Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rfNzwtNVZwpscj88fJcka8juCXI.roa
File: rfNzwtNVZwpscj88fJcka8juCXI.roa (raw, json)
Hash identifier: 3xMGq/CFK+X2v+pdgIpxEx145L/7Cb+xLGTB73Ey2/M=
Subject key identifier: AD:F3:73:C2:D3:55:67:0A:6C:72:3F:3C:7C:97:24:6B:C8:EE:09:72
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B12F67787B5CBFEBF8D77CEFA71B68B9F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rfNzwtNVZwpscj88fJcka8juCXI.roa
Signing time: Mon 09 Oct 2023 05:43:44 +0000
ROA not before: Mon 09 Oct 2023 05:43:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.135.105.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:12:f6:77:87:b5:cb:fe:bf:8d:77:ce:fa:71:b6:8b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 05:43:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adf373c2d355670a6c723f3c7c97246bc8ee0972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:79:c3:bd:ba:60:bd:59:73:11:79:dd:19:5e:
c3:d0:9b:a7:fc:7d:85:59:47:89:7d:2a:e2:b2:7a:
d4:3f:49:e5:38:b9:42:08:7f:9b:a4:25:b0:56:1e:
03:06:9b:a8:f8:9f:cf:14:19:d7:10:df:5e:59:bc:
16:70:11:a0:d0:51:88:7d:1a:e5:f0:fa:67:00:c8:
41:e3:e3:54:a6:64:8f:6c:09:67:50:41:5d:66:6f:
68:62:02:d0:de:15:25:6b:3d:e4:f2:6d:f2:d3:e1:
cc:fd:98:ec:f1:3f:42:05:fe:70:64:1d:23:a2:88:
40:bd:47:d9:d5:58:99:53:18:43:b1:39:c5:90:b6:
63:3f:67:c4:16:9d:64:0d:11:08:57:ee:6b:e1:44:
5b:23:f4:80:45:86:5b:90:be:89:ed:19:be:f2:7a:
b8:be:b3:3e:07:5f:27:9c:19:65:46:4d:24:3c:82:
ef:1d:a6:55:79:2f:05:ee:1e:18:17:f6:65:22:9b:
44:33:63:5e:78:45:73:a0:0a:3b:43:e3:e9:92:d3:
ad:9c:7b:55:22:73:05:8e:30:c6:08:76:e8:9e:dc:
50:d5:2c:63:98:a9:12:be:80:40:ac:8d:d1:28:fb:
bf:ab:b1:5c:e1:79:e0:9d:f7:e9:ca:b8:fd:bc:2e:
22:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:73:C2:D3:55:67:0A:6C:72:3F:3C:7C:97:24:6B:C8:EE:09:72
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rfNzwtNVZwpscj88fJcka8juCXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.52.0/24
194.87.87.0/24
194.135.105.0/24
195.133.41.0/24
Signature Algorithm: sha256WithRSAEncryption
26:71:58:0f:3d:98:53:5c:23:f9:f2:e4:54:c2:7b:d0:f5:f5:
11:dd:2a:a8:fd:1c:6e:17:31:86:76:ee:69:df:e9:47:49:1f:
5a:9e:75:e7:20:dd:71:21:18:32:03:01:a6:b1:44:be:00:3b:
65:ad:cb:a2:be:d0:4a:fb:0d:a9:87:56:74:91:ac:67:7a:15:
65:6f:6a:6b:53:03:82:8b:c7:92:58:40:d7:3e:b3:ae:9a:8a:
9c:ae:b4:e8:70:ac:06:92:9e:7c:99:74:57:8e:bb:11:f9:c9:
9a:4b:ed:fd:df:48:0b:71:8b:ce:fe:be:ea:28:1d:c6:b6:4b:
e4:53:5b:c8:cc:47:17:77:3d:9f:7d:61:68:5a:94:79:ba:76:
22:98:36:47:96:88:e9:a0:10:96:7f:83:35:25:61:e2:df:e6:
62:75:44:4a:59:ec:db:df:1d:88:8b:d9:c5:4b:3a:7e:cc:71:
c5:52:ed:30:e3:87:12:d9:b1:e4:33:a4:0d:29:30:da:71:ad:
e8:03:61:60:d0:ba:ee:64:3b:69:6a:94:40:84:80:82:5a:7e:
89:10:44:47:35:52:c1:93:b5:de:4e:ff:79:6f:ac:2f:ed:b5:
8e:21:19:d9:e5:02:83:20:1e:b4:e7:92:d0:03:bc:cd:ad:a4:
b4:70:5e:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsS9neHtcv+v413zvpxtoufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MDU0MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGYzNzNjMmQzNTU2NzBhNmM3MjNmM2M3Yzk3MjQ2YmM4ZWUwOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHnDvbpgvVlzEXndGV7D0Jun/H2F
WUeJfSrisnrUP0nlOLlCCH+bpCWwVh4DBpuo+J/PFBnXEN9eWbwWcBGg0FGIfRrl
8PpnAMhB4+NUpmSPbAlnUEFdZm9oYgLQ3hUlaz3k8m3y0+HM/Zjs8T9CBf5wZB0j
oohAvUfZ1ViZUxhDsTnFkLZjP2fEFp1kDREIV+5r4URbI/SARYZbkL6J7Rm+8nq4
vrM+B18nnBllRk0kPILvHaZVeS8F7h4YF/ZlIptEM2NeeEVzoAo7Q+PpktOtnHtV
InMFjjDGCHbontxQ1SxjmKkSvoBArI3RKPu/q7Fc4Xngnffpyrj9vC4i2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK3zc8LTVWcKbHI/PHyXJGvI7glyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcmZOend0TlZad3BzY2o4OGZKY2thOGp1Q1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlc0AwQA
wldXAwQAwodpAwQAw4UpMA0GCSqGSIb3DQEBCwUAA4IBAQAmcVgPPZhTXCP58uRU
wnvQ9fUR3Sqo/RxuFzGGdu5p3+lHSR9annXnIN1xIRgyAwGmsUS+ADtlrcuivtBK
+w2ph1Z0kaxnehVlb2prUwOCi8eSWEDXPrOumoqcrrTocKwGkp58mXRXjrsR+cma
S+3930gLcYvO/r7qKB3GtkvkU1vIzEcXdz2ffWFoWpR5unYimDZHlojpoBCWf4M1
JWHi3+ZidURKWezb3x2Ii9nFSzp+zHHFUu0w44cS2bHkM6QNKTDaca3oA2Fg0Lru
ZDtpapRAhICCWn6JEERHNVLBk7XeTv95b6wv7bWOIRnZ5QKDIB6055LQA7zNraS0
cF5u
-----END CERTIFICATE-----
Generated at Mon Oct 9 09:01:18 2023 by rpki-client on console-ams.rpki-client.org