Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phe1yO9XbdjjslTTTCMX2YzWagk.roa
File: phe1yO9XbdjjslTTTCMX2YzWagk.roa (raw, json)
Hash identifier: AzqXQF/LV+J408+x0dpBFr5L9SQZA3A5rz9cdZqQJ6g=
Subject key identifier: A6:17:B5:C8:EF:57:6D:D8:E3:B2:54:D3:4C:23:17:D9:8C:D6:6A:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B8012C74A8BA1D3A296506920D2405E79
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phe1yO9XbdjjslTTTCMX2YzWagk.roa
Signing time: Mon 30 Oct 2023 10:13:16 +0000
ROA not before: Mon 30 Oct 2023 10:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400402
IP address blocks: 194.87.128.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:12:c7:4a:8b:a1:d3:a2:96:50:69:20:d2:40:5e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 30 10:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a617b5c8ef576dd8e3b254d34c2317d98cd66a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:eb:5a:9a:69:d7:34:85:63:2e:b7:c5:cc:e4:
c2:dc:e5:60:ac:b6:54:44:3c:81:51:52:06:f7:b0:
91:2c:20:df:77:68:41:bd:e1:97:4a:a5:a4:72:aa:
07:84:0e:bd:8c:9b:68:85:ee:5e:71:fc:48:0f:a0:
1a:3e:2b:00:3c:d6:8c:03:7a:3d:5c:f7:12:c0:7b:
a5:4f:21:c4:3d:31:2f:aa:eb:a6:8e:24:e0:8d:1c:
1e:89:1d:d8:fe:00:2e:18:40:1f:06:3c:c9:b3:73:
3d:f3:f3:eb:d5:01:3c:6e:a3:47:05:96:ec:ea:98:
45:61:dc:74:99:74:f2:08:b5:39:44:8c:14:67:7a:
fc:52:27:b1:a7:ea:d8:c2:0e:83:e8:bf:50:6a:fe:
3e:78:e6:7e:2b:88:19:30:de:0c:6b:2c:1e:f5:f8:
a3:4d:88:1a:52:19:9c:b9:d0:90:5b:e4:3b:3d:65:
81:ba:d2:d8:51:22:fe:12:52:ba:84:a0:1f:f3:67:
7a:6c:25:db:6c:a0:16:e1:fd:32:b5:e4:97:d2:17:
20:57:1a:b1:8d:3b:c0:e5:4d:e4:1d:49:7c:80:66:
57:3a:fa:58:61:39:68:12:ed:29:94:3b:ca:0d:c7:
97:ec:f2:45:f5:fc:81:93:77:95:39:ea:90:9e:43:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:17:B5:C8:EF:57:6D:D8:E3:B2:54:D3:4C:23:17:D9:8C:D6:6A:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phe1yO9XbdjjslTTTCMX2YzWagk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.128.0/24
195.58.60.0/24
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:0d:34:cd:55:7e:25:e9:62:ad:df:59:20:e2:5f:d5:db:94:
08:0f:91:a7:ae:88:06:87:3b:e7:17:ab:f9:db:09:df:b9:72:
d7:bb:65:65:ef:88:aa:4d:db:2e:a2:29:ab:71:aa:5e:c0:7c:
f1:cc:6c:2f:fa:33:0c:c4:bb:aa:8c:d0:37:1a:c8:0e:0e:4c:
50:17:22:94:24:68:1f:8e:08:a2:97:89:21:11:96:89:6d:c0:
35:c4:26:25:5a:dc:bf:57:82:2f:3b:21:78:84:4c:24:9f:f7:
38:d2:ec:39:33:8c:52:48:d1:58:7b:00:65:84:d6:bd:21:49:
3b:87:8e:be:57:29:59:be:62:66:b6:bf:1c:70:86:7f:15:14:
5f:d7:f1:39:9e:b3:ce:f6:e9:43:b3:8a:6e:fc:21:bb:7a:60:
0d:57:4d:4b:65:74:76:30:e6:21:b4:ab:5e:f2:43:29:a5:02:
21:2f:77:cf:cb:b3:03:6b:cd:83:51:e3:01:98:26:f8:26:94:
7e:e9:90:56:68:a0:16:99:31:3d:65:f2:bf:38:66:cb:75:e0:
d4:f2:fa:52:34:00:b9:28:79:ad:a7:aa:fe:bf:2a:08:ce:6e:
9a:29:be:bf:06:88:df:ea:75:d2:a8:6f:03:f2:3d:bb:fe:18:
c8:72:3f:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuAEsdKi6HTopZQaSDSQF55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDMwMTAxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE3YjVjOGVmNTc2ZGQ4ZTNiMjU0ZDM0YzIzMTdkOThjZDY2YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAketammnXNIVjLrfFzOTC3OVgrLZU
RDyBUVIG97CRLCDfd2hBveGXSqWkcqoHhA69jJtohe5ecfxID6AaPisAPNaMA3o9
XPcSwHulTyHEPTEvquumjiTgjRweiR3Y/gAuGEAfBjzJs3M98/Pr1QE8bqNHBZbs
6phFYdx0mXTyCLU5RIwUZ3r8Uiexp+rYwg6D6L9Qav4+eOZ+K4gZMN4Maywe9fij
TYgaUhmcudCQW+Q7PWWButLYUSL+ElK6hKAf82d6bCXbbKAW4f0yteSX0hcgVxqx
jTvA5U3kHUl8gGZXOvpYYTloEu0plDvKDceX7PJF9fyBk3eVOeqQnkPfxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKYXtcjvV23Y47JU00wjF9mM1moJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGhlMXlPOVhiZGpqc2xUVFRDTVgyWXpXYWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxfAwQA
wleAAwQAwzo8AwQAw4UYMA0GCSqGSIb3DQEBCwUAA4IBAQAKDTTNVX4l6WKt31kg
4l/V25QID5GnrogGhzvnF6v52wnfuXLXu2Vl74iqTdsuoimrcapewHzxzGwv+jMM
xLuqjNA3GsgODkxQFyKUJGgfjgiil4khEZaJbcA1xCYlWty/V4IvOyF4hEwkn/c4
0uw5M4xSSNFYewBlhNa9IUk7h46+VylZvmJmtr8ccIZ/FRRf1/E5nrPO9ulDs4pu
/CG7emANV01LZXR2MOYhtKte8kMppQIhL3fPy7MDa82DUeMBmCb4JpR+6ZBWaKAW
mTE9ZfK/OGbLdeDU8vpSNAC5KHmtp6r+vyoIzm6aKb6/Bojf6nXSqG8D8j27/hjI
cj/M
-----END CERTIFICATE-----
Generated at Wed Nov 8 18:32:29 2023 by rpki-client on console-fra.rpki-client.org