Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjYvQeBLOqQD-yg3cT9u59XhuVU.roa
File: fjYvQeBLOqQD-yg3cT9u59XhuVU.roa (raw, json)
Hash identifier: 4xbNjYoPmxNK25aofsvVV7rm8mM6SS4K+UBtKNzsv8w=
Subject key identifier: 7E:36:2F:41:E0:4B:3A:A4:03:FB:28:37:71:3F:6E:E7:D5:E1:B9:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018901E28DB9C970625336185EBFB6465B2D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjYvQeBLOqQD-yg3cT9u59XhuVU.roa
Signing time: Wed 28 Jun 2023 12:02:51 +0000
ROA not before: Wed 28 Jun 2023 12:02:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49316
IP address blocks: 194.87.209.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:e2:8d:b9:c9:70:62:53:36:18:5e:bf:b6:46:5b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 28 12:02:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e362f41e04b3aa403fb2837713f6ee7d5e1b955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a8:1c:b5:32:a1:21:a9:35:76:1e:5c:78:0f:
66:77:4b:66:89:19:84:9f:0b:a1:71:4a:d4:6d:12:
3b:20:14:84:dc:5a:90:4d:1a:65:aa:67:ac:83:fb:
70:f0:fa:e7:0f:4f:93:0a:2c:da:3a:1c:dc:98:97:
03:94:77:b8:c1:30:d7:9f:42:08:dd:53:4d:d0:5e:
d0:e8:e2:e7:2b:f2:f9:65:ac:9e:f9:6c:9f:f5:3f:
39:c7:9c:c3:ac:a5:5f:94:2e:19:0b:79:80:c0:9c:
90:41:db:ab:5b:8f:1f:e5:90:e8:f9:91:67:37:6c:
b0:40:58:f1:a5:02:79:27:51:e6:a0:77:0c:55:9a:
4a:65:a1:4f:01:e9:13:be:d2:dc:6f:a2:2b:19:02:
e2:88:7d:b0:e0:57:13:a7:21:ed:63:6b:b1:77:5e:
df:c8:03:db:bd:f4:a4:ed:79:8c:99:3e:91:01:bc:
9c:b4:19:24:9a:74:d8:24:93:52:d3:da:aa:3f:85:
01:00:cc:6f:d5:e8:42:e8:3b:2f:3f:34:cc:f9:dc:
80:e4:f2:fb:4e:9b:34:a2:b8:9e:12:10:88:76:86:
0c:9c:64:28:ed:9f:ac:f2:49:76:10:f3:98:9c:c7:
1b:8c:9f:45:11:b9:a2:77:86:c8:fe:08:78:71:92:
00:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:36:2F:41:E0:4B:3A:A4:03:FB:28:37:71:3F:6E:E7:D5:E1:B9:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjYvQeBLOqQD-yg3cT9u59XhuVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.6.0/24
194.87.30.0/24
194.87.209.0/24
212.192.7.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c5:96:d7:ed:78:2f:f5:c2:af:7f:84:25:71:31:76:87:19:
92:af:9f:6a:ba:ec:6d:87:86:31:e7:e7:aa:81:e0:4a:87:7c:
0f:3d:7f:69:38:bf:f5:39:07:38:3b:19:f7:9d:ac:27:5a:60:
6d:d4:33:02:96:0a:da:2d:fe:e5:6e:04:99:29:c5:59:07:a0:
36:b2:3c:85:6e:34:1a:1d:0e:f9:47:71:85:fd:11:1b:70:f5:
15:b3:08:2d:49:9a:6b:1f:87:62:62:c4:65:4d:81:9f:b8:c8:
c4:4b:24:d3:4e:e7:23:34:a5:05:7a:a2:b2:ed:1c:79:4d:7b:
75:d2:cd:87:2c:52:0f:41:4e:04:8c:6f:7c:b3:d3:6b:e8:1f:
da:f9:03:b5:db:7f:ae:46:7c:78:40:ca:a5:0e:6b:19:49:6a:
34:04:e4:7a:69:d1:97:30:45:2c:ec:c8:00:a0:0d:0e:4f:6f:
ae:b3:de:bb:d8:80:70:d4:ed:b3:6d:45:ed:9b:14:8a:06:b3:
e1:64:25:c4:fc:ac:21:f2:b7:e7:f4:10:b0:80:1c:0a:3c:00:
cc:9c:2a:87:05:9f:c9:f8:87:d4:46:7d:f7:47:c9:ed:cd:a3:
47:ea:9b:db:71:ff:f3:69:84:50:e0:c3:39:9e:4d:bc:3b:e0:
35:7e:de:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkB4o25yXBiUzYYXr+2RlstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjI4MTIwMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTM2MmY0MWUwNGIzYWE0MDNmYjI4Mzc3MTNmNmVlN2Q1ZTFiOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuagctTKhIak1dh5ceA9md0tmiRmE
nwuhcUrUbRI7IBSE3FqQTRplqmesg/tw8PrnD0+TCizaOhzcmJcDlHe4wTDXn0II
3VNN0F7Q6OLnK/L5Zaye+Wyf9T85x5zDrKVflC4ZC3mAwJyQQdurW48f5ZDo+ZFn
N2ywQFjxpQJ5J1HmoHcMVZpKZaFPAekTvtLcb6IrGQLiiH2w4FcTpyHtY2uxd17f
yAPbvfSk7XmMmT6RAbyctBkkmnTYJJNS09qqP4UBAMxv1ehC6DsvPzTM+dyA5PL7
Tps0orieEhCIdoYMnGQo7Z+s8kl2EPOYnMcbjJ9FEbmid4bI/gh4cZIA6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH42L0HgSzqkA/soN3E/bufV4blVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZmpZdlFlQkxPcVFELXlnM2NUOXU1OVhodVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwGAwQA
wlceAwQAwlfRAwQA1MAHMA0GCSqGSIb3DQEBCwUAA4IBAQACxZbX7Xgv9cKvf4Ql
cTF2hxmSr59quuxth4Yx5+eqgeBKh3wPPX9pOL/1OQc4Oxn3nawnWmBt1DMClgra
Lf7lbgSZKcVZB6A2sjyFbjQaHQ75R3GF/REbcPUVswgtSZprH4diYsRlTYGfuMjE
SyTTTucjNKUFeqKy7Rx5TXt10s2HLFIPQU4EjG98s9Nr6B/a+QO123+uRnx4QMql
DmsZSWo0BOR6adGXMEUs7MgAoA0OT2+us9672IBw1O2zbUXtmxSKBrPhZCXE/Kwh
8rfn9BCwgBwKPADMnCqHBZ/J+IfURn33R8ntzaNH6pvbcf/zaYRQ4MM5nk28O+A1
ft4U
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org