Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oS2Ljk2bbU5UYKrK3T8e8TnEE1c.roa
File: oS2Ljk2bbU5UYKrK3T8e8TnEE1c.roa (raw, json)
Hash identifier: Cp4x68fzMyO30AOrnFu0o81UKpcMmibJW1Tfl1r1NQ4=
Subject key identifier: A1:2D:8B:8E:4D:9B:6D:4E:54:60:AA:CA:DD:3F:1E:F1:39:C4:13:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188D88E0065EB801A065708F5F0D2787E5A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oS2Ljk2bbU5UYKrK3T8e8TnEE1c.roa
Signing time: Tue 20 Jun 2023 11:26:04 +0000
ROA not before: Tue 20 Jun 2023 11:26:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 212.193.15.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 13:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:8e:00:65:eb:80:1a:06:57:08:f5:f0:d2:78:7e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 20 11:26:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a12d8b8e4d9b6d4e5460aacadd3f1ef139c41357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:81:46:de:9a:60:cc:e9:1e:c3:2a:d1:f6:36:
d2:a6:9c:c4:c7:fb:bf:1f:7d:60:c7:39:ed:1a:da:
3f:5b:dd:93:54:c6:12:69:10:87:8d:5a:d2:0b:74:
df:83:c3:9f:cf:78:fe:0b:8a:b9:91:96:69:de:e3:
7c:4a:96:f3:e6:21:1a:e6:bb:54:3e:7f:7d:26:c5:
ad:e4:44:f1:7b:a9:da:b1:70:b0:aa:f4:a4:cd:e8:
8a:bd:6d:18:bb:91:4b:eb:43:35:ba:e9:57:a5:e7:
98:27:b2:4b:a2:2c:22:84:dc:a7:63:20:f1:c0:34:
c7:04:3a:c7:2d:c8:de:3b:db:01:72:2b:f5:b7:b7:
ef:8e:41:a5:a3:be:ba:31:04:bb:52:ec:0e:85:5f:
6d:f1:e8:1b:7d:f2:14:f1:dc:61:07:ca:f2:99:ed:
ca:01:61:1b:66:7e:62:16:f3:77:08:ce:3b:29:31:
b7:4b:05:bd:e6:70:9b:1e:c1:f3:54:14:ad:76:c6:
5d:01:10:89:23:96:80:10:34:9a:f8:27:2e:71:df:
e8:88:74:6f:50:5e:d4:c0:75:6d:da:67:a3:69:cd:
99:46:75:f9:fe:4b:1e:bd:43:48:26:9c:c0:c7:19:
dc:54:89:32:7c:cf:b3:bb:39:a9:7b:34:57:2b:91:
54:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2D:8B:8E:4D:9B:6D:4E:54:60:AA:CA:DD:3F:1E:F1:39:C4:13:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oS2Ljk2bbU5UYKrK3T8e8TnEE1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.87.22.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ea:7a:d4:91:bf:fa:17:81:68:96:2c:ae:79:b7:84:7d:83:
d7:c3:ee:5c:67:6d:cd:c0:59:d7:e4:3f:7f:e1:ac:67:d2:d3:
96:39:99:67:56:9a:17:a5:aa:fa:78:23:ba:e9:e9:3c:3a:34:
26:6e:10:0b:59:8f:e9:91:98:bc:cc:18:2f:d2:81:e1:ab:a2:
8b:fe:16:a9:b2:4c:9b:b2:2e:8c:17:07:f6:fd:47:08:99:62:
bd:7e:b6:45:21:9a:16:4e:f3:0e:e8:b8:60:13:fe:0e:83:c5:
fa:66:85:59:c8:8c:a6:4f:d8:98:0f:92:f5:51:75:86:2c:90:
cf:d6:45:c5:8e:27:85:8d:98:92:65:5f:08:48:4b:0b:af:00:
dd:76:67:56:26:95:0b:fb:ad:33:47:24:cd:e1:bc:23:f7:20:
16:5d:01:a8:64:85:69:6a:d0:af:51:7a:9b:37:03:e8:46:c0:
b8:c0:da:2e:1a:4b:14:07:fd:06:ea:ab:2e:77:5b:a8:70:5d:
a4:58:84:07:77:28:b9:d7:0f:fd:82:11:b2:8a:be:20:13:a5:
3b:e8:fa:a7:94:f7:ae:bf:85:7e:93:41:63:30:b7:16:81:35:
33:3e:a4:ee:aa:6d:10:45:ab:ca:6f:2d:97:8c:4e:00:bb:a6:
1f:ec:30:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjYjgBl64AaBlcI9fDSeH5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIwMTEyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJkOGI4ZTRkOWI2ZDRlNTQ2MGFhY2FkZDNmMWVmMTM5YzQxMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIFG3ppgzOkewyrR9jbSppzEx/u/
H31gxzntGto/W92TVMYSaRCHjVrSC3Tfg8Ofz3j+C4q5kZZp3uN8Spbz5iEa5rtU
Pn99JsWt5ETxe6nasXCwqvSkzeiKvW0Yu5FL60M1uulXpeeYJ7JLoiwihNynYyDx
wDTHBDrHLcjeO9sBciv1t7fvjkGlo766MQS7UuwOhV9t8egbffIU8dxhB8ryme3K
AWEbZn5iFvN3CM47KTG3SwW95nCbHsHzVBStdsZdARCJI5aAEDSa+Ccucd/oiHRv
UF7UwHVt2mejac2ZRnX5/ksevUNIJpzAxxncVIkyfM+zuzmpezRXK5FUZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKEti45Nm21OVGCqyt0/HvE5xBNXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb1MyTGprMmJiVTVVWUtySzNUOGU4VG5FRTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUgLAwQA
wlcWAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQB56nrUkb/6F4FoliyuebeEfYPX
w+5cZ23NwFnX5D9/4axn0tOWOZlnVpoXpar6eCO66ek8OjQmbhALWY/pkZi8zBgv
0oHhq6KL/hapskybsi6MFwf2/UcImWK9frZFIZoWTvMO6LhgE/4Og8X6ZoVZyIym
T9iYD5L1UXWGLJDP1kXFjieFjZiSZV8ISEsLrwDddmdWJpUL+60zRyTN4bwj9yAW
XQGoZIVpatCvUXqbNwPoRsC4wNouGksUB/0G6qsud1uocF2kWIQHdyi51w/9ghGy
ir4gE6U76PqnlPeuv4V+k0FjMLcWgTUzPqTuqm0QRavKby2XjE4Au6Yf7DBY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org