Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVMsH2VRrPhMutk3PGs2pWptL1c.roa
File: mVMsH2VRrPhMutk3PGs2pWptL1c.roa (raw, json)
Hash identifier: 5E+81ZHmmiA5vHh4w4gYvvlaI3CWCXYMIJisun8Qyw8=
Subject key identifier: 99:53:2C:1F:65:51:AC:F8:4C:BA:D9:37:3C:6B:36:A5:6A:6D:2F:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186929C5227F49400F35420093C9313B56F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVMsH2VRrPhMutk3PGs2pWptL1c.roa
Signing time: Mon 27 Feb 2023 11:22:43 +0000
ROA not before: Mon 27 Feb 2023 11:22:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.58.33.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:9c:52:27:f4:94:00:f3:54:20:09:3c:93:13:b5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 27 11:22:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99532c1f6551acf84cbad9373c6b36a56a6d2f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:39:10:d9:d6:4d:15:52:1e:cd:07:8d:5b:
22:3c:b6:89:5a:19:2b:41:1a:dd:0f:d0:0e:9e:f2:
3c:8f:28:f8:0c:41:44:a5:90:f9:60:12:0b:11:f3:
0d:10:bc:78:fd:9c:9e:a3:99:75:32:1a:55:de:15:
85:c7:aa:45:f3:fc:36:e4:ea:1e:a5:16:5f:bf:df:
7c:fb:8e:4d:58:6b:a3:a8:ef:bb:1f:51:6c:5c:12:
75:8d:ea:7b:66:36:99:d8:2e:3a:0d:ab:bf:3a:e9:
de:84:7c:fe:c6:93:33:f6:b8:88:4b:1e:41:0f:70:
08:ea:07:ae:7e:bd:cf:9a:e0:96:73:c2:8c:b0:28:
46:0a:92:26:21:c4:f4:3b:60:f3:c8:2c:35:04:89:
a7:b7:f0:e8:7b:e9:44:c6:9d:c2:a9:74:b4:c3:8d:
42:8f:b1:ed:c6:05:98:2f:a6:01:21:b3:74:ca:53:
18:08:e4:60:71:72:56:44:83:2d:52:1f:d0:54:7b:
60:f4:8d:5f:99:81:3c:74:f0:37:cf:1e:30:26:4c:
15:bc:81:23:84:72:8c:eb:bd:08:c6:49:ab:f2:63:
35:a2:f9:32:09:aa:b2:f1:81:f0:a2:b5:fe:6f:1e:
25:3f:5b:68:8c:fa:4f:45:50:6f:1e:3d:e3:05:55:
73:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:53:2C:1F:65:51:AC:F8:4C:BA:D9:37:3C:6B:36:A5:6A:6D:2F:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mVMsH2VRrPhMutk3PGs2pWptL1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.199.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:56:23:ea:2b:fd:cc:02:c5:8b:9e:16:00:2c:37:7c:47:38:
68:f0:15:bd:a6:2f:9a:1d:50:92:2e:35:89:12:b0:de:b7:6c:
59:b7:61:d7:0f:19:54:f8:52:38:a3:a4:61:6a:a3:07:94:80:
e8:9e:5d:65:98:f1:7e:07:80:b0:b7:a9:8a:7a:ff:c2:88:99:
2b:80:4c:be:33:a2:ba:6e:30:d8:76:ec:70:41:2f:56:bd:b9:
21:8b:e9:6d:e0:98:e4:dc:24:fe:72:ba:e0:1a:d5:75:fd:62:
ce:fa:cc:20:aa:62:a5:9d:ac:4b:d4:c0:87:f4:db:94:de:e3:
3a:5e:6f:e8:cf:f6:d7:b4:d1:47:41:5f:22:8b:0c:39:70:45:
ca:9f:ad:ed:aa:82:eb:8f:a7:63:10:5e:16:90:80:01:39:0b:
2e:48:02:dd:73:5b:ab:d4:a0:2a:88:ae:b5:01:65:98:0a:d5:
69:14:c2:03:e4:d5:d6:71:15:f6:41:99:33:1b:b1:53:e6:e8:
05:8c:61:32:6b:4c:55:62:8d:25:d5:8d:30:0e:2a:ba:90:5d:
7b:c6:20:6c:8d:4f:02:db:73:03:74:4f:95:ea:9e:53:9e:3f:
79:a3:d6:bf:95:64:2a:0e:a2:86:68:cf:44:82:bf:27:d6:43:
c4:bb:f8:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaSnFIn9JQA81QgCTyTE7VvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI3MTEyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUzMmMxZjY1NTFhY2Y4NGNiYWQ5MzczYzZiMzZhNTZhNmQyZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGA5ENnWTRVSHs0HjVsiPLaJWhkr
QRrdD9AOnvI8jyj4DEFEpZD5YBILEfMNELx4/Zyeo5l1MhpV3hWFx6pF8/w25Ooe
pRZfv998+45NWGujqO+7H1FsXBJ1jep7ZjaZ2C46Dau/OunehHz+xpMz9riISx5B
D3AI6geufr3PmuCWc8KMsChGCpImIcT0O2DzyCw1BImnt/Doe+lExp3CqXS0w41C
j7HtxgWYL6YBIbN0ylMYCORgcXJWRIMtUh/QVHtg9I1fmYE8dPA3zx4wJkwVvIEj
hHKM670Ixkmr8mM1ovkyCaqy8YHworX+bx4lP1tojPpPRVBvHj3jBVVzwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJlTLB9lUaz4TLrZNzxrNqVqbS9XMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVZNc0gyVlJyUGhNdXRrM1BHczJwV3B0TDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjohAwQA
wlfHMA0GCSqGSIb3DQEBCwUAA4IBAQAMViPqK/3MAsWLnhYALDd8Rzho8BW9pi+a
HVCSLjWJErDet2xZt2HXDxlU+FI4o6RhaqMHlIDonl1lmPF+B4Cwt6mKev/CiJkr
gEy+M6K6bjDYduxwQS9Wvbkhi+lt4Jjk3CT+crrgGtV1/WLO+swgqmKlnaxL1MCH
9NuU3uM6Xm/oz/bXtNFHQV8iiww5cEXKn63tqoLrj6djEF4WkIABOQsuSALdc1ur
1KAqiK61AWWYCtVpFMID5NXWcRX2QZkzG7FT5ugFjGEya0xVYo0l1Y0wDiq6kF17
xiBsjU8C23MDdE+V6p5Tnj95o9a/lWQqDqKGaM9Egr8n1kPEu/h7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org