Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iM2ShKsFEAOiuOJvq0bNi3iAeJA.roa
File: iM2ShKsFEAOiuOJvq0bNi3iAeJA.roa (raw, json)
Hash identifier: qfjmfhzxex5ecJNIpDrkTRpGItg7pbORAVYpMIP4FP8=
Subject key identifier: 88:CD:92:84:AB:05:10:03:A2:B8:E2:6F:AB:46:CD:8B:78:80:78:90
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187522BCBC6564535C265296AEC4D919495
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iM2ShKsFEAOiuOJvq0bNi3iAeJA.roa
Signing time: Wed 05 Apr 2023 16:06:54 +0000
ROA not before: Wed 05 Apr 2023 16:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:2b:cb:c6:56:45:35:c2:65:29:6a:ec:4d:91:94:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88cd9284ab051003a2b8e26fab46cd8b78807890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d4:7b:af:35:7f:ba:9d:30:bd:84:cc:a2:83:
87:88:37:7c:fe:ba:3a:6a:04:85:52:da:cc:25:ab:
52:6e:19:c4:7c:6e:65:a3:87:96:ca:c0:26:81:8d:
8f:f6:10:04:81:6c:41:56:15:7a:d3:61:f3:e7:a8:
ed:70:9e:73:9d:bf:7f:a9:87:ba:8e:34:c8:17:02:
47:b2:c6:31:0e:d4:50:71:29:16:1a:49:b9:8c:ce:
25:21:84:dc:7f:84:c9:3c:69:79:b8:0f:2e:76:39:
2a:44:0c:ef:9a:af:3f:cc:33:82:c0:97:e3:77:98:
dd:dc:ad:c0:8f:12:28:17:fd:69:28:55:77:7f:67:
46:e9:b4:92:d2:89:cf:81:60:d1:3a:0d:91:3e:94:
9a:a1:93:fe:b6:80:56:5f:3b:39:7d:4b:f9:ff:bf:
09:fc:1c:63:09:70:8a:ff:f8:92:4b:58:e1:e1:5f:
cd:77:b7:b1:f2:ea:dd:43:b7:d5:98:c0:f5:22:30:
9d:2c:fc:69:43:d7:22:68:1e:78:88:ba:c7:0c:34:
90:3e:2e:0a:08:8c:2e:9d:ff:f1:3d:f9:c9:7c:d0:
92:63:91:a4:02:8e:c0:33:f9:c8:21:24:02:e6:d5:
43:56:93:04:d2:ba:8b:a1:0a:3d:74:e5:b0:ea:c3:
20:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CD:92:84:AB:05:10:03:A2:B8:E2:6F:AB:46:CD:8B:78:80:78:90
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iM2ShKsFEAOiuOJvq0bNi3iAeJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.118.0/23
194.135.32.0/24
195.133.26.0/23
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:a7:28:38:25:a3:82:df:bb:84:d9:99:b2:99:44:8a:2c:47:
a8:c9:5d:a4:e0:fd:c1:de:b6:80:80:fe:ff:27:59:0c:2e:71:
69:16:2d:f5:b1:1e:2d:09:36:58:f0:7a:dd:36:9f:08:a2:ee:
61:aa:af:cc:f5:1a:75:ca:6a:74:74:d9:04:25:8d:83:bf:0e:
bb:b4:1d:b1:07:fe:38:38:0c:65:96:86:c1:5c:d8:0d:d5:1e:
6c:ed:89:92:77:dd:1b:93:8e:9d:b5:bc:80:be:a7:ec:c3:eb:
85:12:8f:1a:1c:93:d2:dc:33:e2:69:ee:6f:60:6c:af:8d:93:
ee:70:6c:ca:f4:e0:5d:94:e4:03:88:d8:70:46:c8:48:2e:9e:
04:66:1e:dd:f2:87:68:88:3f:42:e6:f3:6a:be:88:0f:d6:7e:
2a:97:b9:78:a1:ff:8f:33:db:7d:a6:84:69:aa:5a:0d:67:8a:
9b:16:29:d3:51:58:6f:ad:23:4a:2c:c7:d3:b9:05:16:92:4e:
e8:9d:a0:7a:94:58:80:7f:fc:2c:36:29:b0:a5:f4:bb:b1:f4:
fe:b6:a7:48:4a:47:2a:a6:b5:a6:09:27:3a:08:64:2d:17:39:
6f:f0:6e:95:fd:19:3c:2e:23:80:aa:86:7d:62:1c:08:bc:90:
bc:e0:9f:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdSK8vGVkU1wmUpauxNkZSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGNkOTI4NGFiMDUxMDAzYTJiOGUyNmZhYjQ2Y2Q4Yjc4ODA3ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntR7rzV/up0wvYTMooOHiDd8/ro6
agSFUtrMJatSbhnEfG5lo4eWysAmgY2P9hAEgWxBVhV602Hz56jtcJ5znb9/qYe6
jjTIFwJHssYxDtRQcSkWGkm5jM4lIYTcf4TJPGl5uA8udjkqRAzvmq8/zDOCwJfj
d5jd3K3AjxIoF/1pKFV3f2dG6bSS0onPgWDROg2RPpSaoZP+toBWXzs5fUv5/78J
/BxjCXCK//iSS1jh4V/Nd7ex8urdQ7fVmMD1IjCdLPxpQ9ciaB54iLrHDDSQPi4K
CIwunf/xPfnJfNCSY5GkAo7AM/nIISQC5tVDVpME0rqLoQo9dOWw6sMg1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIjNkoSrBRADorjib6tGzYt4gHiQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaU0yU2hLc0ZFQU9pdU9KdnEwYk5pM2lBZUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwld2AwQA
wocgAwQBw4UaAwQAw4U7MA0GCSqGSIb3DQEBCwUAA4IBAQA9pyg4JaOC37uE2Zmy
mUSKLEeoyV2k4P3B3raAgP7/J1kMLnFpFi31sR4tCTZY8HrdNp8Iou5hqq/M9Rp1
ymp0dNkEJY2Dvw67tB2xB/44OAxllobBXNgN1R5s7YmSd90bk46dtbyAvqfsw+uF
Eo8aHJPS3DPiae5vYGyvjZPucGzK9OBdlOQDiNhwRshILp4EZh7d8odoiD9C5vNq
vogP1n4ql7l4of+PM9t9poRpqloNZ4qbFinTUVhvrSNKLMfTuQUWkk7onaB6lFiA
f/wsNimwpfS7sfT+tqdISkcqprWmCSc6CGQtFzlv8G6V/Rk8LiOAqoZ9YhwIvJC8
4J/p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org