Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hFEU6mn6B85ALbCwmtekMXMVYFc.roa
File: hFEU6mn6B85ALbCwmtekMXMVYFc.roa (raw, json)
Hash identifier: L/M/U0VtgGBapYq+Dgy7cyXtrCDd8MCioMEwQ+iHheI=
Subject key identifier: 84:51:14:EA:69:FA:07:CE:40:2D:B0:B0:9A:D7:A4:31:73:15:60:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D8EF087E598A85649824008791D61B26
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hFEU6mn6B85ALbCwmtekMXMVYFc.roa
Signing time: Tue 20 Jun 2023 13:12:03 +0000
ROA not before: Tue 20 Jun 2023 13:12:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 212.193.15.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:ef:08:7e:59:8a:85:64:98:24:00:87:91:d6:1b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 20 13:12:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=845114ea69fa07ce402db0b09ad7a43173156057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bb:7d:ee:90:9e:f2:dc:a6:a4:64:39:34:01:
76:0f:75:d0:e1:a3:a7:49:39:70:08:94:f6:1a:0c:
59:9a:ff:14:d2:6b:7a:75:11:45:2e:51:aa:49:75:
09:4e:da:4a:d8:6c:eb:de:b1:17:e5:1d:76:ee:67:
72:b1:49:af:83:18:45:73:11:e7:10:1c:6c:96:82:
12:02:4f:c8:95:d9:54:e5:39:eb:6c:87:ef:a4:63:
5c:bf:cb:77:8e:d9:e5:d0:74:8c:15:28:25:47:f2:
30:86:9e:e3:43:5b:98:9c:e1:11:2a:dd:a9:03:8d:
e5:f1:b2:d4:b7:1d:8d:8b:64:bf:5c:0e:bf:40:98:
47:a0:9d:a6:b7:b2:bb:88:76:8f:25:56:59:36:7c:
45:9f:42:a8:6d:83:dd:dd:14:11:8c:bb:6a:4b:7a:
ea:0c:77:a3:07:40:97:33:1f:ff:a1:d0:ad:20:bd:
0e:c8:d0:80:dc:c3:6a:a3:ec:35:a8:06:66:5c:4c:
d1:ab:c6:53:bf:ea:40:fc:a1:47:e7:38:33:cd:fe:
63:37:41:fd:aa:0c:8c:e4:0f:c7:43:4c:f2:96:3c:
c5:24:06:43:c0:76:fc:f7:da:a7:ad:2b:c3:05:d7:
a3:e4:f4:ab:e8:53:01:59:37:5b:65:aa:38:eb:4e:
ac:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:51:14:EA:69:FA:07:CE:40:2D:B0:B0:9A:D7:A4:31:73:15:60:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hFEU6mn6B85ALbCwmtekMXMVYFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.87.22.0/24
212.192.30.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:91:3d:f3:b8:c8:ba:f8:9c:3f:1a:be:8e:32:77:0c:ed:ce:
5e:92:a5:f9:ba:38:f0:ec:51:bb:bb:68:0d:62:ec:5d:a4:e2:
6d:8f:96:11:d1:7e:5e:9a:73:e2:de:6e:09:aa:d2:97:f5:0a:
8d:63:90:61:11:db:25:01:4c:a2:cb:ed:9d:f8:ab:1d:60:96:
f4:28:7b:90:78:99:0c:9a:62:d7:36:88:59:1d:8a:95:66:1c:
a9:5e:be:45:ef:f7:a8:70:57:2a:0c:f8:56:e5:ea:4d:31:f9:
f8:7b:58:ce:a5:65:f1:ea:b6:76:50:ea:33:a2:66:c8:eb:c3:
bd:15:60:f3:2d:ed:be:4d:ab:4b:fd:34:6d:80:05:70:ec:5d:
55:12:ec:21:c9:26:8b:6c:7a:a3:bb:4e:cc:3e:13:8e:52:f1:
2e:6a:72:27:1b:de:b1:8f:d2:6f:78:25:6c:fa:d8:3e:7c:5a:
26:99:a2:9d:cf:2e:68:08:4e:25:16:2d:10:3b:f5:7d:27:47:
96:3c:d4:2e:2e:db:f3:13:65:b0:df:8f:42:b7:8f:e9:95:5e:
bc:77:ff:7b:29:7b:f4:66:cf:1d:d8:36:46:14:14:b4:7f:96:
8f:d2:97:2e:3a:46:2d:f7:20:d2:cf:92:26:64:83:54:3e:69:
53:94:56:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjY7wh+WYqFZJgkAIeR1hsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIwMTMxMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUxMTRlYTY5ZmEwN2NlNDAyZGIwYjA5YWQ3YTQzMTczMTU2MDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrt97pCe8tympGQ5NAF2D3XQ4aOn
STlwCJT2GgxZmv8U0mt6dRFFLlGqSXUJTtpK2Gzr3rEX5R127mdysUmvgxhFcxHn
EBxsloISAk/IldlU5TnrbIfvpGNcv8t3jtnl0HSMFSglR/Iwhp7jQ1uYnOERKt2p
A43l8bLUtx2Ni2S/XA6/QJhHoJ2mt7K7iHaPJVZZNnxFn0KobYPd3RQRjLtqS3rq
DHejB0CXMx//odCtIL0OyNCA3MNqo+w1qAZmXEzRq8ZTv+pA/KFH5zgzzf5jN0H9
qgyM5A/HQ0zyljzFJAZDwHb899qnrSvDBdej5PSr6FMBWTdbZao4606s7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIRRFOpp+gfOQC2wsJrXpDFzFWBXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaEZFVTZtbjZCODVBTGJDd210ZWtNWE1WWUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUgLAwQA
wlcWAwQA1MAeAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQAtkT3zuMi6+Jw/Gr6O
MncM7c5ekqX5ujjw7FG7u2gNYuxdpOJtj5YR0X5emnPi3m4JqtKX9QqNY5BhEdsl
AUyiy+2d+KsdYJb0KHuQeJkMmmLXNohZHYqVZhypXr5F7/eocFcqDPhW5epNMfn4
e1jOpWXx6rZ2UOozombI68O9FWDzLe2+TatL/TRtgAVw7F1VEuwhySaLbHqju07M
PhOOUvEuanInG96xj9JveCVs+tg+fFommaKdzy5oCE4lFi0QO/V9J0eWPNQuLtvz
E2Ww349Ct4/plV68d/97KXv0Zs8d2DZGFBS0f5aP0pcuOkYt9yDSz5ImZINUPmlT
lFZH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org