Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rjye5iOtQ-bnAQNYSKbCghcUh2Y.roa
File: rjye5iOtQ-bnAQNYSKbCghcUh2Y.roa (raw, json)
Hash identifier: /bnnYrMDHprS8KXdqRfeKe3SpOsqPSq+4rIvdxlmISA=
Subject key identifier: AE:3C:9E:E6:23:AD:43:E6:E7:01:03:58:48:A6:C2:82:17:14:87:66
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185BA03AFFF17E837E0DCD26C4200AFC032
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rjye5iOtQ-bnAQNYSKbCghcUh2Y.roa
Signing time: Mon 16 Jan 2023 09:58:01 +0000
ROA not before: Mon 16 Jan 2023 09:58:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.208.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:03:af:ff:17:e8:37:e0:dc:d2:6c:42:00:af:c0:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 16 09:58:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae3c9ee623ad43e6e701035848a6c28217148766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:2a:47:0f:c7:15:11:59:4a:2b:9d:a5:62:
81:ee:aa:ed:d4:1c:f3:f4:57:76:2a:83:b7:58:e8:
d4:18:2b:8d:72:b7:6e:e7:9e:dd:4d:05:27:23:fb:
c8:a9:95:ff:52:31:00:69:cb:8d:84:a1:bc:8c:89:
25:80:a8:79:88:e5:1a:eb:cd:b1:cf:15:79:b7:51:
97:9e:75:27:f2:73:01:1f:2d:ab:8d:45:40:ea:00:
f4:d4:38:63:32:2e:66:b6:5b:8d:5b:c4:66:46:02:
f6:1f:70:d6:2f:7e:b7:4d:67:1f:ad:89:7a:40:b2:
31:a3:9d:ab:54:e6:62:30:bf:26:ff:68:71:49:14:
97:19:4e:65:a3:fe:1f:52:bf:de:2a:c6:70:76:83:
76:8f:99:0f:90:d5:c6:cf:f6:b1:25:5a:5c:4b:0c:
85:fd:41:ca:75:45:d2:6a:e9:c4:67:fd:b9:fc:6e:
82:16:73:91:5b:86:a5:38:0f:54:0a:56:d2:fe:14:
97:79:67:c3:4f:97:03:0d:13:b2:7c:46:9d:a7:2a:
99:a4:7f:d5:4f:91:e5:9b:c9:22:ae:99:e8:be:3c:
fd:f2:43:4e:af:26:b1:e9:49:23:d3:52:c5:11:eb:
00:11:99:aa:34:c0:57:59:df:9b:e1:c8:01:7d:c0:
f7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3C:9E:E6:23:AD:43:E6:E7:01:03:58:48:A6:C2:82:17:14:87:66
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rjye5iOtQ-bnAQNYSKbCghcUh2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.208.0/24
194.87.231.0/24
195.58.38.0/24
195.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d5:99:5f:c9:c8:db:72:04:4a:14:b7:35:46:cd:43:b8:7d:
09:07:bd:ab:7f:7a:62:19:be:ae:cf:05:b3:51:9b:e2:4c:85:
b3:ee:26:d3:0a:72:51:29:24:31:2e:ae:65:dd:96:c9:29:88:
02:8f:7b:f2:a4:13:e9:59:bc:22:f0:33:3d:73:6f:ad:48:e8:
f1:96:3f:0c:b3:49:d9:ca:46:9d:e5:ef:74:7b:74:88:8d:c6:
f5:34:87:22:76:ae:52:28:36:c1:a7:a1:e7:5d:0c:e9:6d:f4:
e7:f5:98:bd:f8:68:e2:35:16:1f:bc:67:58:38:af:1b:16:7b:
0c:1a:96:1e:2b:3d:71:31:2b:d1:4a:c2:b4:e6:21:71:b5:52:
4f:5e:a1:4a:9e:51:3f:dd:45:85:97:85:f7:13:88:b4:9c:1f:
0e:ac:61:af:9f:c6:97:4e:06:f6:a4:10:b5:1e:07:3b:39:30:
17:6c:cc:b8:4a:95:20:64:b6:d4:ce:8f:13:ca:c0:d7:92:09:
0d:07:14:3a:77:4b:8d:c0:7b:7c:47:26:ba:6c:b2:d7:df:46:
62:0d:e5:ab:ea:2a:af:f2:87:7f:e9:48:71:4e:4e:5e:d2:28:
47:29:df:05:17:71:00:14:7f:c0:f3:01:1b:4b:36:b9:33:af:
7b:f8:96:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYW6A6//F+g34NzSbEIAr8AyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MDk1ODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTNjOWVlNjIzYWQ0M2U2ZTcwMTAzNTg0OGE2YzI4MjE3MTQ4NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1wqRw/HFRFZSiudpWKB7qrt1Bzz
9Fd2KoO3WOjUGCuNcrdu557dTQUnI/vIqZX/UjEAacuNhKG8jIklgKh5iOUa682x
zxV5t1GXnnUn8nMBHy2rjUVA6gD01DhjMi5mtluNW8RmRgL2H3DWL363TWcfrYl6
QLIxo52rVOZiML8m/2hxSRSXGU5lo/4fUr/eKsZwdoN2j5kPkNXGz/axJVpcSwyF
/UHKdUXSaunEZ/25/G6CFnORW4alOA9UClbS/hSXeWfDT5cDDROyfEadpyqZpH/V
T5Hlm8kirpnovjz98kNOryax6Ukj01LFEesAEZmqNMBXWd+b4cgBfcD3jQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK48nuYjrUPm5wEDWEimwoIXFIdmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcmp5ZTVpT3RRLWJuQVFOWVNLYkNnaGNVaDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlfQAwQA
wlfnAwQAwzomAwQAw4UPMA0GCSqGSIb3DQEBCwUAA4IBAQBr1ZlfycjbcgRKFLc1
Rs1DuH0JB72rf3piGb6uzwWzUZviTIWz7ibTCnJRKSQxLq5l3ZbJKYgCj3vypBPp
Wbwi8DM9c2+tSOjxlj8Ms0nZykad5e90e3SIjcb1NIcidq5SKDbBp6HnXQzpbfTn
9Zi9+GjiNRYfvGdYOK8bFnsMGpYeKz1xMSvRSsK05iFxtVJPXqFKnlE/3UWFl4X3
E4i0nB8OrGGvn8aXTgb2pBC1Hgc7OTAXbMy4SpUgZLbUzo8TysDXkgkNBxQ6d0uN
wHt8Rya6bLLX30ZiDeWr6iqv8od/6UhxTk5e0ihHKd8FF3EAFH/A8wEbSza5M697
+JaL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org