Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g-tyNsRJK-pYDyXB3lheAejrNAQ.roa
File: g-tyNsRJK-pYDyXB3lheAejrNAQ.roa (raw, json)
Hash identifier: UHy00j2RZcRncPHbeak13m9PXMOLqs5D5RV8PIf2beE=
Subject key identifier: 83:EB:72:36:C4:49:2B:EA:58:0F:25:C1:DE:58:5E:01:E8:EB:34:04
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187526EEE40767E1BA8FD61977FEF6A461F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g-tyNsRJK-pYDyXB3lheAejrNAQ.roa
Signing time: Wed 05 Apr 2023 17:20:14 +0000
ROA not before: Wed 05 Apr 2023 17:20:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.151.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:6e:ee:40:76:7e:1b:a8:fd:61:97:7f:ef:6a:46:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 17:20:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83eb7236c4492bea580f25c1de585e01e8eb3404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:a7:cb:78:25:a8:3e:d5:e2:f2:8c:33:20:
6f:11:3b:21:a4:52:1b:33:04:bb:d0:3c:0e:db:af:
2a:f6:40:ff:32:52:1f:fa:f0:6d:f3:09:38:1d:2b:
97:ad:bd:cc:0e:bc:8a:86:d6:5c:58:73:74:8f:1b:
8c:d1:35:50:78:95:eb:f2:c2:29:5e:2e:9d:85:65:
d2:26:7a:32:16:c2:a1:98:4d:dc:49:ab:07:33:f8:
7f:28:26:f0:17:ad:71:73:3b:10:37:46:7e:bb:e5:
90:b8:9b:8f:8a:b6:59:27:18:ba:90:0e:d5:cd:2a:
13:32:9c:a1:60:68:53:bb:79:b1:b1:62:d2:d3:2e:
08:38:6c:5d:61:5f:c9:ae:7a:34:1e:d2:6e:af:ef:
55:4d:05:2e:72:1e:45:3e:fc:0e:08:ab:7f:4f:b6:
2a:6a:6e:b6:0a:bd:06:2a:02:c8:b8:d4:21:92:28:
fa:49:3d:32:6b:73:00:55:f8:73:41:74:c5:6c:96:
f8:2a:bb:f9:f1:9d:4e:a8:01:22:7e:c2:f4:03:b6:
84:f6:e6:91:31:4c:b3:9b:09:bb:48:bb:0e:0a:8d:
a9:7e:0b:ab:70:4a:af:14:39:72:66:cb:94:50:5f:
78:ea:6f:9c:b0:d7:9e:2b:25:b4:8a:2d:e5:e4:31:
94:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EB:72:36:C4:49:2B:EA:58:0F:25:C1:DE:58:5E:01:E8:EB:34:04
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g-tyNsRJK-pYDyXB3lheAejrNAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.151.0/24
195.133.18.0/24
212.192.241.0-212.192.242.255
Signature Algorithm: sha256WithRSAEncryption
63:90:f5:25:fb:99:52:ed:a5:a2:32:9a:18:f3:02:fa:a3:10:
47:a0:d7:1e:80:66:5f:76:d6:0d:2d:3b:9f:56:f3:05:77:52:
e8:d5:d5:54:62:a1:7e:65:75:e6:30:60:ae:aa:bf:16:34:0d:
4d:b5:af:53:0d:01:44:bb:74:3c:89:55:d4:65:db:c0:b7:ed:
3b:38:d1:a0:e6:d4:1a:6c:34:03:6a:9d:41:f4:e8:14:29:5e:
d3:4e:15:5d:5e:52:12:49:d3:76:4d:30:e5:77:39:4e:06:a0:
95:84:33:4c:a7:ec:f7:fb:f7:0e:9d:82:ee:b5:ca:dc:b9:0b:
35:e4:b0:c5:46:12:cb:6f:e3:02:e4:69:16:c6:9a:25:d8:a9:
ef:41:57:4e:17:a4:41:e2:62:7c:df:4e:a0:23:b5:0d:5d:dd:
a6:6c:88:77:dc:52:70:e4:77:71:0b:8d:b6:90:b8:2a:bb:43:
d1:fb:95:6c:38:7c:ec:a6:e3:43:bd:13:90:01:c6:a7:21:79:
23:d6:90:10:6f:74:d4:ee:5f:ed:bb:00:a0:44:7b:5c:c2:66:
07:97:94:3a:35:cb:59:f0:23:82:de:6a:7c:8f:ec:4a:39:68:
a3:c4:3a:f7:8d:15:27:f8:9a:1d:1b:80:5f:7f:3e:ad:9c:0d:
37:ef:eb:fb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdSbu5Adn4bqP1hl3/vakYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTcyMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ViNzIzNmM0NDkyYmVhNTgwZjI1YzFkZTU4NWUwMWU4ZWIzNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgWny3glqD7V4vKMMyBvETshpFIb
MwS70DwO268q9kD/MlIf+vBt8wk4HSuXrb3MDryKhtZcWHN0jxuM0TVQeJXr8sIp
Xi6dhWXSJnoyFsKhmE3cSasHM/h/KCbwF61xczsQN0Z+u+WQuJuPirZZJxi6kA7V
zSoTMpyhYGhTu3mxsWLS0y4IOGxdYV/Jrno0HtJur+9VTQUuch5FPvwOCKt/T7Yq
am62Cr0GKgLIuNQhkij6ST0ya3MAVfhzQXTFbJb4Krv58Z1OqAEifsL0A7aE9uaR
MUyzmwm7SLsOCo2pfgurcEqvFDlyZsuUUF946m+csNeeKyW0ii3l5DGUrQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIPrcjbESSvqWA8lwd5YXgHo6zQEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZy10eU5zUkpLLXBZRHlYQjNsaGVBZWpyTkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwleXAwQA
w4USMAwDBADUwPEDBADUwPIwDQYJKoZIhvcNAQELBQADggEBAGOQ9SX7mVLtpaIy
mhjzAvqjEEeg1x6AZl921g0tO59W8wV3UujV1VRioX5ldeYwYK6qvxY0DU21r1MN
AUS7dDyJVdRl28C37Ts40aDm1BpsNANqnUH06BQpXtNOFV1eUhJJ03ZNMOV3OU4G
oJWEM0yn7Pf79w6dgu61yty5CzXksMVGEstv4wLkaRbGmiXYqe9BV04XpEHiYnzf
TqAjtQ1d3aZsiHfcUnDkd3ELjbaQuCq7Q9H7lWw4fOym40O9E5ABxqcheSPWkBBv
dNTuX+27AKBEe1zCZgeXlDo1y1nwI4LeanyP7Eo5aKPEOveNFSf4mh0bgF9/Pq2c
DTfv6/s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org