Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hJeKlXTrH-l7Bw3D0QlNEKkU1OA.roa
File: hJeKlXTrH-l7Bw3D0QlNEKkU1OA.roa (raw, json)
Hash identifier: ZJpcJlWbrYhg9SK3BUvnKIcb+p7xFTs/yDJAHEADacM=
Subject key identifier: 84:97:8A:95:74:EB:1F:E9:7B:07:0D:C3:D1:09:4D:10:A9:14:D4:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BCA08845EB11AE7B77BB9797D0FB003B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hJeKlXTrH-l7Bw3D0QlNEKkU1OA.roa
Signing time: Mon 13 Nov 2023 18:53:57 +0000
ROA not before: Mon 13 Nov 2023 18:53:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399045
IP address blocks: 194.87.128.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:08:84:5e:b1:1a:e7:b7:7b:b9:79:7d:0f:b0:03:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 18:53:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84978a9574eb1fe97b070dc3d1094d10a914d4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:24:cd:8f:e1:9c:ad:7a:35:02:3b:83:61:6d:
39:23:0c:04:00:dd:34:52:e5:a4:ed:a0:fb:a1:47:
04:b2:fc:a5:8d:08:4c:d2:71:fd:41:9d:35:ee:c0:
f6:16:7c:4f:83:db:cd:7d:47:db:e9:9e:af:1c:87:
3e:41:71:a2:9c:fb:e8:18:59:5f:a1:a2:86:f6:d0:
ad:9a:40:c1:39:b4:96:c3:38:3f:18:b1:64:91:83:
dd:58:4f:7c:49:93:ca:a9:e6:fa:cc:31:9a:38:18:
32:b0:15:91:0c:58:fb:a7:84:8c:b3:9c:23:ba:c7:
cf:d1:1a:5d:25:40:d6:fb:03:f0:de:a1:e9:bc:78:
62:a6:45:d1:ce:0e:82:a9:b9:6f:68:08:29:02:c2:
66:9f:4a:71:3a:7a:e7:cd:0c:11:54:00:cf:89:e9:
78:22:7b:d0:7b:85:d3:92:73:5f:7f:a7:b6:f5:c7:
d4:0e:47:e5:cc:9b:f6:66:3c:f5:68:f2:84:5f:9c:
7b:3f:4d:5b:b0:7c:e5:23:71:25:ee:98:b2:4c:19:
92:8e:be:8b:b3:df:79:10:76:45:b6:8b:79:af:9d:
ab:fb:5b:ff:78:b4:b5:a9:e6:f2:61:3b:64:4e:e6:
f8:43:e5:b5:b4:ba:c4:71:cf:f8:f6:76:39:10:fa:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:97:8A:95:74:EB:1F:E9:7B:07:0D:C3:D1:09:4D:10:A9:14:D4:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hJeKlXTrH-l7Bw3D0QlNEKkU1OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.128.0/24
195.58.60.0/24
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:92:b4:41:f7:5a:84:0f:93:86:24:87:58:34:c6:de:f2:ee:
e7:5f:1a:d6:47:31:dc:e6:2d:57:2a:cf:30:eb:fa:f7:97:00:
3d:7f:ca:2d:da:6b:0b:c9:2f:6b:de:6e:b4:59:58:22:9b:10:
06:7d:17:14:30:9c:72:f8:af:25:0b:e6:01:6b:14:40:15:a1:
2f:e2:66:8f:92:3d:d3:30:16:97:b9:19:1d:bc:29:b8:62:90:
63:8e:9f:50:80:38:c5:4a:b6:54:d1:ae:b6:67:2b:06:38:31:
1f:86:9a:35:64:05:70:8d:a9:e9:12:42:c0:57:c1:e7:4c:24:
4b:0e:7b:3d:55:23:9e:9d:02:64:3a:e9:1f:5c:d6:2d:c4:5f:
3f:38:46:39:82:f0:99:ad:45:cb:09:19:85:a7:80:89:1b:6f:
58:4b:6c:1b:f5:41:23:33:2e:b3:69:65:58:20:6e:80:66:54:
9e:f5:f2:d9:f5:2d:00:52:f4:bc:43:b0:22:18:aa:51:50:42:
30:c0:cf:ee:0e:da:fc:c6:dd:f0:94:6e:a0:5f:46:29:de:de:
07:ff:eb:1e:9b:94:ad:8c:b3:2b:f6:85:24:af:e5:c3:9d:33:
16:8b:ef:35:55:d9:95:c2:35:2b:de:34:90:91:0f:b6:3b:8c:
f6:77:63:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvKCIResRrnt3u5eX0PsAO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMTg1MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDk3OGE5NTc0ZWIxZmU5N2IwNzBkYzNkMTA5NGQxMGE5MTRkNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCTNj+GcrXo1AjuDYW05IwwEAN00
UuWk7aD7oUcEsvyljQhM0nH9QZ017sD2FnxPg9vNfUfb6Z6vHIc+QXGinPvoGFlf
oaKG9tCtmkDBObSWwzg/GLFkkYPdWE98SZPKqeb6zDGaOBgysBWRDFj7p4SMs5wj
usfP0RpdJUDW+wPw3qHpvHhipkXRzg6CqblvaAgpAsJmn0pxOnrnzQwRVADPiel4
InvQe4XTknNff6e29cfUDkflzJv2Zjz1aPKEX5x7P01bsHzlI3El7piyTBmSjr6L
s995EHZFtot5r52r+1v/eLS1qebyYTtkTub4Q+W1tLrEcc/49nY5EPp6cwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFISXipV06x/pewcNw9EJTRCpFNTgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaEplS2xYVHJILWw3QnczRDBRbE5FS2tVMU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxfAwQA
wleAAwQAwzo8AwQAw4UYMA0GCSqGSIb3DQEBCwUAA4IBAQBbkrRB91qED5OGJIdY
NMbe8u7nXxrWRzHc5i1XKs8w6/r3lwA9f8ot2msLyS9r3m60WVgimxAGfRcUMJxy
+K8lC+YBaxRAFaEv4maPkj3TMBaXuRkdvCm4YpBjjp9QgDjFSrZU0a62ZysGODEf
hpo1ZAVwjanpEkLAV8HnTCRLDns9VSOenQJkOukfXNYtxF8/OEY5gvCZrUXLCRmF
p4CJG29YS2wb9UEjMy6zaWVYIG6AZlSe9fLZ9S0AUvS8Q7AiGKpRUEIwwM/uDtr8
xt3wlG6gX0Yp3t4H/+sem5StjLMr9oUkr+XDnTMWi+81VdmVwjUr3jSQkQ+2O4z2
d2Ob
-----END CERTIFICATE-----
Generated at Wed Nov 15 11:17:41 2023 by rpki-client on console-ams.rpki-client.org