Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gFMqBp8JczbbCZPEcMDOLTXgAuM.roa
File: gFMqBp8JczbbCZPEcMDOLTXgAuM.roa (raw, json)
Hash identifier: ofwmnRrk6LFpvGda00RuUOOlWZrsv8dvPRpcEQAxehY=
Subject key identifier: 80:53:2A:06:9F:09:73:36:DB:09:93:C4:70:C0:CE:2D:35:E0:02:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A835AC76B06BCF18F9AF7EAFDEF032FD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gFMqBp8JczbbCZPEcMDOLTXgAuM.roa
Signing time: Fri 03 Mar 2023 16:02:15 +0000
ROA not before: Fri 03 Mar 2023 16:02:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 195.133.84.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:35:ac:76:b0:6b:cf:18:f9:af:7e:af:de:f0:32:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 3 16:02:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80532a069f097336db0993c470c0ce2d35e002e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:db:85:49:85:38:c6:65:ea:b0:22:3b:ec:f0:
97:82:d0:18:7b:3f:d8:f7:29:a7:53:d3:54:05:5e:
e4:38:c7:06:7e:c9:86:1d:95:63:b5:66:6b:0d:77:
4e:a6:fc:87:b1:98:a9:0f:1b:68:05:7a:6a:f9:79:
43:15:94:e5:35:e7:5e:2c:82:21:bf:47:24:22:ae:
d2:5a:84:0c:16:35:e9:3e:17:56:d7:5a:f3:b0:4c:
00:43:02:58:81:df:2e:fd:bf:a7:0a:03:c6:82:1a:
32:58:6c:2f:1f:d0:3d:c8:c8:e0:ed:71:e7:d7:7d:
f7:73:55:96:d1:5d:02:e6:22:e7:36:4d:f0:6e:4e:
47:35:92:f9:60:10:0c:17:aa:05:3c:05:2e:d5:f8:
f2:54:00:b4:55:0e:7d:e0:a4:a6:4a:42:17:b9:f4:
78:9b:06:f1:f6:de:8c:0c:d6:11:6a:49:69:fb:2b:
9f:6e:75:e9:9d:12:e8:18:f3:3b:e1:ef:4d:0c:b2:
c6:c1:91:09:43:d7:e9:12:a0:44:1c:54:78:34:3d:
47:ce:08:9a:95:57:ca:e5:9e:88:94:ef:0c:19:28:
48:27:7d:8d:28:21:c7:e1:44:5f:55:55:26:25:56:
bc:1c:d0:6a:b5:52:db:6d:c6:2b:af:bd:6e:3d:79:
5d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:53:2A:06:9F:09:73:36:DB:09:93:C4:70:C0:CE:2D:35:E0:02:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gFMqBp8JczbbCZPEcMDOLTXgAuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
193.124.94.0/24
194.58.58.0/24
194.87.220.0/24
195.133.14.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:3c:4b:50:1b:fe:81:61:b7:ff:50:86:78:8a:56:98:92:6a:
9d:04:ba:30:cc:dd:55:da:69:5e:27:e4:40:46:23:46:82:35:
11:90:40:4f:41:de:06:ab:75:8e:f2:e3:e5:7f:71:f6:8c:4c:
38:15:70:8d:38:e5:03:0c:eb:17:ba:5b:a4:33:0c:74:12:03:
45:29:67:68:cf:a7:f4:5a:bd:58:c9:c6:c9:ef:8e:01:d3:22:
ae:27:db:c8:50:f5:4a:95:3c:14:ee:43:6e:1a:ac:b3:bf:6b:
a7:ed:cb:65:7f:12:e6:8c:a3:49:94:4a:bf:a1:37:22:2c:d8:
8f:12:f6:64:1b:d7:54:c3:32:ba:c4:1a:36:62:c7:76:7b:3c:
9d:cd:dc:11:2c:84:20:58:4c:8d:15:db:9d:ae:17:bf:53:93:
e2:8f:de:14:96:b5:6b:b9:96:c1:c6:9f:cd:4c:b7:e0:b0:3e:
d4:5a:b2:3f:d0:d0:83:71:a6:55:3c:55:4c:81:d5:70:76:45:
b1:a1:79:aa:ec:87:06:2b:bb:16:14:2c:e5:7a:47:fe:ec:8a:
f0:0c:d7:6d:9f:37:f0:7d:bb:69:e4:46:94:fb:c4:f8:15:0b:
69:ad:bf:c8:88:d0:3c:98:e3:27:21:8a:90:90:f2:b2:4d:aa:
63:0a:76:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaoNax2sGvPGPmvfq/e8DL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAzMTYwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUzMmEwNjlmMDk3MzM2ZGIwOTkzYzQ3MGMwY2UyZDM1ZTAwMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9uFSYU4xmXqsCI77PCXgtAYez/Y
9ymnU9NUBV7kOMcGfsmGHZVjtWZrDXdOpvyHsZipDxtoBXpq+XlDFZTlNedeLIIh
v0ckIq7SWoQMFjXpPhdW11rzsEwAQwJYgd8u/b+nCgPGghoyWGwvH9A9yMjg7XHn
1333c1WW0V0C5iLnNk3wbk5HNZL5YBAMF6oFPAUu1fjyVAC0VQ594KSmSkIXufR4
mwbx9t6MDNYRaklp+yufbnXpnRLoGPM74e9NDLLGwZEJQ9fpEqBEHFR4ND1Hzgia
lVfK5Z6IlO8MGShIJ32NKCHH4URfVVUmJVa8HNBqtVLbbcYrr71uPXldOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIBTKgafCXM22wmTxHDAzi014ALjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ0ZNcUJwOEpjemJiQ1pQRWNNRE9MVFhnQXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwtAwQA
wXxeAwQAwjo6AwQAwlfcAwQAw4UOAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQBt
PEtQG/6BYbf/UIZ4ilaYkmqdBLowzN1V2mleJ+RARiNGgjURkEBPQd4Gq3WO8uPl
f3H2jEw4FXCNOOUDDOsXulukMwx0EgNFKWdoz6f0Wr1YycbJ744B0yKuJ9vIUPVK
lTwU7kNuGqyzv2un7ctlfxLmjKNJlEq/oTciLNiPEvZkG9dUwzK6xBo2Ysd2ezyd
zdwRLIQgWEyNFdudrhe/U5Pij94UlrVruZbBxp/NTLfgsD7UWrI/0NCDcaZVPFVM
gdVwdkWxoXmq7IcGK7sWFCzlekf+7IrwDNdtnzfwfbtp5EaU+8T4FQtprb/IiNA8
mOMnIYqQkPKyTapjCnZM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:09 2023 by rpki-client on console-fra.rpki-client.org