Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/joUGu6GNMLMUz8574qxg461_5g8.roa
File: joUGu6GNMLMUz8574qxg461_5g8.roa (raw, json)
Hash identifier: NUvoNnRwx0Pkhh3TRsI0/qeqzvONnUbNviqEgaESpnw=
Subject key identifier: 8E:85:06:BB:A1:8D:30:B3:14:CF:CE:7B:E2:AC:60:E3:AD:7F:E6:0F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A0EC7BABCD20BD31B7699807508AD33FB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/joUGu6GNMLMUz8574qxg461_5g8.roa
Signing time: Sat 19 Aug 2023 17:11:25 +0000
ROA not before: Sat 19 Aug 2023 17:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.21.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0e:c7:ba:bc:d2:0b:d3:1b:76:99:80:75:08:ad:33:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 19 17:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e8506bba18d30b314cfce7be2ac60e3ad7fe60f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:68:3a:56:6a:fd:20:d6:bc:85:74:75:63:
b6:42:d4:b0:b4:89:94:35:6a:ad:a2:4e:64:fa:54:
b5:24:3e:01:c0:ea:f2:a6:c0:f9:e6:7b:6f:cb:fd:
54:82:d5:7b:1a:f7:61:cb:f7:dc:85:70:03:6d:91:
84:c9:af:4d:fe:45:ad:00:5e:5b:4a:c7:ec:6e:bf:
aa:3b:a4:f4:34:fc:9a:02:23:01:56:c2:11:92:80:
52:db:8d:e0:1c:3e:ae:dd:48:0e:ec:07:b2:e0:77:
4a:b0:f2:25:f7:2d:d0:87:6b:0c:8e:af:0a:2c:55:
5c:16:56:a9:1d:eb:3e:42:88:33:74:9c:89:16:91:
10:e9:0f:fd:55:0c:eb:3f:c5:05:5c:28:6b:c3:1a:
04:23:06:12:d5:dc:3a:f7:fe:dd:05:f8:e9:25:f2:
96:34:bd:2d:d5:cb:64:b9:71:18:14:d5:28:ca:f6:
00:bc:ee:d6:d5:2b:29:5e:a8:69:d0:c4:01:32:6b:
b3:37:46:79:ae:fe:98:91:78:44:5d:b3:c0:cc:e7:
50:b5:c7:5d:93:14:b2:8e:0b:ba:86:3f:c3:ff:3f:
10:d0:ee:4e:ca:8f:2d:58:61:9f:23:ed:51:88:42:
2f:87:83:13:59:9a:70:8d:5d:e9:6c:49:2b:b7:26:
31:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:85:06:BB:A1:8D:30:B3:14:CF:CE:7B:E2:AC:60:E3:AD:7F:E6:0F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/joUGu6GNMLMUz8574qxg461_5g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
193.124.201.0/24
194.87.21.0/24
194.87.33.0/24
194.87.166.0/24
194.87.187.0/24
194.135.18.0/24
195.58.55.0/24
195.58.59.0/24
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
50:07:4b:20:70:96:02:91:81:fd:33:37:af:bf:fd:b1:b1:38:
cf:e4:04:8a:02:b5:9e:63:30:43:85:cc:5e:3a:ef:1f:83:fe:
ba:d3:12:c8:76:03:0d:08:33:56:7c:14:ee:9d:78:0f:b5:1f:
4e:31:d7:6a:46:e2:1c:72:40:ee:91:1f:6b:39:18:9a:12:03:
2f:e8:1d:ae:7a:38:94:9f:43:d6:d8:8f:6a:cd:a8:60:e2:c4:
f8:e3:6d:8c:5e:17:06:f1:a7:82:95:7c:a0:a3:77:02:31:88:
cb:0f:6b:e6:db:47:da:86:f9:39:c4:4f:e7:7f:46:f5:8a:14:
42:36:07:ad:5d:75:26:41:c7:07:2a:18:67:56:4a:36:8b:ef:
67:f8:36:ae:47:f3:20:0f:41:63:b6:b4:69:a7:e9:4a:eb:f8:
d3:8f:14:fc:93:b6:b2:21:e7:c1:e8:d7:ac:aa:90:b8:d4:4e:
98:8a:fa:d5:24:a6:b1:ff:55:bc:fc:d5:74:f9:c6:cc:0b:b3:
a9:10:d9:42:e7:c6:b3:93:35:1e:6b:8b:98:b4:62:8e:7d:31:
9e:6c:05:8a:20:9d:02:d5:01:67:bb:12:a1:5f:5a:5b:f2:5c:
aa:b6:d8:ff:ee:3b:8e:f7:2a:8b:52:2a:6f:97:d9:cd:fb:1f:
a9:cc:02:b3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYoOx7q80gvTG3aZgHUIrTP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE5MTcxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg1MDZiYmExOGQzMGIzMTRjZmNlN2JlMmFjNjBlM2FkN2ZlNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkBoOlZq/SDWvIV0dWO2QtSwtImU
NWqtok5k+lS1JD4BwOrypsD55ntvy/1UgtV7Gvdhy/fchXADbZGEya9N/kWtAF5b
Ssfsbr+qO6T0NPyaAiMBVsIRkoBS243gHD6u3UgO7Aey4HdKsPIl9y3Qh2sMjq8K
LFVcFlapHes+QogzdJyJFpEQ6Q/9VQzrP8UFXChrwxoEIwYS1dw69/7dBfjpJfKW
NL0t1ctkuXEYFNUoyvYAvO7W1SspXqhp0MQBMmuzN0Z5rv6YkXhEXbPAzOdQtcdd
kxSyjgu6hj/D/z8Q0O5Oyo8tWGGfI+1RiEIvh4MTWZpwjV3pbEkrtyYxSwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFI6FBruhjTCzFM/Oe+KsYOOtf+YPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvam9VR3U2R05NTE1Vejg1NzRxeGc0NjFfNWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXxfAwQA
wXzJAwQAwlcVAwQAwlchAwQAwlemAwQAwle7AwQAwocSAwQAwzo3AwQAwzo7AwQA
1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUAA4IBAQBQB0sgcJYCkYH9Mzevv/2xsTjP
5ASKArWeYzBDhcxeOu8fg/660xLIdgMNCDNWfBTunXgPtR9OMddqRuIcckDukR9r
ORiaEgMv6B2uejiUn0PW2I9qzahg4sT4422MXhcG8aeClXygo3cCMYjLD2vm20fa
hvk5xE/nf0b1ihRCNgetXXUmQccHKhhnVko2i+9n+DauR/MgD0FjtrRpp+lK6/jT
jxT8k7ayIefB6NesqpC41E6YivrVJKax/1W8/NV0+cbMC7OpENlC58azkzUea4uY
tGKOfTGebAWKIJ0C1QFnuxKhX1pb8lyqttj/7juO9yqLUipvl9nN+x+pzAKz
-----END CERTIFICATE-----
Generated at Tue Aug 22 17:05:29 2023 by rpki-client on console-ams.rpki-client.org