Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i-n6KcuN01o_CVushrc-CIiQT5M.roa
File: i-n6KcuN01o_CVushrc-CIiQT5M.roa (raw, json)
Hash identifier: bwTMkvvee9PFS/7gPmoVJQ7KFJYeus/XSdl10YugnbU=
Subject key identifier: 8B:E9:FA:29:CB:8D:D3:5A:3F:09:5B:AC:86:B7:3E:08:88:90:4F:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6021D753D61ADCB959C59EC37737B987
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i-n6KcuN01o_CVushrc-CIiQT5M.roa
Signing time: Mon 04 Sep 2023 12:19:05 +0000
ROA not before: Mon 04 Sep 2023 12:19:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 22
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
192.124.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:21:d7:53:d6:1a:dc:b9:59:c5:9e:c3:77:37:b9:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:19:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8be9fa29cb8dd35a3f095bac86b73e0888904f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ae:f3:d5:4a:0a:83:34:dc:59:75:02:af:fe:
d4:c8:47:56:0c:e8:f5:2a:67:11:58:d7:b6:93:d8:
12:6f:22:db:ae:b2:e7:b4:8b:ea:73:3d:1b:6c:9c:
fc:df:38:81:d1:11:a2:ee:b8:e0:09:de:c9:cc:c2:
78:4d:b1:43:e4:a1:d1:4c:9b:64:23:ec:7e:b7:12:
d4:98:27:ea:fd:38:ef:d5:30:c9:af:3e:9c:1b:79:
75:92:94:a1:c2:2a:ef:5c:08:1c:6e:86:84:d0:19:
99:da:15:e1:4c:24:60:c3:cd:73:49:5d:45:cd:f3:
39:b1:28:5c:c7:1c:b4:e0:21:bd:67:7b:51:51:64:
09:ac:2b:6b:30:e8:38:03:89:f5:e3:d6:bc:84:52:
1b:70:26:aa:b9:0c:7d:3f:8d:65:31:8f:9d:4d:a0:
e3:f6:4c:20:1c:99:39:4d:53:bf:1e:e9:69:c8:0e:
f2:82:c1:64:d4:f8:5d:39:93:96:fc:51:e8:07:51:
97:48:65:7e:1c:60:64:9c:69:f9:df:17:bf:2a:14:
e5:d1:c8:6b:21:10:a4:ff:37:4f:71:1c:e5:c1:ea:
e3:a7:fb:de:0a:76:8e:a3:c0:1e:d2:bf:33:b1:1c:
a2:3d:b2:4c:58:c5:68:26:08:22:bf:9e:ae:4c:2e:
5f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E9:FA:29:CB:8D:D3:5A:3F:09:5B:AC:86:B7:3E:08:88:90:4F:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i-n6KcuN01o_CVushrc-CIiQT5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
193.124.15.0/24
193.124.24.0/24
194.58.223.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.83.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
52:f8:08:a4:00:f7:2d:14:94:f3:50:84:7b:61:55:7f:8e:78:
10:f0:a0:ce:48:cd:f7:14:30:98:fc:21:9f:83:42:5c:93:d7:
a4:8e:9a:74:93:8f:89:03:85:1b:48:99:9f:10:be:c5:46:90:
91:f7:eb:ff:27:68:5a:74:24:ac:15:ac:63:e2:36:a9:5f:79:
9c:0e:cf:dd:cb:d1:2a:e9:44:83:dd:cb:b5:b7:42:59:33:a0:
bb:25:c0:71:99:f3:1c:0d:d3:22:7d:97:ed:b9:57:2b:22:8f:
b2:4f:12:cf:4a:5b:ce:c7:58:09:2d:68:2d:ea:a7:7a:f7:ca:
7f:41:db:42:66:a3:2d:06:a0:3d:f6:06:6b:40:03:f6:5a:ef:
9f:cc:2c:a8:17:6f:1a:7f:6b:3e:6c:84:66:64:97:83:99:ed:
64:1e:da:37:d7:db:60:1b:5e:93:6d:42:4d:43:47:c0:02:67:
2c:95:ee:c6:c3:a7:ad:34:e0:80:cf:33:70:42:ff:f1:6a:18:
26:dd:60:62:69:36:c1:33:bc:ed:14:a1:2e:98:10:64:69:a6:
31:62:97:f9:1d:2e:cd:d3:20:e6:b1:75:d7:37:ca:d9:36:6f:
c5:8a:6f:7f:72:fa:ee:b9:eb:2c:4c:71:e8:eb:29:40:ac:b0:
56:40:d8:71
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYpgIddT1hrcuVnFnsN3N7mHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIxOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU5ZmEyOWNiOGRkMzVhM2YwOTViYWM4NmI3M2UwODg4OTA0ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk67z1UoKgzTcWXUCr/7UyEdWDOj1
KmcRWNe2k9gSbyLbrrLntIvqcz0bbJz83ziB0RGi7rjgCd7JzMJ4TbFD5KHRTJtk
I+x+txLUmCfq/Tjv1TDJrz6cG3l1kpShwirvXAgcboaE0BmZ2hXhTCRgw81zSV1F
zfM5sShcxxy04CG9Z3tRUWQJrCtrMOg4A4n149a8hFIbcCaquQx9P41lMY+dTaDj
9kwgHJk5TVO/HulpyA7ygsFk1PhdOZOW/FHoB1GXSGV+HGBknGn53xe/KhTl0chr
IRCk/zdPcRzlwerjp/veCnaOo8Ae0r8zsRyiPbJMWMVoJggiv56uTC5fRQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIvp+inLjdNaPwlbrIa3PgiIkE+TMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaS1uNktjdU4wMW9fQ1Z1c2hyYy1DSWlRVDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwHy9AwQA
wXwPAwQAwXwYAwQAwjrfAwQAwlcdAwQAwld7AwQAwodoAwQAw4UVAwQBw4UaAwQA
w4VTAwQC1MEYMA0GCSqGSIb3DQEBCwUAA4IBAQBS+AikAPctFJTzUIR7YVV/jngQ
8KDOSM33FDCY/CGfg0Jck9ekjpp0k4+JA4UbSJmfEL7FRpCR9+v/J2hadCSsFaxj
4japX3mcDs/dy9Eq6USD3cu1t0JZM6C7JcBxmfMcDdMifZftuVcrIo+yTxLPSlvO
x1gJLWgt6qd698p/QdtCZqMtBqA99gZrQAP2Wu+fzCyoF28af2s+bIRmZJeDme1k
Hto319tgG16TbUJNQ0fAAmcsle7Gw6etNOCAzzNwQv/xahgm3WBiaTbBM7ztFKEu
mBBkaaYxYpf5HS7N0yDmsXXXN8rZNm/Fim9/cvruuessTHHo6ylArLBWQNhx
-----END CERTIFICATE-----
Generated at Wed Oct 11 12:34:24 2023 by rpki-client on console-ams.rpki-client.org