Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gQZO4RlaFPA5Sihm0HsYk1psutc.roa
File: gQZO4RlaFPA5Sihm0HsYk1psutc.roa (raw, json)
Hash identifier: zQP9Ukm6rszAkVTpcmLC1vwCWI8TwdJAa1UL1bYQhis=
Subject key identifier: 81:06:4E:E1:19:5A:14:F0:39:4A:28:66:D0:7B:18:93:5A:6C:BA:D7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185923B10D6D843F2198DD154F083D06C61
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gQZO4RlaFPA5Sihm0HsYk1psutc.roa
Signing time: Sun 08 Jan 2023 16:33:42 +0000
ROA not before: Sun 08 Jan 2023 16:33:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.58.155.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:92:3b:10:d6:d8:43:f2:19:8d:d1:54:f0:83:d0:6c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 8 16:33:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81064ee1195a14f0394a2866d07b18935a6cbad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:26:61:29:f0:7e:9a:05:b2:29:1c:72:1e:
f5:59:f3:56:01:f1:8a:7b:d7:38:7e:35:3d:95:65:
c3:e8:bc:30:53:30:8b:4e:26:b6:12:40:c0:ea:d9:
a1:bc:9f:33:39:93:ab:58:4b:43:be:67:c6:fa:eb:
1b:8d:64:2c:ec:b2:5f:35:a7:50:f8:78:6b:57:02:
cc:cd:c9:e0:dc:01:9c:6e:5d:c3:f0:b7:63:66:83:
c6:e4:c8:4f:62:53:c6:45:e9:ee:8b:e1:38:9d:9c:
9f:97:5e:69:eb:60:21:4a:78:06:c7:4e:99:b4:4b:
a1:08:13:2b:79:a0:ce:91:5d:27:88:dd:78:f4:1e:
b2:15:72:cc:a7:72:4d:3e:f2:b9:0f:21:8b:4e:c2:
ae:b9:75:00:84:75:e4:4a:19:63:01:00:d6:8a:4c:
c5:9b:5b:63:4a:21:62:81:0e:1f:26:51:75:96:ed:
9e:53:16:b5:44:a9:c9:c1:f8:e7:5a:a1:8d:f3:5c:
dc:0c:f6:4c:7f:ca:d2:3f:5f:b8:5c:0c:5f:e0:eb:
d6:4b:0c:6f:85:40:c5:31:b3:e1:e5:52:ed:06:4c:
83:b8:c5:eb:92:db:a5:21:5f:5f:6b:c3:81:7a:a8:
c8:04:4c:95:27:4e:14:1b:5f:a1:c4:d1:8e:80:05:
d0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:06:4E:E1:19:5A:14:F0:39:4A:28:66:D0:7B:18:93:5A:6C:BA:D7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gQZO4RlaFPA5Sihm0HsYk1psutc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.94.0/24
194.58.61.0/24
194.58.154.0/23
194.87.180.0/24
194.87.191.0/24
212.193.5.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
70:92:51:c1:25:8e:13:9c:42:41:47:b1:13:6b:13:a3:64:d7:
7a:11:07:5b:36:b2:33:20:43:72:66:9e:3f:54:3f:b8:53:cf:
56:86:73:7d:6c:49:6c:5c:7b:3c:56:c4:32:e1:c5:ba:a5:3e:
b3:38:e0:92:04:3d:4c:45:f7:25:ae:5f:37:0a:18:26:69:e0:
68:92:8b:d8:c2:e2:c5:53:b8:ab:3d:07:dc:e0:d0:17:f7:46:
df:ac:b8:88:18:80:75:e1:b9:9f:4a:3f:e3:a3:39:e6:3f:fd:
a1:57:3b:fe:e0:e1:9c:dc:62:04:6f:ee:65:44:25:98:4d:4d:
72:02:d4:c0:5c:bc:e8:f7:bb:47:d5:53:d0:99:48:ce:96:46:
d6:b3:57:53:b2:0a:47:9d:f6:33:d7:cd:e5:24:d8:14:e6:d3:
1d:40:cc:5f:db:ca:9d:88:94:06:95:cf:3b:f3:6b:6a:90:77:
dd:4f:34:a9:22:28:6e:82:ff:81:66:b7:cd:13:a3:31:05:0a:
ff:e1:11:d9:6f:ac:f2:bd:8c:87:5b:68:0e:1b:33:af:d9:ba:
2e:75:9c:57:5f:f6:b1:39:2a:92:92:b4:ee:42:de:4e:91:bf:
2f:dc:39:a1:a6:0f:34:6b:10:c2:7c:a6:63:30:5c:5d:f6:95:
4b:a1:08:84
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWSOxDW2EPyGY3RVPCD0GxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA4MTYzMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTA2NGVlMTE5NWExNGYwMzk0YTI4NjZkMDdiMTg5MzVhNmNiYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq4mYSnwfpoFsikcch71WfNWAfGK
e9c4fjU9lWXD6LwwUzCLTia2EkDA6tmhvJ8zOZOrWEtDvmfG+usbjWQs7LJfNadQ
+HhrVwLMzcng3AGcbl3D8LdjZoPG5MhPYlPGRenui+E4nZyfl15p62AhSngGx06Z
tEuhCBMreaDOkV0niN149B6yFXLMp3JNPvK5DyGLTsKuuXUAhHXkShljAQDWikzF
m1tjSiFigQ4fJlF1lu2eUxa1RKnJwfjnWqGN81zcDPZMf8rSP1+4XAxf4OvWSwxv
hUDFMbPh5VLtBkyDuMXrktulIV9fa8OBeqjIBEyVJ04UG1+hxNGOgAXQYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIEGTuEZWhTwOUooZtB7GJNabLrXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ1FaTzRSbGFGUEE1U2lobTBIc1lrMXBzdXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXxeAwQA
wjo9AwQBwjqaAwQAwle0AwQAwle/AwQA1MEFAwQA1MEJMA0GCSqGSIb3DQEBCwUA
A4IBAQBwklHBJY4TnEJBR7ETaxOjZNd6EQdbNrIzIENyZp4/VD+4U89WhnN9bEls
XHs8VsQy4cW6pT6zOOCSBD1MRfclrl83ChgmaeBokovYwuLFU7irPQfc4NAX90bf
rLiIGIB14bmfSj/joznmP/2hVzv+4OGc3GIEb+5lRCWYTU1yAtTAXLzo97tH1VPQ
mUjOlkbWs1dTsgpHnfYz183lJNgU5tMdQMxf28qdiJQGlc8782tqkHfdTzSpIihu
gv+BZrfNE6MxBQr/4RHZb6zyvYyHW2gOGzOv2boudZxXX/axOSqSkrTuQt5Okb8v
3Dmhpg80axDCfKZjMFxd9pVLoQiE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:09 2023 by rpki-client on console-fra.rpki-client.org