Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/guNNxoEFzL2dZOpn2ZRoFt5dE2o.roa
File: guNNxoEFzL2dZOpn2ZRoFt5dE2o.roa (raw, json)
Hash identifier: lBl94SJkUy7I3QHUamN/aWXk3QTEieTY0M5v9o21J60=
Subject key identifier: 82:E3:4D:C6:81:05:CC:BD:9D:64:EA:67:D9:94:68:16:DE:5D:13:6A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C1091D3E25F536D33E9E3581D2C2D0FC2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/guNNxoEFzL2dZOpn2ZRoFt5dE2o.roa
Signing time: Mon 27 Nov 2023 11:37:21 +0000
ROA not before: Mon 27 Nov 2023 11:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 195.58.35.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:91:d3:e2:5f:53:6d:33:e9:e3:58:1d:2c:2d:0f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 11:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82e34dc68105ccbd9d64ea67d9946816de5d136a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5b:20:b6:05:13:99:4d:74:59:2f:15:21:ad:
59:1a:64:03:fe:0c:db:84:78:ee:88:f9:7c:a8:fd:
8e:5c:28:f7:00:36:ca:2f:13:ee:88:aa:2e:39:a7:
8f:47:67:c9:d5:7e:ba:33:a2:bb:41:dc:cd:56:47:
c2:95:05:71:bb:86:4f:d3:08:2e:7f:f7:bb:c4:e3:
72:29:37:95:cd:dc:1d:5d:3a:13:56:33:27:26:9e:
2d:43:df:39:4d:7c:a7:42:18:4e:b1:9a:12:11:d8:
e2:e4:2a:5c:e3:85:63:e4:34:0e:da:ca:c5:b6:db:
7d:8d:ed:37:7c:05:d1:00:9e:b7:8e:2b:a9:d3:2a:
41:c1:51:a8:d7:aa:86:32:a5:3b:ac:9a:c3:60:e9:
b3:af:e1:a9:3d:94:e4:fd:ff:5e:83:f0:d7:68:e1:
6c:d2:eb:4c:25:47:1a:fe:b1:12:b6:2a:79:9d:7d:
a4:a0:c5:ab:61:a9:8f:d1:74:0d:94:fe:d3:09:f6:
48:df:92:8f:29:65:c4:c3:d4:7a:1c:7b:ea:36:ef:
7e:6c:7c:59:00:44:bb:da:c0:68:9e:9b:b8:a3:dd:
d4:53:ae:2a:81:54:94:2a:9e:97:df:2a:0d:2a:dd:
11:9e:67:05:c6:8f:02:b6:f2:68:bb:69:ae:07:4c:
d2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E3:4D:C6:81:05:CC:BD:9D:64:EA:67:D9:94:68:16:DE:5D:13:6A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/guNNxoEFzL2dZOpn2ZRoFt5dE2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.35.0/24
195.58.38.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
94:3e:6c:0b:36:9a:2b:50:4e:cf:ff:78:dd:55:f8:d6:5b:5e:
c3:f9:bd:6a:96:21:6b:82:98:c8:89:8b:a6:9d:8e:f3:f8:e1:
6c:8f:0b:91:47:6f:2b:45:cd:26:96:90:57:35:95:fd:c0:b9:
e9:ff:b2:9b:9b:47:c1:18:fb:66:04:ea:f3:e7:f5:5b:e7:bd:
d7:76:a4:49:12:14:c5:4a:72:4a:fc:2d:dc:31:9e:5c:f2:a6:
d6:31:7b:8d:3c:45:af:db:54:db:3f:3a:69:d5:2e:b0:04:54:
15:88:d4:7c:d9:a1:91:a2:ce:63:d1:af:13:6a:a5:0a:d3:35:
16:48:84:a2:6c:5e:47:08:e8:54:c4:57:23:a3:e3:75:fb:4b:
05:30:68:5a:06:b4:9d:5b:f1:7a:b1:e6:df:3b:e2:85:b7:a6:
fc:4d:13:c2:72:5e:01:6e:94:d8:9d:f0:1a:1a:d9:03:37:09:
fd:b8:04:1c:2c:92:c6:eb:3f:a4:7b:e7:95:24:94:88:d2:78:
da:73:a3:e3:8b:bb:97:81:0d:e9:50:03:83:31:80:25:c5:4f:
b8:6c:d4:99:d9:23:84:b3:57:7d:b2:7b:d3:fc:71:fe:8c:aa:
4f:73:de:cc:28:d4:9c:5a:35:bd:65:0b:06:57:4c:00:be:c4:
db:22:31:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwQkdPiX1NtM+njWB0sLQ/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI3MTEzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUzNGRjNjgxMDVjY2JkOWQ2NGVhNjdkOTk0NjgxNmRlNWQxMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FsgtgUTmU10WS8VIa1ZGmQD/gzb
hHjuiPl8qP2OXCj3ADbKLxPuiKouOaePR2fJ1X66M6K7QdzNVkfClQVxu4ZP0wgu
f/e7xONyKTeVzdwdXToTVjMnJp4tQ985TXynQhhOsZoSEdji5Cpc44Vj5DQO2srF
ttt9je03fAXRAJ63jiup0ypBwVGo16qGMqU7rJrDYOmzr+GpPZTk/f9eg/DXaOFs
0utMJUca/rEStip5nX2koMWrYamP0XQNlP7TCfZI35KPKWXEw9R6HHvqNu9+bHxZ
AES72sBonpu4o93UU64qgVSUKp6X3yoNKt0RnmcFxo8CtvJou2muB0zSlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILjTcaBBcy9nWTqZ9mUaBbeXRNqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ3VOTnhvRUZ6TDJkWk9wbjJaUm9GdDVkRTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwzojAwQA
wzomAwQA1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQCUPmwLNporUE7P/3jdVfjWW17D
+b1qliFrgpjIiYumnY7z+OFsjwuRR28rRc0mlpBXNZX9wLnp/7Kbm0fBGPtmBOrz
5/Vb573XdqRJEhTFSnJK/C3cMZ5c8qbWMXuNPEWv21TbPzpp1S6wBFQViNR82aGR
os5j0a8TaqUK0zUWSISibF5HCOhUxFcjo+N1+0sFMGhaBrSdW/F6sebfO+KFt6b8
TRPCcl4BbpTYnfAaGtkDNwn9uAQcLJLG6z+ke+eVJJSI0njac6Pji7uXgQ3pUAOD
MYAlxU+4bNSZ2SOEs1d9snvT/HH+jKpPc97MKNScWjW9ZQsGV0wAvsTbIjHO
-----END CERTIFICATE-----
Generated at Mon Dec 4 12:25:38 2023 by rpki-client on console-ams.rpki-client.org