Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mSaiVqIDX0gx8G1vBPG4AuogQgI.roa
File: mSaiVqIDX0gx8G1vBPG4AuogQgI.roa (raw, json)
Hash identifier: SGK3l7Kdt6YmZdvHUNcYUhxL7RsYHHNUyEBr5v5JtYk=
Subject key identifier: 99:26:A2:56:A2:03:5F:48:31:F0:6D:6F:04:F1:B8:02:EA:20:42:02
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC82A9B6B67EA30B051171DF795477BB3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mSaiVqIDX0gx8G1vBPG4AuogQgI.roa
Signing time: Mon 13 Nov 2023 10:11:57 +0000
ROA not before: Mon 13 Nov 2023 10:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 194.87.220.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:2a:9b:6b:67:ea:30:b0:51:17:1d:f7:95:47:7b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 10:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9926a256a2035f4831f06d6f04f1b802ea204202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3b:61:9d:90:41:df:8a:e3:70:e7:57:7f:34:
1d:4a:56:35:1f:85:c1:58:77:33:fe:16:cb:79:97:
82:5a:16:c1:91:39:5f:23:4b:5c:31:e6:3a:4d:b0:
b5:6d:30:31:9f:26:b2:3e:10:11:55:4c:db:63:08:
c8:09:7c:92:31:a7:0c:43:b3:7e:08:07:bc:99:88:
44:72:ef:82:2b:c4:93:a8:db:53:f8:7b:27:27:ed:
41:d2:82:15:2e:fd:fd:71:dc:73:b8:23:b2:4c:6d:
38:65:e1:12:59:53:84:4d:5d:5c:4f:a8:67:bc:82:
c3:63:9f:69:16:b7:19:d2:71:9a:61:86:05:25:89:
ff:08:24:a4:b2:7f:6a:b2:78:eb:83:9d:7e:2c:53:
48:74:48:8e:8e:f5:d2:e8:7c:39:9f:25:fd:7b:b3:
2e:de:f7:91:dc:1a:c8:52:01:64:77:09:50:f6:99:
60:c7:55:c2:99:c9:ee:46:3b:d3:77:70:8b:7c:09:
c5:ab:7e:53:8b:ed:fc:28:a0:85:8b:65:ae:ad:6d:
d1:f5:e6:e3:78:d5:80:b5:f2:9f:4b:4e:dd:8a:d6:
3e:7f:1a:28:f7:46:c9:3f:9b:84:fe:09:53:a7:ff:
33:e5:c9:b8:9b:18:77:ac:78:71:64:2a:92:2c:d3:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:26:A2:56:A2:03:5F:48:31:F0:6D:6F:04:F1:B8:02:EA:20:42:02
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mSaiVqIDX0gx8G1vBPG4AuogQgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.220.0/24
194.135.32.0/24
195.58.37.0/24
195.133.21.0/24
195.133.61.0/24
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
99:46:7e:7b:09:bb:7b:40:c9:5b:39:c9:ca:14:cb:dd:0f:c5:
77:8b:51:23:c9:11:17:03:34:62:da:45:b5:09:15:12:2d:10:
29:73:bd:73:84:a5:a2:a9:f2:1e:51:e2:5c:e3:0c:ab:d2:86:
54:69:db:2c:24:6d:00:9c:80:68:cb:49:32:4a:fb:03:65:00:
a4:e6:12:25:13:86:d9:1d:f5:34:d9:f4:48:8c:0d:b8:45:47:
47:77:11:fd:c6:23:12:00:13:f2:19:cf:a1:9e:a0:13:2b:4e:
d8:a2:3a:de:24:6a:5b:e6:a3:e4:a1:9f:aa:22:39:22:4b:51:
2c:09:bb:e9:68:71:4d:d8:fc:cb:6b:14:f1:64:30:9c:f2:35:
d0:47:83:cd:58:66:42:d6:b9:93:00:03:5f:bc:3d:a1:b1:85:
76:89:bf:57:f5:ac:59:b1:f8:24:ff:f8:6e:8e:e1:be:09:96:
58:57:45:cb:bd:e2:99:71:ba:e3:18:00:e2:80:d6:eb:c7:17:
22:b6:c1:9f:79:27:66:2f:21:82:4b:9c:0c:45:63:ae:54:fd:
2d:be:9c:78:89:28:cc:8e:0c:96:e3:df:33:ee:60:60:86:20:
f5:93:2c:bc:f3:ba:77:78:6c:18:5c:f3:24:7e:14:28:73:30:
df:ea:fc:7d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvIKptrZ+owsFEXHfeVR3uzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMTAxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI2YTI1NmEyMDM1ZjQ4MzFmMDZkNmYwNGYxYjgwMmVhMjA0MjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzthnZBB34rjcOdXfzQdSlY1H4XB
WHcz/hbLeZeCWhbBkTlfI0tcMeY6TbC1bTAxnyayPhARVUzbYwjICXySMacMQ7N+
CAe8mYhEcu+CK8STqNtT+HsnJ+1B0oIVLv39cdxzuCOyTG04ZeESWVOETV1cT6hn
vILDY59pFrcZ0nGaYYYFJYn/CCSksn9qsnjrg51+LFNIdEiOjvXS6Hw5nyX9e7Mu
3veR3BrIUgFkdwlQ9plgx1XCmcnuRjvTd3CLfAnFq35Ti+38KKCFi2WurW3R9ebj
eNWAtfKfS07ditY+fxoo90bJP5uE/glTp/8z5cm4mxh3rHhxZCqSLNNggQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJkmolaiA19IMfBtbwTxuALqIEICMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVNhaVZxSURYMGd4OEcxdkJQRzRBdW9nUWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlfcAwQA
wocgAwQAwzolAwQAw4UVAwQAw4U9AwQAw4U/AwQA1MD2MA0GCSqGSIb3DQEBCwUA
A4IBAQCZRn57Cbt7QMlbOcnKFMvdD8V3i1EjyREXAzRi2kW1CRUSLRApc71zhKWi
qfIeUeJc4wyr0oZUadssJG0AnIBoy0kySvsDZQCk5hIlE4bZHfU02fRIjA24RUdH
dxH9xiMSABPyGc+hnqATK07YojreJGpb5qPkoZ+qIjkiS1EsCbvpaHFN2PzLaxTx
ZDCc8jXQR4PNWGZC1rmTAANfvD2hsYV2ib9X9axZsfgk//hujuG+CZZYV0XLveKZ
cbrjGADigNbrxxcitsGfeSdmLyGCS5wMRWOuVP0tvpx4iSjMjgyW498z7mBghiD1
kyy887p3eGwYXPMkfhQoczDf6vx9
-----END CERTIFICATE-----
Generated at Fri Nov 24 09:02:04 2023 by rpki-client on console-ams.rpki-client.org