Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pBgIZlPi8SWybP9ogwtA9j9dpcY.roa
File: pBgIZlPi8SWybP9ogwtA9j9dpcY.roa (raw, json)
Hash identifier: aPzAjZcnpfHGXfpXf3QVS5Q7PW634L2RutoqKQ/yjfc=
Subject key identifier: A4:18:08:66:53:E2:F1:25:B2:6C:FF:68:83:0B:40:F6:3F:5D:A5:C6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189E3C535D855DC6E72EB921EF7379DE018
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pBgIZlPi8SWybP9ogwtA9j9dpcY.roa
Signing time: Fri 11 Aug 2023 08:44:59 +0000
ROA not before: Fri 11 Aug 2023 08:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:c5:35:d8:55:dc:6e:72:eb:92:1e:f7:37:9d:e0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 08:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a418086653e2f125b26cff68830b40f63f5da5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:e9:47:2f:14:c5:48:ab:05:e8:79:f0:cd:
54:a0:e3:e2:a3:dd:bd:2e:5e:f6:59:04:a2:b7:72:
45:5f:e5:c0:a0:5c:a0:30:d8:43:8d:c9:0f:38:f1:
c4:66:89:09:fe:57:c9:ed:df:95:4c:d5:4f:bd:04:
6a:a3:ee:3b:85:0e:20:da:66:6f:a4:09:cb:ed:80:
54:f9:ad:6b:d0:f5:70:26:ea:2f:27:87:3d:fd:76:
44:15:cf:ca:af:85:bd:f1:ff:c1:ea:4d:19:9a:a1:
ea:77:a1:ed:a6:ee:18:d9:e6:4e:ef:31:5a:79:01:
ae:38:24:b8:d5:d2:f6:7b:c4:69:dd:47:3e:68:0c:
31:89:d1:01:e9:31:3a:27:61:c1:94:fe:57:c2:10:
6c:0b:eb:dc:c7:be:e5:c5:ee:d1:b6:c5:5f:b2:7b:
dc:28:27:10:f9:4c:59:ed:44:1f:8c:ee:ce:76:0b:
f5:cf:d4:4e:b1:bf:b6:f5:d7:72:49:ee:ec:88:9c:
82:83:1d:a8:e5:d3:96:78:cb:ae:1e:1b:c5:77:1d:
10:5e:6f:71:44:39:17:ab:90:12:e3:d1:bc:f2:d9:
5a:2c:bb:db:a3:c7:91:b9:84:ec:c9:99:49:2d:94:
51:b5:99:40:eb:dc:56:ee:d9:03:d8:71:01:71:e7:
f0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:18:08:66:53:E2:F1:25:B2:6C:FF:68:83:0B:40:F6:3F:5D:A5:C6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pBgIZlPi8SWybP9ogwtA9j9dpcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.87.3.0/24
194.87.16.0/24
194.87.36.0/24
194.87.117.0-194.87.120.255
194.87.176.0/23
195.58.56.0/24
212.192.0.0/24
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:33:95:fb:04:39:89:f2:06:6d:f9:01:a0:75:73:8e:63:38:
61:47:c5:98:93:79:4a:18:80:82:d4:84:3a:54:e8:75:46:9e:
15:11:dc:ae:af:5e:3c:71:7f:06:79:85:92:78:6e:6c:d1:82:
77:97:61:e2:8b:70:6f:8a:ed:fb:96:40:c5:59:8a:7d:67:1e:
1c:bd:2b:cb:06:5e:ec:8d:98:b8:aa:74:1b:4b:ef:d4:de:db:
c4:23:c6:5e:a4:52:b4:12:39:f1:b6:1f:61:4b:37:fd:6e:39:
3c:41:3d:44:12:0f:6a:24:1d:a2:33:f3:7a:6e:7e:05:1e:81:
ff:fd:29:ff:2f:45:5c:d1:17:4b:e6:f6:7f:a2:e8:ce:66:50:
7f:8b:b3:b8:19:b5:b5:a2:b2:af:61:f4:72:48:ac:46:4b:80:
51:70:22:67:a3:9d:aa:03:ff:fb:95:9e:7b:ba:da:34:bb:b7:
78:a2:84:62:9c:8d:e9:4e:0d:31:fa:7f:6c:fc:73:37:35:d2:
fe:3d:72:43:8b:dd:ef:fa:d6:15:ff:e1:b4:46:2f:af:fd:7d:
36:89:89:ff:24:e0:f1:6a:bc:06:35:e2:da:df:5a:b4:2d:b6:
9c:e9:df:53:73:31:81:17:74:ea:9b:0a:e1:d6:70:1f:34:a1:
b5:96:5e:79
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYnjxTXYVdxucuuSHvc3neAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODExMDg0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE4MDg2NjUzZTJmMTI1YjI2Y2ZmNjg4MzBiNDBmNjNmNWRhNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSLpRy8UxUirBeh58M1UoOPio929
Ll72WQSit3JFX+XAoFygMNhDjckPOPHEZokJ/lfJ7d+VTNVPvQRqo+47hQ4g2mZv
pAnL7YBU+a1r0PVwJuovJ4c9/XZEFc/Kr4W98f/B6k0ZmqHqd6Htpu4Y2eZO7zFa
eQGuOCS41dL2e8Rp3Uc+aAwxidEB6TE6J2HBlP5XwhBsC+vcx77lxe7RtsVfsnvc
KCcQ+UxZ7UQfjO7Odgv1z9ROsb+29ddySe7siJyCgx2o5dOWeMuuHhvFdx0QXm9x
RDkXq5AS49G88tlaLLvbo8eRuYTsyZlJLZRRtZlA69xW7tkD2HEBcefwnwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKQYCGZT4vElsmz/aIMLQPY/XaXGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcEJnSVpsUGk4U1d5YlA5b2d3dEE5ajlkcGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAPkziAwQA
wlcDAwQAwlcQAwQAwlckMAwDBADCV3UDBADCV3gDBAHCV7ADBADDOjgDBADUwAAD
BADUwAgwDQYJKoZIhvcNAQELBQADggEBAFszlfsEOYnyBm35AaB1c45jOGFHxZiT
eUoYgILUhDpU6HVGnhUR3K6vXjxxfwZ5hZJ4bmzRgneXYeKLcG+K7fuWQMVZin1n
Hhy9K8sGXuyNmLiqdBtL79Te28Qjxl6kUrQSOfG2H2FLN/1uOTxBPUQSD2okHaIz
83pufgUegf/9Kf8vRVzRF0vm9n+i6M5mUH+Ls7gZtbWisq9h9HJIrEZLgFFwImej
naoD//uVnnu62jS7t3iihGKcjelODTH6f2z8czc10v49ckOL3e/61hX/4bRGL6/9
fTaJif8k4PFqvAY14trfWrQttpzp31NzMYEXdOqbCuHWcB80obWWXnk=
-----END CERTIFICATE-----
Generated at Fri Aug 18 07:20:19 2023 by rpki-client on console-fra.rpki-client.org