Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oW7r5RCeF3ElL92m2KDx3D1g-V0.roa
File: oW7r5RCeF3ElL92m2KDx3D1g-V0.roa (raw, json)
Hash identifier: IXmj690Fpr6cVti1wOAq2c6NTZqydr3FQLfk2Wx/uHU=
Subject key identifier: A1:6E:EB:E5:10:9E:17:71:25:2F:DD:A6:D8:A0:F1:DC:3D:60:F9:5D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01888533002E8FC9871CA9B68DFAA8421CF2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oW7r5RCeF3ElL92m2KDx3D1g-V0.roa
Signing time: Sun 04 Jun 2023 06:58:12 +0000
ROA not before: Sun 04 Jun 2023 06:58:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 194.87.220.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:85:33:00:2e:8f:c9:87:1c:a9:b6:8d:fa:a8:42:1c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 4 06:58:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a16eebe5109e1771252fdda6d8a0f1dc3d60f95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:58:18:f6:98:8c:48:61:17:e4:db:5f:f3:84:
9c:7c:1e:05:fe:a1:a5:09:2c:cb:a1:9f:91:e8:b6:
85:06:5d:1c:cb:8b:48:94:2a:a0:4e:3b:a6:84:58:
96:4f:06:20:4a:f3:91:d3:5a:b8:55:fa:d9:46:bb:
33:b4:dc:1a:8d:cd:c2:5b:b3:49:fe:91:57:6c:94:
82:1c:1e:fd:0e:e2:0a:0d:6b:ed:ad:50:79:62:01:
8d:11:7e:39:fe:e0:d8:90:29:38:aa:57:37:44:be:
32:9e:ad:bb:19:d3:89:9a:05:d5:c8:e1:17:75:05:
42:f2:ac:14:a7:58:13:27:7c:48:23:b4:76:7a:1b:
16:cb:15:38:5f:54:7a:67:f9:23:79:80:5c:6a:94:
f7:72:3d:47:36:99:b5:80:58:df:55:66:86:32:5f:
bf:97:67:2d:43:cf:eb:c6:3f:a0:89:b4:54:91:94:
47:7e:76:24:4c:7c:5c:50:04:ba:eb:6f:ce:c7:2a:
7f:6a:bd:b6:75:9e:77:2b:4f:09:0c:f0:fd:06:d3:
25:7f:8f:d0:94:02:ea:bd:20:5a:a0:ef:32:d8:c3:
84:6c:41:c0:37:f2:cc:7f:3b:6e:06:67:e9:17:14:
71:75:21:89:29:93:de:a2:fc:63:6e:69:2b:f2:a4:
c8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6E:EB:E5:10:9E:17:71:25:2F:DD:A6:D8:A0:F1:DC:3D:60:F9:5D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oW7r5RCeF3ElL92m2KDx3D1g-V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0-193.124.46.255
194.58.58.0/24
194.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
60:ca:f2:c6:2f:8e:91:2c:b9:ba:8c:d4:af:77:e3:c7:b3:7f:
bb:ca:02:2e:87:05:f6:6b:a6:3c:53:cc:e7:e5:e0:d2:13:8a:
78:fb:a5:e3:5e:5b:40:26:1e:57:31:4c:1e:29:2a:c6:16:b2:
46:00:84:fe:92:00:89:79:40:c0:15:4d:f5:59:32:84:2f:cc:
d1:cb:81:59:8f:a0:18:9e:68:24:c9:5e:22:f0:b2:ff:64:4e:
7f:81:b0:29:9b:bd:ca:a7:88:a5:00:1b:e2:4e:93:92:57:b8:
8d:ea:ea:6f:3d:6f:84:35:59:bc:51:5d:60:8b:ac:81:c4:96:
b9:c2:97:e6:f2:20:f4:4f:94:c5:ac:94:5a:f2:97:61:2f:60:
78:f9:5b:cf:cb:b9:f0:3f:da:55:6b:5c:5f:26:6c:e2:9e:7b:
d5:1d:90:e5:26:38:12:d6:91:f4:5f:24:81:4d:a9:e5:74:b4:
2c:d9:55:7e:64:3e:8e:9a:50:83:aa:db:f7:87:f7:1f:ab:04:
3f:b6:a2:ae:a0:b4:ec:ea:d7:f1:76:42:25:44:0c:8d:49:8f:
cb:04:90:ed:cf:76:9f:39:46:97:4a:e1:89:e2:3a:71:2c:85:
e0:72:bb:bc:b3:02:09:e2:ca:f6:e1:91:39:07:35:33:12:ed:
1d:b1:c5:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiFMwAuj8mHHKm2jfqoQhzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA0MDY1ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZlZWJlNTEwOWUxNzcxMjUyZmRkYTZkOGEwZjFkYzNkNjBmOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVgY9piMSGEX5Ntf84ScfB4F/qGl
CSzLoZ+R6LaFBl0cy4tIlCqgTjumhFiWTwYgSvOR01q4VfrZRrsztNwajc3CW7NJ
/pFXbJSCHB79DuIKDWvtrVB5YgGNEX45/uDYkCk4qlc3RL4ynq27GdOJmgXVyOEX
dQVC8qwUp1gTJ3xII7R2ehsWyxU4X1R6Z/kjeYBcapT3cj1HNpm1gFjfVWaGMl+/
l2ctQ8/rxj+gibRUkZRHfnYkTHxcUAS662/Oxyp/ar22dZ53K08JDPD9BtMlf4/Q
lALqvSBaoO8y2MOEbEHAN/LMfztuBmfpFxRxdSGJKZPeovxjbmkr8qTI8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKFu6+UQnhdxJS/dptig8dw9YPldMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb1c3cjVSQ2VGM0VsTDkybTJLRHgzRDFnLVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBfC0D
BADBfC4DBADCOjoDBADCV9wwDQYJKoZIhvcNAQELBQADggEBAGDK8sYvjpEsubqM
1K9348ezf7vKAi6HBfZrpjxTzOfl4NITinj7peNeW0AmHlcxTB4pKsYWskYAhP6S
AIl5QMAVTfVZMoQvzNHLgVmPoBieaCTJXiLwsv9kTn+BsCmbvcqniKUAG+JOk5JX
uI3q6m89b4Q1WbxRXWCLrIHElrnCl+byIPRPlMWslFryl2EvYHj5W8/LufA/2lVr
XF8mbOKee9UdkOUmOBLWkfRfJIFNqeV0tCzZVX5kPo6aUIOq2/eH9x+rBD+2oq6g
tOzq1/F2QiVEDI1Jj8sEkO3Pdp85RpdK4YniOnEsheByu7yzAgniyvbhkTkHNTMS
7R2xxeE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org