Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nNsfLvVLEW-MxgLZNICyYtyVN30.roa
File: nNsfLvVLEW-MxgLZNICyYtyVN30.roa (raw, json)
Hash identifier: zNEYGzl4Yt9pe9+yAfFQugt4AfyI4XIRsKo2+917NR4=
Subject key identifier: 9C:DB:1F:2E:F5:4B:11:6F:8C:C6:02:D9:34:80:B2:62:DC:95:37:7D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01889427BC1D6F9F842801EB3730CFD3713B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nNsfLvVLEW-MxgLZNICyYtyVN30.roa
Signing time: Wed 07 Jun 2023 04:40:12 +0000
ROA not before: Wed 07 Jun 2023 04:40:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:27:bc:1d:6f:9f:84:28:01:eb:37:30:cf:d3:71:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 7 04:40:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cdb1f2ef54b116f8cc602d93480b262dc95377d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:89:4a:c3:ab:a1:28:b5:17:bc:15:15:91:b7:
d4:d0:ee:aa:4f:6d:db:4e:19:ad:b2:3d:ff:6e:b2:
8e:0d:f5:3d:cb:f2:35:d0:68:64:ff:17:6d:89:ae:
48:9a:f0:d6:38:e3:cd:ac:8b:7f:dc:f6:79:c7:6f:
fe:8e:b0:9d:f7:1e:84:9e:39:d5:40:d1:30:b2:a9:
56:82:c6:c5:bd:ec:aa:c3:f6:f6:60:16:d3:9f:4a:
83:a0:ff:73:0c:a5:c1:ea:7a:39:83:cf:b0:44:76:
ec:6f:12:dd:49:98:aa:ab:46:8a:80:69:37:30:5d:
c5:85:cf:9d:42:ad:2c:8c:64:00:89:5e:d9:75:df:
80:7b:7f:a0:2d:81:0d:a3:68:a8:f6:88:ff:d2:ea:
bd:bc:ad:89:ff:74:3f:7a:25:12:e0:a2:b2:db:b7:
35:5f:d7:35:4b:f2:cf:08:60:a4:50:49:25:f7:8f:
6c:4a:44:5e:ea:0d:27:fa:2c:9a:57:35:bb:81:75:
81:a1:45:2a:73:27:af:44:9d:b6:28:62:d4:8e:41:
b6:2a:ef:c8:74:d5:84:f8:1f:45:16:f5:a6:2a:bc:
48:25:b3:ac:e9:3a:ad:2b:9a:6e:9e:22:2e:9c:36:
55:92:76:b2:3f:78:a1:33:81:03:87:18:07:75:32:
d8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DB:1F:2E:F5:4B:11:6F:8C:C6:02:D9:34:80:B2:62:DC:95:37:7D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nNsfLvVLEW-MxgLZNICyYtyVN30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.47.0/24
194.58.46.0/24
194.87.30.0/24
194.87.161.0/24
194.87.163.0/24
194.87.207.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ce:e8:db:30:64:6a:e6:c6:72:30:97:7a:ec:47:f7:28:85:
a5:48:6c:55:ab:d4:43:9a:fa:b4:06:3c:22:8b:fa:3f:0f:96:
ca:89:a3:4b:bc:f0:41:85:f9:25:2a:07:e0:85:20:0d:f8:98:
1b:42:b7:f8:e2:ae:a3:88:b0:cd:6f:41:05:11:be:cd:5c:50:
da:6d:09:2f:fa:89:a1:cc:91:ae:12:79:7a:b2:d8:19:53:e7:
72:b2:f8:35:28:99:10:2c:79:ba:f6:57:91:08:95:5f:dd:e4:
3d:26:d8:4e:05:43:bb:8e:b7:92:cd:ec:0a:08:5b:cc:47:f5:
d2:ca:66:ea:b0:f5:c3:57:43:78:45:e9:c0:36:8e:b4:df:92:
79:9d:18:ef:5f:77:a8:26:6d:53:a5:39:3b:fd:d9:7b:c6:60:
08:e6:39:6c:dd:bb:80:f1:40:89:d3:06:2f:5a:66:56:17:ed:
58:7c:b2:6f:5b:52:ea:ca:0d:a6:2f:5c:f2:20:4e:28:09:d0:
fb:a5:30:e6:84:e6:79:5a:97:b0:03:b4:03:cc:92:bf:31:61:
26:9a:83:b9:c1:21:15:d9:7d:6a:3e:75:70:05:65:ea:14:10:
02:00:00:42:db:84:cc:8b:02:66:9e:19:79:d0:f4:0b:40:88:
82:01:12:59
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYiUJ7wdb5+EKAHrNzDP03E7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA3MDQ0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2RiMWYyZWY1NGIxMTZmOGNjNjAyZDkzNDgwYjI2MmRjOTUzNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54lKw6uhKLUXvBUVkbfU0O6qT23b
Thmtsj3/brKODfU9y/I10Ghk/xdtia5ImvDWOOPNrIt/3PZ5x2/+jrCd9x6EnjnV
QNEwsqlWgsbFveyqw/b2YBbTn0qDoP9zDKXB6no5g8+wRHbsbxLdSZiqq0aKgGk3
MF3Fhc+dQq0sjGQAiV7Zdd+Ae3+gLYENo2io9oj/0uq9vK2J/3Q/eiUS4KKy27c1
X9c1S/LPCGCkUEkl949sSkRe6g0n+iyaVzW7gXWBoUUqcyevRJ22KGLUjkG2Ku/I
dNWE+B9FFvWmKrxIJbOs6TqtK5puniIunDZVknayP3ihM4EDhxgHdTLYzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJzbHy71SxFvjMYC2TSAsmLclTd9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbk5zZkx2VkxFVy1NeGdMWk5JQ3lZdHlWTjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwSAwQA
wXwvAwQAwjouAwQAwlceAwQAwlehAwQAwlejAwQAwlfPMA0GCSqGSIb3DQEBCwUA
A4IBAQBBzujbMGRq5sZyMJd67Ef3KIWlSGxVq9RDmvq0Bjwii/o/D5bKiaNLvPBB
hfklKgfghSAN+JgbQrf44q6jiLDNb0EFEb7NXFDabQkv+omhzJGuEnl6stgZU+dy
svg1KJkQLHm69leRCJVf3eQ9JthOBUO7jreSzewKCFvMR/XSymbqsPXDV0N4RenA
No6035J5nRjvX3eoJm1TpTk7/dl7xmAI5jls3buA8UCJ0wYvWmZWF+1YfLJvW1Lq
yg2mL1zyIE4oCdD7pTDmhOZ5WpewA7QDzJK/MWEmmoO5wSEV2X1qPnVwBWXqFBAC
AABC24TMiwJmnhl50PQLQIiCARJZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org