Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fx0E1XmQ52xen__ImzpK9exGQk8.roa
File: fx0E1XmQ52xen__ImzpK9exGQk8.roa (raw, json)
Hash identifier: dX9cgTXtzduoH9Un3FS8Rq7G72pfih6pOs/9MaWB7WI=
Subject key identifier: 7F:1D:04:D5:79:90:E7:6C:5E:9F:FF:C8:9B:3A:4A:F5:EC:46:42:4F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AA6C606DF3278E88F1B8EFDF176C9BBF1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fx0E1XmQ52xen__ImzpK9exGQk8.roa
Signing time: Mon 18 Sep 2023 05:31:50 +0000
ROA not before: Mon 18 Sep 2023 05:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 62.76.230.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:c6:06:df:32:78:e8:8f:1b:8e:fd:f1:76:c9:bb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 18 05:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f1d04d57990e76c5e9fffc89b3a4af5ec46424f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:51:18:97:33:5d:94:cd:d0:4d:83:95:b4:
5d:cc:9a:a5:7c:4a:3e:f9:68:d7:d6:c3:c8:bd:bf:
22:58:34:ee:56:99:43:9b:46:51:58:2f:e7:ae:97:
9e:62:84:13:c7:3d:09:55:cc:25:87:10:62:3e:6a:
a1:89:71:df:53:f6:3b:8d:17:fd:28:39:bb:cf:79:
0c:46:a5:51:d0:47:e8:50:e0:b1:66:3b:d3:72:73:
25:11:bf:e0:c2:e7:31:64:db:3d:b3:ed:95:44:f7:
c1:3d:c4:99:11:4c:a9:b8:0c:19:3e:07:e6:b7:d9:
86:b5:d6:9b:af:15:33:2d:ec:2f:ad:c3:b2:48:3c:
d6:53:5c:e3:69:1b:6e:72:41:d6:91:e9:01:81:55:
80:6b:94:ba:e8:f4:cf:73:3e:84:01:bb:49:11:5a:
de:44:81:3d:31:ba:ec:f6:f9:07:ed:41:1d:39:ba:
44:f3:28:52:06:89:78:4b:5b:79:71:f5:f2:5e:90:
e3:ed:e8:22:ff:18:ba:c9:55:04:de:fc:43:f7:a4:
e8:79:f3:ed:7e:02:f8:99:87:a2:f4:28:38:c2:00:
d8:b5:f6:38:56:90:f5:f3:ab:d3:48:38:86:1f:68:
b9:ee:ba:b6:a8:32:46:e8:db:f1:30:2c:53:dc:d4:
39:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1D:04:D5:79:90:E7:6C:5E:9F:FF:C8:9B:3A:4A:F5:EC:46:42:4F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fx0E1XmQ52xen__ImzpK9exGQk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.58.41.0/24
194.87.140.0/23
194.135.30.0/24
195.133.194.0/24
212.192.244.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:58:73:7a:63:e9:a2:c7:1d:06:0e:25:5a:ad:ff:a8:ce:21:
c9:21:41:cb:fa:2f:fc:da:44:f6:83:b9:57:60:41:94:55:ae:
5b:66:a6:6b:cd:c8:a4:71:3e:ea:c0:2a:a3:81:5b:49:25:96:
37:0f:1c:98:20:f3:8f:30:b9:86:5a:50:ff:e0:06:55:bb:49:
b5:00:5b:97:80:79:fd:17:cf:6e:ed:9f:6d:50:62:71:86:36:
c6:18:d2:7f:6b:82:60:3c:ea:54:9c:3d:20:da:0f:32:5e:52:
59:82:33:ee:cf:d2:ec:c6:e4:77:c5:98:09:63:09:df:6b:9d:
ac:60:e7:8e:2d:fd:95:e1:00:b0:b3:47:c4:17:cf:6f:94:29:
ca:18:bb:e6:e5:fa:3e:46:03:e0:19:0a:2e:19:95:14:cd:f8:
c4:73:4f:ac:39:8b:3a:d4:9d:18:ae:27:b3:48:48:68:c0:84:
f3:bb:4e:26:4f:f4:91:67:cf:4e:89:3a:6f:77:f3:99:25:ce:
83:b3:fb:3f:8a:bf:93:7f:da:68:78:46:1e:43:18:e7:3f:af:
dc:9f:1c:06:b9:d0:01:72:2a:5a:02:70:66:ed:3c:0a:a0:fc:
fe:89:c6:d5:f4:2d:e9:2a:67:b4:03:f9:c8:f6:3a:a0:3b:a1:
4c:8e:c2:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqmxgbfMnjojxuO/fF2ybvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE4MDUzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFkMDRkNTc5OTBlNzZjNWU5ZmZmYzg5YjNhNGFmNWVjNDY0MjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivBRGJczXZTN0E2DlbRdzJqlfEo+
+WjX1sPIvb8iWDTuVplDm0ZRWC/nrpeeYoQTxz0JVcwlhxBiPmqhiXHfU/Y7jRf9
KDm7z3kMRqVR0EfoUOCxZjvTcnMlEb/gwucxZNs9s+2VRPfBPcSZEUypuAwZPgfm
t9mGtdabrxUzLewvrcOySDzWU1zjaRtuckHWkekBgVWAa5S66PTPcz6EAbtJEVre
RIE9Mbrs9vkH7UEdObpE8yhSBol4S1t5cfXyXpDj7egi/xi6yVUE3vxD96ToefPt
fgL4mYei9Cg4wgDYtfY4VpD186vTSDiGH2i57rq2qDJG6NvxMCxT3NQ5OQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH8dBNV5kOdsXp//yJs6SvXsRkJPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZngwRTFYbVE1Mnhlbl9fSW16cEs5ZXhHUWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzmAwQA
wjopAwQBwleMAwQAwoceAwQAw4XCAwQA1MD0MA0GCSqGSIb3DQEBCwUAA4IBAQAN
WHN6Y+mixx0GDiVarf+oziHJIUHL+i/82kT2g7lXYEGUVa5bZqZrzcikcT7qwCqj
gVtJJZY3DxyYIPOPMLmGWlD/4AZVu0m1AFuXgHn9F89u7Z9tUGJxhjbGGNJ/a4Jg
POpUnD0g2g8yXlJZgjPuz9LsxuR3xZgJYwnfa52sYOeOLf2V4QCws0fEF89vlCnK
GLvm5fo+RgPgGQouGZUUzfjEc0+sOYs61J0YriezSEhowITzu04mT/SRZ89OiTpv
d/OZJc6Ds/s/ir+Tf9poeEYeQxjnP6/cnxwGudABcipaAnBm7TwKoPz+icbV9C3p
Kme0A/nI9jqgO6FMjsKT
-----END CERTIFICATE-----
Generated at Sat Sep 30 15:59:31 2023 by rpki-client on console-fra.rpki-client.org