
91:60:1a:7d:17:48:a4:48:6a:b1:93:c3:9d:5c:ba:75:41:15:
5c:d2:b4:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjhRBv02yKx6G2ux+/C5+SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIyMDQwMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM3MjBhZTkxZWZkYmY1YzQ2OWE3MmI1NmIxZDkyYzc2NTliYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpXjKeetwjREgwyRKKAZdDRCz8K9
HROV2D6wWZnqubAv2+nHXusA1wQw/8MSvH9et6dUa/zVyzWUHHNfPZgF+F09SQ20
A1zORCqYZaOp7BbUO9qlULXLBQ/iJdrN6vE72s2RnSBqKU3E6euoYTSH8g26cK4C
zTvbPURrqahofd3yF3F34c0qEvXsb/f8pG06AxwuWSLWeuPtk6209a7uw/WNHVyg
QYr2L5BOPXOlH0C4ETC61ZDHVmK0pAz5W5dhzL1dIXbEVGUEeyqzzrEVDMxQPkD/
QKwUO2HH40X6Hs6U1K2hnhK8DnFO/sMcazTkLGqUbPX1790XQf+TVs5M+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHw3IK6R79v1xGmnK1ax2Sx2WbrCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZkRjZ3JwSHYyX1hFYWFjclZySFpMSFpadXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwvAwQA
wleVAwQAwlejAwQAwlfPMA0GCSqGSIb3DQEBCwUAA4IBAQAWqZeNl/g/yYD17HKU
Y94AyO5kN6scZt3Pfx8nt9vLc+SfZ77PyEDfaHnIZUiHglj98bL4arW6KrHpdiwg
iV+w995FsS9SrrIA3lEB1heteSX7Nz6fmIB6351GDpgRy3njLHs1U60lrWtm/RZO
7KTm+UhQA7UO3uWxurIn828YicCAli0S68Luzc8AJFcTbiA1RtDaYazyjeOcAXox
YBMfS7ZHWMAGtkNtBrKPyMmfnikrjUpn6Fbwc4l9Fo/2kPj50rAXR4oN/p1YTc+k
8VHQ2E5idDm6SIRgXDYz8Jfs6T1JEHdoT/P3JbiRYBp9F0ikSGqxk8OdXLp1QRVc
0rRJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org