Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lnUQeqzx4gZSJVPe47KUJNllwhc.roa
File: lnUQeqzx4gZSJVPe47KUJNllwhc.roa (raw, json)
Hash identifier: mVWarIVdWpjAV0Fr6i+zchFOdtebk7Pw163IuDlZm6s=
Subject key identifier: 96:75:10:7A:AC:F1:E2:06:52:25:53:DE:E3:B2:94:24:D9:65:C2:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189C9F97CEC676836ED953B79C7A1E4A244
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lnUQeqzx4gZSJVPe47KUJNllwhc.roa
Signing time: Sun 06 Aug 2023 08:31:58 +0000
ROA not before: Sun 06 Aug 2023 08:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 212.193.12.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c9:f9:7c:ec:67:68:36:ed:95:3b:79:c7:a1:e4:a2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 6 08:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9675107aacf1e206522553dee3b29424d965c217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8c:d8:1c:f1:a8:b8:33:50:8b:b9:fa:f5:ec:
b4:e7:66:77:4c:0e:52:2f:03:d1:cc:3b:a4:4c:3b:
9b:4e:ee:a3:0f:d0:e7:05:6a:33:15:47:28:a0:b1:
5a:07:01:3f:5c:72:12:44:0f:c1:38:8c:42:e7:62:
85:98:59:15:b7:68:a4:2a:38:c4:24:5e:21:c0:64:
ce:bf:06:f1:81:ed:29:40:75:48:db:0b:46:c8:10:
fc:4c:d6:61:a9:ad:fb:f5:06:74:52:43:55:05:d9:
8c:4d:f4:bc:32:f9:bf:d6:30:b0:99:c7:e4:86:5b:
65:d9:ff:0f:ab:fd:dc:d5:64:cf:2b:17:d8:00:f3:
4e:e2:75:ac:46:b7:ca:93:7b:2a:9e:27:9e:fb:11:
13:94:4d:b0:63:07:98:19:f5:87:97:29:92:c8:89:
00:74:dc:70:dc:3c:63:3f:34:d8:b6:4e:e5:f1:ce:
bf:38:7e:b9:41:13:a1:3c:64:f8:c1:e8:d5:89:41:
45:7e:7d:37:fa:00:a3:a4:0e:db:3b:7f:d8:f1:4c:
dd:1f:55:9a:cd:34:26:48:3e:88:80:c7:64:54:2b:
d0:ba:90:b6:ed:2e:16:e0:41:74:f1:33:a3:70:01:
ee:2e:98:fd:04:14:71:2c:8d:44:30:9e:0f:46:fc:
68:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:75:10:7A:AC:F1:E2:06:52:25:53:DE:E3:B2:94:24:D9:65:C2:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lnUQeqzx4gZSJVPe47KUJNllwhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
193.124.91.0/24
193.124.95.0/24
195.133.81.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:0b:71:a2:74:93:65:64:da:36:42:0d:90:74:35:e6:f6:9f:
74:b8:f0:c8:a6:e9:2a:89:eb:c1:14:57:02:67:5c:7e:47:ab:
ac:0d:27:6c:2a:0b:8d:f2:6f:9b:59:50:bf:df:bf:1d:9f:31:
b2:49:6b:7f:db:e3:98:da:29:d0:22:df:97:a1:e1:aa:82:80:
ec:82:7f:58:08:ee:51:b7:ec:e2:60:a4:d1:f0:5e:8b:2d:00:
cf:f7:1b:bd:2f:3a:cc:da:f3:57:14:15:0d:54:53:90:20:62:
06:32:b1:16:d6:e6:a6:18:12:0d:8c:a6:9b:13:46:f4:14:c3:
3b:62:e9:8b:5c:d8:f1:98:ca:0a:f1:53:b0:0e:83:ce:62:08:
0e:a8:c3:b0:69:e3:75:01:be:be:b2:a2:0e:43:0e:ac:84:5c:
4d:9f:4b:fd:61:5e:31:7c:63:00:93:73:59:32:ef:45:45:07:
7a:a9:8d:58:81:19:95:ae:7d:ae:d9:01:a7:94:c5:95:ba:9b:
87:6d:50:54:ca:c5:33:8e:6f:8a:21:7c:b0:de:b4:38:a2:7c:
7f:1e:73:4f:7a:ff:ac:ec:8c:09:3b:f6:ed:24:55:bf:1c:57:
b1:0e:b8:24:7e:00:55:d1:33:6d:a5:26:21:05:45:d9:ec:14:
0f:f3:60:71
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnJ+XzsZ2g27ZU7eceh5KJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA2MDgzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc1MTA3YWFjZjFlMjA2NTIyNTUzZGVlM2IyOTQyNGQ5NjVjMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIzYHPGouDNQi7n69ey052Z3TA5S
LwPRzDukTDubTu6jD9DnBWozFUcooLFaBwE/XHISRA/BOIxC52KFmFkVt2ikKjjE
JF4hwGTOvwbxge0pQHVI2wtGyBD8TNZhqa379QZ0UkNVBdmMTfS8Mvm/1jCwmcfk
hltl2f8Pq/3c1WTPKxfYAPNO4nWsRrfKk3sqniee+xETlE2wYweYGfWHlymSyIkA
dNxw3DxjPzTYtk7l8c6/OH65QROhPGT4wejViUFFfn03+gCjpA7bO3/Y8UzdH1Wa
zTQmSD6IgMdkVCvQupC27S4W4EF08TOjcAHuLpj9BBRxLI1EMJ4PRvxowwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJZ1EHqs8eIGUiVT3uOylCTZZcIXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbG5VUWVxeng0Z1pTSlZQZTQ3S1VKTmxsd2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPkzhAwQA
wXxbAwQAwXxfAwQAw4VRAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQAPC3GidJNl
ZNo2Qg2QdDXm9p90uPDIpukqievBFFcCZ1x+R6usDSdsKguN8m+bWVC/378dnzGy
SWt/2+OY2inQIt+XoeGqgoDsgn9YCO5Rt+ziYKTR8F6LLQDP9xu9LzrM2vNXFBUN
VFOQIGIGMrEW1uamGBINjKabE0b0FMM7YumLXNjxmMoK8VOwDoPOYggOqMOwaeN1
Ab6+sqIOQw6shFxNn0v9YV4xfGMAk3NZMu9FRQd6qY1YgRmVrn2u2QGnlMWVupuH
bVBUysUzjm+KIXyw3rQ4onx/HnNPev+s7IwJO/btJFW/HFexDrgkfgBV0TNtpSYh
BUXZ7BQP82Bx
-----END CERTIFICATE-----
Generated at Thu Aug 10 06:17:08 2023 by rpki-client on console-fra.rpki-client.org