Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gRHxRapiEFLujDSh4clPTuTW-FU.roa
File: gRHxRapiEFLujDSh4clPTuTW-FU.roa (raw, json)
Hash identifier: jBtqm9ZCaiTTAciRHsSh3H1eJGMzuBX831fK3Ey2RAY=
Subject key identifier: 81:11:F1:45:AA:62:10:52:EE:8C:34:A1:E1:C9:4F:4E:E4:D6:F8:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186502ED98BA843B5C601D1C9227BA51280
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gRHxRapiEFLujDSh4clPTuTW-FU.roa
Signing time: Tue 14 Feb 2023 13:48:12 +0000
ROA not before: Tue 14 Feb 2023 13:48:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 194.87.228.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:2e:d9:8b:a8:43:b5:c6:01:d1:c9:22:7b:a5:12:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 14 13:48:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8111f145aa621052ee8c34a1e1c94f4ee4d6f855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ce:83:50:0d:35:d0:14:c7:8a:32:34:2d:28:
39:d7:e0:8c:c8:7c:a6:04:b1:95:10:52:32:46:f0:
9c:ee:75:e1:60:d5:da:e9:b4:24:8b:c2:ae:cc:43:
dd:f3:a3:24:09:7c:e0:43:02:10:b1:42:bf:19:e4:
85:2a:10:cd:30:14:27:b9:ab:28:bb:25:a2:13:e7:
6e:39:4a:ce:e2:ea:e4:c1:95:e4:95:9b:52:48:2f:
0a:da:2c:64:02:9a:10:da:6d:93:7f:25:67:47:14:
f3:70:1c:82:0b:d7:9c:0e:cb:24:84:86:a6:dd:1e:
bd:ec:21:62:3b:3e:6e:44:fd:ff:cd:cd:5b:1e:db:
6c:3d:4c:27:76:ba:89:1a:d4:55:52:9c:45:de:0a:
3d:4d:4e:e2:ab:94:48:1c:e3:11:e6:42:9c:60:a9:
22:93:ab:5f:9e:5a:29:f4:42:3b:67:f4:5b:97:52:
f6:1a:fc:5d:05:f2:81:b1:c5:cc:1e:d5:54:9c:61:
5f:c3:2f:d9:50:dc:b3:16:e4:bb:19:7d:78:07:78:
48:0a:60:73:d8:ce:2e:4c:0e:9c:f9:8e:74:85:bd:
4a:9c:40:25:f9:d2:fb:1f:ab:1d:93:c4:7d:db:c5:
ed:0b:a7:bb:e5:4e:c7:30:de:c0:00:88:dd:5b:07:
09:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:11:F1:45:AA:62:10:52:EE:8C:34:A1:E1:C9:4F:4E:E4:D6:F8:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gRHxRapiEFLujDSh4clPTuTW-FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
194.87.228.0/24
195.58.55.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
83:20:c9:b9:ff:75:7d:76:08:9c:7b:24:24:06:ab:5b:51:4b:
93:17:b4:d4:4a:f1:0c:b0:3d:af:44:25:69:98:85:7c:4e:9f:
0e:a5:35:4a:0c:9f:16:ae:5c:fd:a4:c5:08:6f:3b:3e:c3:a4:
bd:35:2e:28:6d:a0:84:8a:77:e1:5c:04:65:36:62:24:be:42:
89:5d:f9:2a:9d:c3:83:f6:c4:14:7e:9e:bf:23:9a:36:dc:b0:
8a:46:99:2a:86:57:30:60:2c:93:e6:ab:7b:d0:2b:43:20:47:
d9:18:ed:ab:77:2e:cf:34:04:c5:39:86:20:12:3e:72:46:ee:
a3:5d:4e:2d:ae:b1:7c:5a:13:f1:0a:c3:de:16:81:43:fd:43:
29:a5:db:fc:13:97:7f:e6:1e:87:ad:06:ab:a1:d8:70:4a:b5:
69:3b:9e:cc:a6:59:45:28:dd:c1:da:0d:4c:79:7e:0f:8a:13:
99:c7:ae:08:ea:80:87:02:11:93:27:30:09:bc:dc:28:97:25:
75:6f:b6:6b:7d:71:cd:bf:05:3c:65:ed:77:f2:2f:9b:89:51:
fa:67:51:16:8e:5d:07:57:83:ff:23:e2:5f:fb:a3:82:d4:81:
c9:1a:06:7b:ab:1a:64:ba:50:ce:6a:8a:69:9b:6a:53:b9:02:
f3:ba:f1:7a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZQLtmLqEO1xgHRySJ7pRKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjE0MTM0ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTExZjE0NWFhNjIxMDUyZWU4YzM0YTFlMWM5NGY0ZWU0ZDZmODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic6DUA010BTHijI0LSg51+CMyHym
BLGVEFIyRvCc7nXhYNXa6bQki8KuzEPd86MkCXzgQwIQsUK/GeSFKhDNMBQnuaso
uyWiE+duOUrO4urkwZXklZtSSC8K2ixkApoQ2m2TfyVnRxTzcByCC9ecDsskhIam
3R697CFiOz5uRP3/zc1bHttsPUwndrqJGtRVUpxF3go9TU7iq5RIHOMR5kKcYKki
k6tfnlop9EI7Z/Rbl1L2GvxdBfKBscXMHtVUnGFfwy/ZUNyzFuS7GX14B3hICmBz
2M4uTA6c+Y50hb1KnEAl+dL7H6sdk8R928XtC6e75U7HMN7AAIjdWwcJoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIER8UWqYhBS7ow0oeHJT07k1vhVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ1JIeFJhcGlFRkx1akRTaDRjbFBUdVRXLUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXxbAwQA
wXxfAwQAwlfkAwQAwzo3AwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQCDIMm5/3V9
dgiceyQkBqtbUUuTF7TUSvEMsD2vRCVpmIV8Tp8OpTVKDJ8Wrlz9pMUIbzs+w6S9
NS4obaCEinfhXARlNmIkvkKJXfkqncOD9sQUfp6/I5o23LCKRpkqhlcwYCyT5qt7
0CtDIEfZGO2rdy7PNATFOYYgEj5yRu6jXU4trrF8WhPxCsPeFoFD/UMppdv8E5d/
5h6HrQarodhwSrVpO57MpllFKN3B2g1MeX4PihOZx64I6oCHAhGTJzAJvNwolyV1
b7ZrfXHNvwU8Ze138i+biVH6Z1EWjl0HV4P/I+Jf+6OC1IHJGgZ7qxpkulDOaopp
m2pTuQLzuvF6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org