Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gnGlKqBMDGnMNYBuu6pHIdZQMQA.roa
File: gnGlKqBMDGnMNYBuu6pHIdZQMQA.roa (raw, json)
Hash identifier: FhjnheRIlSk0EnrR54hsfRxSQRiRzUZ6OvSXHbNvlX8=
Subject key identifier: 82:71:A5:2A:A0:4C:0C:69:CC:35:80:6E:BB:AA:47:21:D6:50:31:00
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B47722C26B9E03A3470960A60C21646E1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gnGlKqBMDGnMNYBuu6pHIdZQMQA.roa
Signing time: Thu 19 Oct 2023 10:19:06 +0000
ROA not before: Thu 19 Oct 2023 10:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 146943
IP address blocks: 194.87.204.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.26.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:72:2c:26:b9:e0:3a:34:70:96:0a:60:c2:16:46:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 19 10:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8271a52aa04c0c69cc35806ebbaa4721d6503100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:83:44:b9:86:f7:47:3c:23:2e:0f:fa:27:88:
7d:20:d8:16:0f:e0:1b:e6:20:34:a3:69:fd:72:ad:
05:17:86:7c:dd:9a:be:58:48:bb:d9:c0:bb:12:04:
78:61:f2:7f:1c:b6:66:aa:36:66:a7:e6:88:1a:3f:
1a:2d:14:23:16:02:59:3b:ed:e7:6b:ec:51:09:62:
cf:98:8a:9d:7e:f6:6b:f7:6d:b0:9b:59:d6:9e:9b:
fc:75:92:fa:d3:d5:11:f3:9f:65:ab:36:ab:01:cb:
22:8a:2d:62:d8:9f:e9:73:10:49:19:cd:74:ee:61:
06:49:0f:73:76:e3:73:74:78:ad:e0:af:a5:5b:b9:
e6:a6:a7:20:7d:83:d1:82:ce:fc:01:93:98:9d:6e:
45:cb:4d:e7:43:19:01:b5:7e:61:9f:94:7d:38:d4:
95:fc:c7:60:1f:ce:d2:cf:af:08:f5:57:35:7c:9c:
6d:77:4c:ea:34:6f:9c:17:cc:b1:30:67:dd:46:da:
99:d8:2c:72:b8:a1:1e:ce:9c:4a:c2:1e:bb:58:a3:
6d:f0:09:c9:c7:c8:a8:02:4d:d9:a6:15:94:95:52:
4c:e8:5e:65:9b:78:14:d6:b2:11:8f:30:fb:4e:50:
cb:ac:f6:31:30:48:d2:c5:fb:43:30:ee:ec:4d:7c:
51:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:71:A5:2A:A0:4C:0C:69:CC:35:80:6E:BB:AA:47:21:D6:50:31:00
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gnGlKqBMDGnMNYBuu6pHIdZQMQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.204.0/24
212.192.244.0/24
212.193.24.0/24
212.193.26.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a2:e9:6f:18:20:78:3d:db:f0:d1:6d:3e:09:0a:c3:dc:07:
7e:fc:7f:31:a3:29:15:7a:f9:59:91:bc:01:1e:6b:e9:7c:20:
a4:06:b8:a5:3a:60:b9:53:5f:bf:9e:71:df:5d:53:a2:b8:0d:
a3:d0:6b:58:41:4c:b2:0a:39:43:21:ba:1f:5b:6c:51:9e:bb:
8f:91:41:42:dd:95:fd:7e:68:af:7d:48:f0:74:df:d7:f6:38:
9e:dd:85:2f:09:23:b8:d2:78:5d:a0:18:ae:b6:94:aa:9f:e5:
a5:4d:37:64:e0:7c:eb:6c:f1:af:68:25:ee:93:f9:57:ba:b8:
93:c9:a7:53:84:e0:76:a2:30:c9:84:66:fe:aa:dd:26:84:d4:
4a:2f:03:c1:54:34:50:80:d6:bc:42:45:28:48:a6:de:a0:e5:
5b:81:c0:26:ad:90:08:80:00:0f:3d:ff:b6:95:10:f3:51:3e:
25:22:2e:3f:23:e0:f3:e4:c6:c9:81:f3:ba:3a:f7:5d:68:cf:
67:57:d5:cc:c8:56:81:e9:e7:99:0c:81:61:f1:4b:43:d5:f2:
e5:d8:11:10:78:27:f6:0e:1f:5c:5f:6b:60:59:09:05:11:c9:
9d:ef:2f:45:0e:8d:e7:8b:49:76:62:9e:6f:a3:cc:89:3f:80:
2c:97:4b:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtHciwmueA6NHCWCmDCFkbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE5MTAxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcxYTUyYWEwNGMwYzY5Y2MzNTgwNmViYmFhNDcyMWQ2NTAzMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4NEuYb3RzwjLg/6J4h9INgWD+Ab
5iA0o2n9cq0FF4Z83Zq+WEi72cC7EgR4YfJ/HLZmqjZmp+aIGj8aLRQjFgJZO+3n
a+xRCWLPmIqdfvZr922wm1nWnpv8dZL609UR859lqzarAcsiii1i2J/pcxBJGc10
7mEGSQ9zduNzdHit4K+lW7nmpqcgfYPRgs78AZOYnW5Fy03nQxkBtX5hn5R9ONSV
/MdgH87Sz68I9Vc1fJxtd0zqNG+cF8yxMGfdRtqZ2CxyuKEezpxKwh67WKNt8AnJ
x8ioAk3ZphWUlVJM6F5lm3gU1rIRjzD7TlDLrPYxMEjSxftDMO7sTXxRswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIJxpSqgTAxpzDWAbruqRyHWUDEAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ25HbEtxQk1ER25NTllCdXU2cEhJZFpRTVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlfMAwQA
1MD0AwQA1MEYAwQA1MEaMA0GCSqGSIb3DQEBCwUAA4IBAQCJoulvGCB4Pdvw0W0+
CQrD3Ad+/H8xoykVevlZkbwBHmvpfCCkBrilOmC5U1+/nnHfXVOiuA2j0GtYQUyy
CjlDIbofW2xRnruPkUFC3ZX9fmivfUjwdN/X9jie3YUvCSO40nhdoBiutpSqn+Wl
TTdk4HzrbPGvaCXuk/lXuriTyadThOB2ojDJhGb+qt0mhNRKLwPBVDRQgNa8QkUo
SKbeoOVbgcAmrZAIgAAPPf+2lRDzUT4lIi4/I+Dz5MbJgfO6OvddaM9nV9XMyFaB
6eeZDIFh8UtD1fLl2BEQeCf2Dh9cX2tgWQkFEcmd7y9FDo3ni0l2Yp5vo8yJP4As
l0sX
-----END CERTIFICATE-----
Generated at Wed Oct 25 08:17:54 2023 by rpki-client on console-fra.rpki-client.org