Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/heWbQD3IKMluQUaA2JyQ7MAAQ90.roa
File: heWbQD3IKMluQUaA2JyQ7MAAQ90.roa (raw, json)
Hash identifier: F9kXGbup4iaYlxQeHxo1FekAfqYXK47SKN1T3vaQvMA=
Subject key identifier: 85:E5:9B:40:3D:C8:28:C9:6E:41:46:80:D8:9C:90:EC:C0:00:43:DD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018997F9F07968E1A909DBB0FCCE1A1DB195
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/heWbQD3IKMluQUaA2JyQ7MAAQ90.roa
Signing time: Thu 27 Jul 2023 15:31:26 +0000
ROA not before: Thu 27 Jul 2023 15:31:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49316
IP address blocks: 212.192.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:f9:f0:79:68:e1:a9:09:db:b0:fc:ce:1a:1d:b1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 27 15:31:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e59b403dc828c96e414680d89c90ecc00043dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:81:04:78:58:83:e0:db:3a:3c:95:87:a3:56:
24:2b:85:c2:05:0d:5f:45:5c:f7:a5:75:ea:ec:4a:
57:a5:3c:d7:c6:40:96:e4:6a:17:35:4d:c4:5b:85:
65:c6:86:60:50:b6:97:9d:06:ee:04:af:db:50:66:
99:22:dc:f8:a9:43:4c:40:35:5d:e5:71:05:fb:8f:
7a:e7:d6:cb:aa:ef:31:ff:db:5f:fe:8b:3f:20:37:
d8:28:6e:f5:da:77:6d:ed:e9:56:23:92:96:82:e4:
b5:9b:a6:a1:52:ce:78:8e:69:6f:76:63:68:fd:03:
37:84:bf:a4:c1:ef:54:f0:06:fd:1f:2e:29:a4:0e:
7c:4b:07:f8:c9:ec:6e:40:f0:0e:de:a6:ce:cb:4a:
f7:1a:84:7e:e6:1f:e1:90:d2:9e:0a:a4:50:76:b7:
0b:ba:c3:09:b0:69:22:c9:c6:59:5c:91:23:05:c0:
60:e5:f9:8e:e1:70:9f:73:ae:6a:79:cc:da:42:04:
60:76:e1:19:0c:d7:c7:a3:d0:6f:5c:98:f5:cb:bd:
f1:6e:a5:45:e4:71:f7:25:42:f2:e9:b1:87:60:6e:
f5:5a:25:7b:9c:ba:cd:ca:e3:54:cf:ec:80:5f:ab:
8c:b4:c3:2b:1d:16:37:1a:e3:f2:9b:b3:9a:fb:4c:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E5:9B:40:3D:C8:28:C9:6E:41:46:80:D8:9C:90:EC:C0:00:43:DD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/heWbQD3IKMluQUaA2JyQ7MAAQ90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:aa:c2:ce:98:3d:5f:1c:46:30:7c:bf:a3:b9:a9:33:b0:a0:
87:bd:75:55:f6:20:76:cf:7f:82:06:65:f7:cf:2b:23:05:cf:
bd:86:c4:f9:cc:8f:2f:77:8c:bf:ba:dc:42:fa:7a:cb:0c:26:
66:44:87:8f:41:6f:ca:f4:50:0c:ef:d6:06:05:23:1e:3c:48:
63:71:b8:08:ac:73:69:06:65:3e:bc:5c:1b:17:3f:8f:a0:57:
45:6d:c7:cc:a0:45:5e:e0:d4:bf:f7:e1:2c:a5:e5:b4:6c:ac:
b9:35:f4:67:04:90:8b:02:9b:76:5b:d2:e1:3f:a2:85:6e:25:
f0:1e:cd:86:e7:9b:ae:99:8d:db:3e:a5:97:72:82:4e:98:65:
63:89:7b:95:ad:29:02:03:2b:ea:16:03:25:9e:f2:d3:f7:72:
3f:bd:fa:4b:ff:53:d1:8e:88:8f:fe:39:f9:b7:29:aa:ec:0b:
0e:05:6c:7f:46:ca:95:24:cc:ac:ba:0d:50:a9:f0:d3:91:57:
eb:b6:2f:6e:ae:03:c1:4f:d0:4e:02:b1:c6:8d:ca:43:7d:56:
c7:20:db:7f:e9:7b:4b:16:da:9b:4d:18:10:1a:a9:98:03:50:
bd:d5:e5:4b:8b:65:25:fe:e1:00:12:85:bb:31:fa:f0:a6:23:
e5:d2:f5:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmX+fB5aOGpCduw/M4aHbGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTUzMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWU1OWI0MDNkYzgyOGM5NmU0MTQ2ODBkODljOTBlY2MwMDA0M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4EEeFiD4Ns6PJWHo1YkK4XCBQ1f
RVz3pXXq7EpXpTzXxkCW5GoXNU3EW4VlxoZgULaXnQbuBK/bUGaZItz4qUNMQDVd
5XEF+49659bLqu8x/9tf/os/IDfYKG712ndt7elWI5KWguS1m6ahUs54jmlvdmNo
/QM3hL+kwe9U8Ab9Hy4ppA58Swf4yexuQPAO3qbOy0r3GoR+5h/hkNKeCqRQdrcL
usMJsGkiycZZXJEjBcBg5fmO4XCfc65qeczaQgRgduEZDNfHo9BvXJj1y73xbqVF
5HH3JULy6bGHYG71WiV7nLrNyuNUz+yAX6uMtMMrHRY3GuPym7Oa+0zdOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXlm0A9yCjJbkFGgNickOzAAEPdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaGVXYlFEM0lLTWx1UVVhQTJKeVE3TUFBUTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAHMA0G
CSqGSIb3DQEBCwUAA4IBAQAuqsLOmD1fHEYwfL+juakzsKCHvXVV9iB2z3+CBmX3
zysjBc+9hsT5zI8vd4y/utxC+nrLDCZmRIePQW/K9FAM79YGBSMePEhjcbgIrHNp
BmU+vFwbFz+PoFdFbcfMoEVe4NS/9+EspeW0bKy5NfRnBJCLApt2W9LhP6KFbiXw
Hs2G55uumY3bPqWXcoJOmGVjiXuVrSkCAyvqFgMlnvLT93I/vfpL/1PRjoiP/jn5
tymq7AsOBWx/RsqVJMysug1QqfDTkVfrti9urgPBT9BOArHGjcpDfVbHINt/6XtL
FtqbTRgQGqmYA1C91eVLi2Ul/uEAEoW7MfrwpiPl0vVI
-----END CERTIFICATE-----
Generated at Mon Aug 14 12:45:58 2023 by rpki-client on console-ams.rpki-client.org