Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa
File: ihazjpGW5C879LlGqVQ1991yRPM.roa (raw, json)
Hash identifier: w28HuJna9hOB/PG7cFWXc23fdyw2GPstHRLpOe9GTWE=
Subject key identifier: 8A:16:B3:8E:91:96:E4:2F:3B:F4:B9:46:A9:54:35:F7:DD:72:44:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1F641B5CD4DCCA6BBA1DA21CAAAD5384
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa
Signing time: Wed 11 Oct 2023 15:38:56 +0000
ROA not before: Wed 11 Oct 2023 15:38:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216394
IP address blocks: 194.87.130.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:64:1b:5c:d4:dc:ca:6b:ba:1d:a2:1c:aa:ad:53:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 15:38:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a16b38e9196e42f3bf4b946a95435f7dd7244f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ce:31:f0:a9:d4:eb:a5:48:c8:40:cd:20:f2:
b8:23:0b:21:1c:03:59:d5:99:80:14:04:29:0c:e6:
1e:e7:ea:e0:1d:ec:06:f9:3a:ea:ae:9b:3d:b2:07:
0d:b5:19:98:83:90:2c:5f:12:31:5e:45:42:23:48:
eb:02:d3:6a:7d:eb:7b:b1:b6:f1:c6:35:d8:de:60:
ff:35:c4:4a:53:b1:b1:13:a3:7b:05:a0:57:72:95:
3e:f2:ae:89:df:e9:4a:ba:72:ec:c9:00:35:41:6c:
d8:19:76:65:18:e1:a2:bc:b6:34:5f:bd:94:89:58:
82:85:6f:a1:b2:1e:92:45:43:ea:6d:e9:5b:b2:08:
d5:36:92:5a:b6:4a:5f:c4:d3:8c:8c:f6:38:f3:ba:
1f:0e:ab:e6:fb:79:47:9e:35:ab:6a:d4:ec:7c:d2:
9c:9b:43:b8:7f:5a:8c:08:04:44:dd:af:03:4d:71:
85:17:94:6c:b0:d6:7d:d3:bb:f7:ed:cf:c6:b9:c9:
40:f8:2e:0f:c0:d5:9d:a1:84:e6:d1:b8:b8:5e:bf:
c5:96:74:91:75:75:1e:ea:e0:61:56:f6:fa:fc:10:
41:67:e7:63:24:16:3b:28:60:5a:24:23:38:85:d4:
c6:01:9e:a0:84:8b:71:ae:27:f0:f7:f3:12:e2:b6:
f1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:16:B3:8E:91:96:E4:2F:3B:F4:B9:46:A9:54:35:F7:DD:72:44:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.27.0/24
194.87.130.0/24
195.133.43.0/24
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1f:0b:47:33:0a:7f:6a:86:2b:77:f7:d9:32:e9:8a:9d:39:
c7:06:2a:44:29:3c:ad:21:76:dd:66:84:e3:84:ff:e1:0f:6a:
55:5a:e1:ba:dd:e2:e1:58:93:18:aa:b8:c3:f7:ed:a0:1a:75:
c4:54:f9:b0:2d:86:9c:dd:b6:04:9f:1d:e6:0b:5d:2f:8e:3c:
58:d1:a7:17:58:eb:79:8e:c7:77:2f:45:9c:dd:92:e0:19:76:
00:99:53:5c:2b:ba:c4:4a:05:ea:d1:24:ac:76:c9:7b:ac:47:
45:ef:a9:0a:a4:10:9a:1b:ba:97:40:6f:9a:68:1a:ef:fc:a9:
6b:97:95:65:e2:17:5a:71:71:33:36:1a:31:b9:b3:8b:89:8c:
7f:e7:3e:98:f4:70:32:c3:0a:25:b6:6e:24:32:8e:2a:d6:b0:
37:bb:38:bd:01:59:6b:75:f3:cb:29:d4:eb:1e:72:35:30:73:
5a:63:d1:34:38:58:32:c0:f7:7e:bf:66:34:69:e2:7e:f4:0e:
ac:97:9e:d5:31:05:13:36:07:68:bd:97:77:05:36:16:6c:9a:
8e:88:49:cd:27:38:2e:2a:2c:d2:ae:80:61:70:18:11:87:59:
cc:c4:59:1c:25:49:b3:55:27:da:c6:81:89:61:33:9b:86:9a:
c5:98:a6:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsfZBtc1NzKa7odohyqrVOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTUzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE2YjM4ZTkxOTZlNDJmM2JmNGI5NDZhOTU0MzVmN2RkNzI0NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws4x8KnU66VIyEDNIPK4IwshHANZ
1ZmAFAQpDOYe5+rgHewG+Trqrps9sgcNtRmYg5AsXxIxXkVCI0jrAtNqfet7sbbx
xjXY3mD/NcRKU7GxE6N7BaBXcpU+8q6J3+lKunLsyQA1QWzYGXZlGOGivLY0X72U
iViChW+hsh6SRUPqbelbsgjVNpJatkpfxNOMjPY487ofDqvm+3lHnjWratTsfNKc
m0O4f1qMCARE3a8DTXGFF5RssNZ907v37c/GuclA+C4PwNWdoYTm0bi4Xr/FlnSR
dXUe6uBhVvb6/BBBZ+djJBY7KGBaJCM4hdTGAZ6ghItxrifw9/MS4rbx9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoWs46RluQvO/S5RqlUNffdckTzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWhhempwR1c1Qzg3OUxsR3FWUTE5OTF5UlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlcbAwQA
wleCAwQAw4UrAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQCEHwtHMwp/aoYrd/fZ
MumKnTnHBipEKTytIXbdZoTjhP/hD2pVWuG63eLhWJMYqrjD9+2gGnXEVPmwLYac
3bYEnx3mC10vjjxY0acXWOt5jsd3L0Wc3ZLgGXYAmVNcK7rESgXq0SSsdsl7rEdF
76kKpBCaG7qXQG+aaBrv/Klrl5Vl4hdacXEzNhoxubOLiYx/5z6Y9HAywwoltm4k
Mo4q1rA3uzi9AVlrdfPLKdTrHnI1MHNaY9E0OFgywPd+v2Y0aeJ+9A6sl57VMQUT
NgdovZd3BTYWbJqOiEnNJzguKizSroBhcBgRh1nMxFkcJUmzVSfaxoGJYTObhprF
mKag
-----END CERTIFICATE-----
Generated at Thu Oct 12 12:25:22 2023 by rpki-client on console-fra.rpki-client.org