Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iLiW8oLmdEPdCqm4xdHpx_VaDdE.roa
File: iLiW8oLmdEPdCqm4xdHpx_VaDdE.roa (raw, json)
Hash identifier: 8hBZ6Sv31GChW4WITeutuWnFjA8jp0g0VWjXwMPnZKg=
Subject key identifier: 88:B8:96:F2:82:E6:74:43:DD:0A:A9:B8:C5:D1:E9:C7:F5:5A:0D:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189204093A0D5CF14A7488CC3F707B51DBC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iLiW8oLmdEPdCqm4xdHpx_VaDdE.roa
Signing time: Tue 04 Jul 2023 09:34:10 +0000
ROA not before: Tue 04 Jul 2023 09:34:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 212.192.211.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 10:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:40:93:a0:d5:cf:14:a7:48:8c:c3:f7:07:b5:1d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 4 09:34:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b896f282e67443dd0aa9b8c5d1e9c7f55a0dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:55:1e:cc:2b:92:b8:de:0f:2c:cf:14:fa:
ba:24:b1:fc:89:88:97:37:1c:61:bb:d9:72:ca:64:
31:18:a5:d8:25:51:6b:79:71:f0:95:e8:1e:ea:3c:
02:eb:e3:1a:6e:c2:db:06:bf:3d:88:7c:ad:46:06:
b7:e8:27:9c:b9:bd:09:5d:fe:e6:c9:1e:8f:03:97:
2d:43:25:2d:f7:57:14:70:26:10:60:6d:0d:f2:ab:
7b:62:17:b1:8d:cc:9e:4e:17:b3:5a:25:e3:4f:7f:
ac:0c:d7:60:8f:90:16:02:eb:f6:e5:b4:15:c0:20:
74:f8:31:6b:d5:ef:d1:b2:a6:bc:97:9c:f9:0f:49:
9d:17:50:c9:fc:f1:4c:11:18:9d:c9:89:94:6e:05:
5d:69:de:8d:76:2c:19:c6:26:e4:9b:05:dc:3c:0e:
9f:49:c7:0c:7c:4a:cf:c6:b5:f0:cb:7a:85:06:b0:
0d:26:da:83:6a:7e:f3:40:34:a3:4d:16:76:db:52:
31:33:37:d7:04:da:c6:1a:40:86:40:6a:c4:54:bc:
9d:e8:c8:4b:2f:52:39:d6:b0:d3:b2:70:27:53:c0:
a3:6d:62:4e:67:d1:69:ea:3b:43:21:10:d2:d3:da:
20:d4:ca:0c:44:64:4f:7a:98:94:dc:b4:a1:11:af:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B8:96:F2:82:E6:74:43:DD:0A:A9:B8:C5:D1:E9:C7:F5:5A:0D:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iLiW8oLmdEPdCqm4xdHpx_VaDdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.38.0/24
195.133.26.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f6:e0:18:be:05:de:93:d1:37:46:54:c9:3d:05:eb:59:c2:
6b:84:97:2a:b0:a5:56:32:97:90:2f:e8:cf:fb:02:f5:ad:c2:
fa:8f:1b:03:4b:c3:8e:a1:f4:44:c1:b0:5f:d6:b4:83:f5:b0:
07:c0:a2:a3:2d:07:a3:d4:b6:c7:16:f7:9e:a5:63:c7:6c:03:
fd:e3:02:69:ce:9b:af:45:f6:70:96:b9:4a:3c:0d:80:de:e0:
46:30:e3:db:48:6f:20:04:0a:7b:a3:71:77:7a:77:b5:eb:68:
46:90:f8:88:4a:7b:26:7c:99:a9:51:d5:58:c7:e4:55:e4:64:
ab:d6:c3:ed:35:b7:1a:ea:aa:c4:f7:4a:3e:a8:9f:5e:41:e9:
10:2a:ae:ea:ad:39:1d:37:cd:20:6f:59:be:fb:9b:30:21:1a:
49:90:0d:27:45:46:0e:9a:32:19:e8:9e:51:6b:f6:53:47:11:
9e:9d:31:4e:0e:03:c4:0f:e4:1f:a9:51:74:88:5f:38:0f:15:
85:f3:29:89:71:15:12:77:03:bb:1c:6b:d1:4f:04:de:82:4f:
27:c5:ca:1b:79:9c:8e:ac:8b:ac:35:8f:7d:28:d3:5f:86:70:
d1:0c:66:0d:14:dd:50:6e:27:ba:4f:3b:67:5f:4b:68:51:b4:
d7:39:f9:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkgQJOg1c8Up0iMw/cHtR28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA0MDkzNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGI4OTZmMjgyZTY3NDQzZGQwYWE5YjhjNWQxZTljN2Y1NWEwZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohdVHswrkrjeDyzPFPq6JLH8iYiX
Nxxhu9lyymQxGKXYJVFreXHwlege6jwC6+MabsLbBr89iHytRga36Cecub0JXf7m
yR6PA5ctQyUt91cUcCYQYG0N8qt7YhexjcyeThezWiXjT3+sDNdgj5AWAuv25bQV
wCB0+DFr1e/Rsqa8l5z5D0mdF1DJ/PFMERidyYmUbgVdad6NdiwZxibkmwXcPA6f
SccMfErPxrXwy3qFBrANJtqDan7zQDSjTRZ221IxMzfXBNrGGkCGQGrEVLyd6MhL
L1I51rDTsnAnU8CjbWJOZ9Fp6jtDIRDS09og1MoMRGRPepiU3LShEa+92QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIi4lvKC5nRD3QqpuMXR6cf1Wg3RMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaUxpVzhvTG1kRVBkQ3FtNHhkSHB4X1ZhRGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjomAwQA
w4UaAwQA1MDTMA0GCSqGSIb3DQEBCwUAA4IBAQB19uAYvgXek9E3RlTJPQXrWcJr
hJcqsKVWMpeQL+jP+wL1rcL6jxsDS8OOofREwbBf1rSD9bAHwKKjLQej1LbHFvee
pWPHbAP94wJpzpuvRfZwlrlKPA2A3uBGMOPbSG8gBAp7o3F3ene162hGkPiISnsm
fJmpUdVYx+RV5GSr1sPtNbca6qrE90o+qJ9eQekQKq7qrTkdN80gb1m++5swIRpJ
kA0nRUYOmjIZ6J5Ra/ZTRxGenTFODgPED+QfqVF0iF84DxWF8ymJcRUSdwO7HGvR
TwTegk8nxcobeZyOrIusNY99KNNfhnDRDGYNFN1Qbie6TztnX0toUbTXOfn9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org