Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gSzOic4QQkkzm841myUleUhZdLc.roa
File: gSzOic4QQkkzm841myUleUhZdLc.roa (raw, json)
Hash identifier: ykBMiMQlNMlkdBOYi5Tktmrb8/1DjUchUxNxymcHxZw=
Subject key identifier: 81:2C:CE:89:CE:10:42:49:33:9B:CE:35:9B:25:25:79:48:59:74:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189ABB6C05B78B7DDC3CA2A3E4D66FE8645
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gSzOic4QQkkzm841myUleUhZdLc.roa
Signing time: Mon 31 Jul 2023 11:30:27 +0000
ROA not before: Mon 31 Jul 2023 11:30:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 195.133.80.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:b6:c0:5b:78:b7:dd:c3:ca:2a:3e:4d:66:fe:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 31 11:30:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=812cce89ce104249339bce359b252579485974b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:83:d3:ce:2e:7d:43:92:ff:0e:e0:39:da:d1:
51:bb:c9:c6:59:68:a6:9f:3e:36:3b:d1:b2:2c:b1:
aa:70:ac:85:1c:70:bc:d3:b2:c2:5d:a8:4d:f5:c3:
7e:14:7b:0d:6c:14:82:64:75:ad:f9:69:ba:ee:91:
62:81:06:96:8e:db:03:99:c0:4b:eb:8a:4c:4c:a9:
8d:8f:fa:8d:23:88:6c:c9:e5:ad:83:1f:00:42:17:
7e:d2:63:38:21:da:2e:d7:a2:5b:c8:66:55:c6:31:
a8:81:75:92:d1:9e:da:b0:b1:44:b7:82:75:06:42:
9b:9b:df:be:6b:74:87:b4:ed:04:86:17:ea:23:ee:
ff:b5:e9:fc:35:0e:2e:4d:4a:71:8b:d8:37:9e:69:
a0:ef:12:cf:44:1c:23:22:4d:6c:25:13:7a:82:6e:
47:9c:0f:4b:10:bc:db:b3:00:cd:09:cc:8f:f1:c1:
20:8e:ee:96:d0:39:61:eb:87:04:5a:91:21:12:e9:
89:24:58:0e:0e:1a:73:aa:f1:8e:aa:c8:42:eb:2a:
2f:18:cd:50:23:8c:c1:c4:71:da:81:09:86:93:c6:
27:bd:8e:be:95:bc:5e:0e:e2:e4:77:ab:6b:3c:d0:
47:7b:bd:95:2b:1a:18:dc:0c:ed:d7:d8:bc:6b:ad:
2a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2C:CE:89:CE:10:42:49:33:9B:CE:35:9B:25:25:79:48:59:74:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gSzOic4QQkkzm841myUleUhZdLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.25.0/24
194.87.182.0/24
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
27:51:e5:67:17:91:6c:39:c5:39:2b:d7:d0:68:f9:bd:4f:68:
12:a1:95:86:46:18:de:bf:1d:fc:ca:54:c1:0e:86:e2:25:3b:
df:f6:02:bc:50:b0:ba:3c:0c:4a:9b:98:ef:2c:12:32:52:d1:
f7:c8:97:2e:e9:3c:be:de:ef:89:22:62:0e:fb:91:fe:86:84:
70:56:87:78:0c:2b:5c:58:ea:6a:70:67:81:17:83:04:6a:f5:
09:57:bb:94:34:74:ce:4d:9e:e1:2e:83:4b:28:70:34:92:ac:
8b:4d:c8:89:d4:2c:28:03:56:5d:70:1e:97:40:5c:1e:43:45:
70:6d:bc:e5:97:dd:ac:80:90:dc:42:e2:d8:98:5a:11:bc:f4:
5b:10:38:3b:7a:f8:a8:12:f2:0b:38:ce:46:dc:33:73:5a:26:
29:f3:48:15:fc:96:56:96:d3:6f:1e:83:f4:35:74:15:11:e5:
e8:4b:bd:07:16:57:a6:2f:5e:30:42:4b:ee:0a:a4:5e:6d:c8:
ca:d5:12:d7:1c:7d:cc:bf:d0:1d:53:73:06:9e:3d:e5:cc:50:
82:53:82:68:28:7d:db:ea:c2:2d:92:07:f4:57:68:e9:56:e7:
6f:0e:e8:30:26:aa:0a:7f:93:fd:00:ef:92:df:b4:eb:fb:ab:
c0:5b:14:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmrtsBbeLfdw8oqPk1m/oZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzMxMTEzMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTJjY2U4OWNlMTA0MjQ5MzM5YmNlMzU5YjI1MjU3OTQ4NTk3NGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoPTzi59Q5L/DuA52tFRu8nGWWim
nz42O9GyLLGqcKyFHHC807LCXahN9cN+FHsNbBSCZHWt+Wm67pFigQaWjtsDmcBL
64pMTKmNj/qNI4hsyeWtgx8AQhd+0mM4Idou16JbyGZVxjGogXWS0Z7asLFEt4J1
BkKbm9++a3SHtO0EhhfqI+7/ten8NQ4uTUpxi9g3nmmg7xLPRBwjIk1sJRN6gm5H
nA9LELzbswDNCcyP8cEgju6W0Dlh64cEWpEhEumJJFgODhpzqvGOqshC6yovGM1Q
I4zBxHHagQmGk8YnvY6+lbxeDuLkd6trPNBHe72VKxoY3Azt19i8a60q/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIEszonOEEJJM5vONZslJXlIWXS3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ1N6T2ljNFFRa2t6bTg0MW15VWxlVWhaZExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcZAwQA
wle2AwQAw4VQMA0GCSqGSIb3DQEBCwUAA4IBAQAnUeVnF5FsOcU5K9fQaPm9T2gS
oZWGRhjevx38ylTBDobiJTvf9gK8ULC6PAxKm5jvLBIyUtH3yJcu6Ty+3u+JImIO
+5H+hoRwVod4DCtcWOpqcGeBF4MEavUJV7uUNHTOTZ7hLoNLKHA0kqyLTciJ1Cwo
A1ZdcB6XQFweQ0Vwbbzll92sgJDcQuLYmFoRvPRbEDg7evioEvILOM5G3DNzWiYp
80gV/JZWltNvHoP0NXQVEeXoS70HFlemL14wQkvuCqRebcjK1RLXHH3Mv9AdU3MG
nj3lzFCCU4JoKH3b6sItkgf0V2jpVudvDugwJqoKf5P9AO+S37Tr+6vAWxT+
-----END CERTIFICATE-----
Generated at Mon Jul 31 12:30:18 2023 by rpki-client on console-ams.rpki-client.org