Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jMY1zcTWMbsdCaq5A23MzOiaVbE.roa
File: jMY1zcTWMbsdCaq5A23MzOiaVbE.roa (raw, json)
Hash identifier: 2/w1V/jQkji0jpzcwccwusBrPLrfdkpb6ticPnGKrcc=
Subject key identifier: 8C:C6:35:CD:C4:D6:31:BB:1D:09:AA:B9:03:6D:CC:CC:E8:9A:55:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B237F22AABC550022C5938034009CDBE2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jMY1zcTWMbsdCaq5A23MzOiaVbE.roa
Signing time: Thu 12 Oct 2023 10:46:56 +0000
ROA not before: Thu 12 Oct 2023 10:46:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:7f:22:aa:bc:55:00:22:c5:93:80:34:00:9c:db:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 12 10:46:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cc635cdc4d631bb1d09aab9036dcccce89a55b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:f6:c6:55:b5:c4:2c:87:f0:c3:72:3a:76:
f8:91:d6:0d:e5:b0:f2:78:67:d2:ea:45:4b:55:f5:
e2:5f:7e:7d:02:dd:45:5c:2b:3d:15:de:7b:fb:37:
bf:51:65:5f:b8:1f:1e:3b:0c:81:86:bb:58:de:59:
1e:a5:21:79:95:9c:42:b7:31:9f:fb:5c:a5:2d:a6:
e8:ec:46:8f:1b:0c:fc:29:a4:e8:4e:d2:52:b5:04:
b8:91:bd:da:df:79:2b:7f:8e:59:33:b7:0a:4a:27:
18:b5:2d:51:d4:56:c7:95:ed:3e:ba:42:c1:5a:d1:
db:d8:26:c9:e3:3a:89:86:ba:a4:fd:cc:f0:5a:80:
43:13:57:c8:19:47:bf:72:bc:18:a6:65:b2:4a:d2:
f8:da:30:05:1c:38:df:8b:4a:d0:6d:76:bf:b0:90:
33:ed:80:3d:c4:73:fb:7c:61:13:6e:3a:1c:9f:24:
17:9a:87:3e:b0:88:03:bc:90:e3:c1:81:ab:f2:28:
34:ae:3f:ef:c4:c9:15:63:8e:6b:fb:06:7a:ab:48:
fa:b4:54:21:4b:f8:7f:7b:91:d3:74:76:c6:f5:f2:
3f:40:88:a7:23:f1:c0:b7:dc:1c:32:23:d2:8b:8c:
33:15:f6:90:32:cc:e3:c3:f5:c2:6b:93:2c:fd:91:
7e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C6:35:CD:C4:D6:31:BB:1D:09:AA:B9:03:6D:CC:CC:E8:9A:55:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jMY1zcTWMbsdCaq5A23MzOiaVbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.30.0/24
194.87.143.0/24
212.192.215.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:df:25:6f:c9:07:47:58:c5:86:af:ba:7b:06:21:3a:59:49:
99:ed:ec:50:01:31:e3:fe:32:c1:8c:39:c3:77:d1:e3:21:8d:
bc:ce:64:71:8b:e6:cd:14:a8:ee:e7:20:1c:85:9d:bc:68:ba:
03:a5:9d:18:46:77:1d:78:4f:56:c7:c3:56:fe:6b:af:7c:67:
da:6c:dd:20:e6:1a:3f:64:22:e8:44:3a:e8:b9:67:66:52:6b:
8d:82:58:29:23:f9:57:7d:c1:b0:4f:3a:5d:61:86:27:d7:cc:
e3:e6:28:d0:11:70:b2:84:86:df:32:9a:cf:d5:e5:e8:71:14:
4b:ce:6d:9e:55:6d:9a:3c:1d:1d:52:75:c6:54:d1:9d:61:27:
03:bf:62:69:77:18:f1:3f:7c:b8:6e:2f:a2:e3:f0:4f:d2:23:
f1:a8:44:3e:39:af:37:fa:87:0b:e8:0e:95:61:1b:d5:fd:5f:
0c:eb:5c:1b:0c:76:b8:2f:c6:1e:64:f9:76:db:48:cb:ea:af:
95:6a:18:43:83:83:eb:9d:5e:a5:59:0a:6a:a4:e9:0e:6b:23:
ab:d4:f2:0a:6a:13:08:e6:86:aa:ba:71:b7:84:61:44:f8:9d:
14:12:50:82:97:a6:c8:b3:a9:6f:0f:a0:9d:41:76:88:d2:92:
b5:e3:11:bb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYsjfyKqvFUAIsWTgDQAnNviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEyMTA0NjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2M2MzVjZGM0ZDYzMWJiMWQwOWFhYjkwMzZkY2NjY2U4OWE1NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7v2xlW1xCyH8MNyOnb4kdYN5bDy
eGfS6kVLVfXiX359At1FXCs9Fd57+ze/UWVfuB8eOwyBhrtY3lkepSF5lZxCtzGf
+1ylLabo7EaPGwz8KaToTtJStQS4kb3a33krf45ZM7cKSicYtS1R1FbHle0+ukLB
WtHb2CbJ4zqJhrqk/czwWoBDE1fIGUe/crwYpmWyStL42jAFHDjfi0rQbXa/sJAz
7YA9xHP7fGETbjocnyQXmoc+sIgDvJDjwYGr8ig0rj/vxMkVY45r+wZ6q0j6tFQh
S/h/e5HTdHbG9fI/QIinI/HAt9wcMiPSi4wzFfaQMszjw/XCa5Ms/ZF+4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIzGNc3E1jG7HQmquQNtzMzomlWxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvak1ZMXpjVFdNYnNkQ2FxNUEyM016T2lhVmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwFAwQA
wlceAwQAwlePAwQA1MDXAwQA1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQAq3yVvyQdH
WMWGr7p7BiE6WUmZ7exQATHj/jLBjDnDd9HjIY28zmRxi+bNFKju5yAchZ28aLoD
pZ0YRncdeE9Wx8NW/muvfGfabN0g5ho/ZCLoRDrouWdmUmuNglgpI/lXfcGwTzpd
YYYn18zj5ijQEXCyhIbfMprP1eXocRRLzm2eVW2aPB0dUnXGVNGdYScDv2Jpdxjx
P3y4bi+i4/BP0iPxqEQ+Oa83+ocL6A6VYRvV/V8M61wbDHa4L8YeZPl220jL6q+V
ahhDg4PrnV6lWQpqpOkOayOr1PIKahMI5oaqunG3hGFE+J0UElCCl6bIs6lvD6Cd
QXaI0pK14xG7
-----END CERTIFICATE-----
Generated at Thu Oct 12 13:18:47 2023 by rpki-client on console-ams.rpki-client.org