Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fFMb0z1NKBKS2phTeLMc-hmuUZ4.roa
File: fFMb0z1NKBKS2phTeLMc-hmuUZ4.roa (raw, json)
Hash identifier: Rxw5a/T3Lbf8Qj0gYepQJUuDNv0Gsn3sbBcAeh5SkxM=
Subject key identifier: 7C:53:1B:D3:3D:4D:28:12:92:DA:98:53:78:B3:1C:FA:19:AE:51:9E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B71EB1F14C5E1CD593198C95081EC8FF6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fFMb0z1NKBKS2phTeLMc-hmuUZ4.roa
Signing time: Fri 27 Oct 2023 16:15:16 +0000
ROA not before: Fri 27 Oct 2023 16:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:eb:1f:14:c5:e1:cd:59:31:98:c9:50:81:ec:8f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 27 16:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c531bd33d4d281292da985378b31cfa19ae519e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:32:69:b7:3c:01:89:c6:bf:17:03:47:ab:
cb:39:f9:9b:e3:48:53:0a:ec:be:e1:8f:19:09:c5:
d0:21:1c:f9:58:f4:68:94:28:6a:b9:96:df:d8:79:
d8:a8:5d:2e:d3:cf:fc:54:2b:b6:12:1e:fe:af:23:
5e:4f:3a:bd:19:de:1b:7f:ac:73:27:4e:76:f4:47:
55:0d:b4:c5:b9:bf:47:34:59:f9:43:17:76:f8:90:
35:1b:c6:a6:93:71:08:2d:ec:4e:aa:33:f5:23:6b:
ae:df:2a:6f:23:cc:43:02:25:05:47:e1:44:43:85:
a6:3d:3e:19:df:30:d7:06:19:c0:99:aa:46:9d:3d:
42:af:36:43:02:8c:05:60:b4:eb:3a:74:0c:e2:9b:
3b:49:a5:b4:e6:0c:1a:ad:1a:40:ba:98:34:25:d6:
dc:a4:d7:90:10:1a:e0:de:96:3e:9b:3a:90:e4:84:
20:86:10:94:5b:f2:18:36:0a:24:c4:56:df:af:90:
47:a6:c7:8e:78:e9:59:57:a7:20:3d:90:8b:38:bc:
48:ae:e8:29:ce:94:b2:2a:5c:b9:5e:6b:ce:3d:48:
38:f3:cf:f5:40:5d:2e:81:9b:61:15:98:9a:50:95:
66:0d:95:cc:fb:ea:c8:a9:8a:fd:b6:da:22:18:64:
39:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:53:1B:D3:3D:4D:28:12:92:DA:98:53:78:B3:1C:FA:19:AE:51:9E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fFMb0z1NKBKS2phTeLMc-hmuUZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.39.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
47:58:60:44:4e:8a:fd:74:96:bc:1b:9c:04:f3:5e:6b:d1:47:
d3:fa:1b:ad:4a:8b:7c:5a:49:2d:52:98:e3:a6:62:02:9b:a5:
83:43:1e:73:d8:bd:47:ed:8d:9c:8b:1d:e1:bb:ed:b5:06:c8:
73:99:d8:21:38:dd:b0:f5:7e:c3:f4:5f:04:9a:26:c8:98:72:
cb:b5:7e:4d:76:11:00:26:72:3c:64:30:94:a0:69:ba:92:a9:
8c:11:fa:64:19:6d:0e:2a:a0:4d:35:eb:eb:55:f8:34:61:e9:
e9:99:85:3e:ef:f0:9c:7a:eb:a1:e4:b9:ea:b6:a2:37:b7:70:
e8:fa:43:a3:06:73:5b:5e:7a:df:6a:5d:00:53:94:14:7d:0a:
65:65:66:b3:d3:51:70:37:5b:9c:fa:be:5a:19:87:93:f3:89:
6c:10:95:b9:7d:61:34:ec:64:87:ef:4e:ed:25:01:01:b3:1c:
71:35:c2:88:b5:41:dc:61:b5:30:9b:35:3b:ea:e6:8a:01:1b:
a2:76:82:af:4f:75:f4:b7:25:cc:bb:56:cd:13:4c:7d:61:ac:
02:fc:95:4d:96:1d:80:aa:9e:c1:df:76:21:90:4e:cb:6f:d8:
c5:63:f0:66:3e:57:d7:2e:da:6f:02:30:89:78:45:1e:ed:78:
3a:cb:71:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtx6x8UxeHNWTGYyVCB7I/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI3MTYxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzUzMWJkMzNkNGQyODEyOTJkYTk4NTM3OGIzMWNmYTE5YWU1MTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRoyabc8AYnGvxcDR6vLOfmb40hT
Cuy+4Y8ZCcXQIRz5WPRolChquZbf2HnYqF0u08/8VCu2Eh7+ryNeTzq9Gd4bf6xz
J0529EdVDbTFub9HNFn5Qxd2+JA1G8amk3EILexOqjP1I2uu3ypvI8xDAiUFR+FE
Q4WmPT4Z3zDXBhnAmapGnT1CrzZDAowFYLTrOnQM4ps7SaW05gwarRpAupg0Jdbc
pNeQEBrg3pY+mzqQ5IQghhCUW/IYNgokxFbfr5BHpseOeOlZV6cgPZCLOLxIrugp
zpSyKly5XmvOPUg488/1QF0ugZthFZiaUJVmDZXM++rIqYr9ttoiGGQ5IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHxTG9M9TSgSktqYU3izHPoZrlGeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZkZNYjB6MU5LQktTMnBoVGVMTWMtaG11VVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlX6AwQA
w4UnAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQBHWGBETor9dJa8G5wE815r0UfT
+hutSot8WkktUpjjpmICm6WDQx5z2L1H7Y2cix3hu+21BshzmdghON2w9X7D9F8E
mibImHLLtX5NdhEAJnI8ZDCUoGm6kqmMEfpkGW0OKqBNNevrVfg0YenpmYU+7/Cc
euuh5LnqtqI3t3Do+kOjBnNbXnrfal0AU5QUfQplZWaz01FwN1uc+r5aGYeT84ls
EJW5fWE07GSH707tJQEBsxxxNcKItUHcYbUwmzU76uaKARuidoKvT3X0tyXMu1bN
E0x9YawC/JVNlh2Aqp7B33YhkE7Lb9jFY/BmPlfXLtpvAjCJeEUe7Xg6y3HS
-----END CERTIFICATE-----
Generated at Fri Nov 3 09:00:49 2023 by rpki-client on console-ams.rpki-client.org