Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s1GlHXoWcRp5uD8_kXdDOdyIG0g.roa
File: s1GlHXoWcRp5uD8_kXdDOdyIG0g.roa (raw, json)
Hash identifier: l30Cd+bH0xfvS23x5fgZnB9uITMwaZSlQ1cSJq8oxrw=
Subject key identifier: B3:51:A5:1D:7A:16:71:1A:79:B8:3F:3F:91:77:43:39:DC:88:1B:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC7F3ACD2CD8527712C02DB5D3FD6BD6F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s1GlHXoWcRp5uD8_kXdDOdyIG0g.roa
Signing time: Mon 13 Nov 2023 09:11:57 +0000
ROA not before: Mon 13 Nov 2023 09:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 62.76.224.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:f3:ac:d2:cd:85:27:71:2c:02:db:5d:3f:d6:bd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 09:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b351a51d7a16711a79b83f3f91774339dc881b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:e9:90:b7:43:58:8f:38:12:dd:45:3b:0d:
73:97:4e:5d:4c:40:1f:66:3e:c0:f2:68:da:9e:60:
ea:e2:a1:dd:3c:76:57:38:58:20:06:a9:b6:a0:4b:
a4:59:64:04:4f:26:5b:f7:7e:5b:51:1a:38:aa:5f:
3a:35:55:c1:09:4d:48:09:89:d2:e8:82:83:8b:bf:
2d:d0:df:8e:60:65:fb:96:a5:f1:32:b9:39:44:00:
af:fe:4e:5e:bd:eb:c5:42:f2:db:2d:d3:67:84:5d:
92:b1:07:a9:46:ed:d3:af:fe:bf:37:02:6b:d0:e9:
9c:97:36:36:f5:fb:67:56:10:d0:7e:1a:1e:29:4b:
24:af:06:4e:f4:f3:b7:3b:6b:c7:8d:99:27:7c:ac:
30:76:bc:43:26:a2:9d:b6:d0:87:93:08:af:c3:2e:
62:d2:ef:08:ca:4d:03:19:52:fb:79:17:9b:f8:18:
e5:34:4a:a0:37:26:97:21:e4:d5:8a:c2:c8:64:bd:
f3:31:13:8e:20:57:ab:0f:f5:9b:cd:27:a1:1d:0b:
f9:94:14:51:28:a3:91:85:4a:28:c8:b6:de:13:85:
1b:62:10:c5:9d:e8:36:9b:d7:66:3a:3e:e0:ce:39:
8c:b8:5b:90:15:6a:3f:d0:9a:23:5a:22:fe:c3:71:
76:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:51:A5:1D:7A:16:71:1A:79:B8:3F:3F:91:77:43:39:DC:88:1B:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s1GlHXoWcRp5uD8_kXdDOdyIG0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
194.87.54.0/24
194.87.90.0/24
212.192.215.0/24
Signature Algorithm: sha256WithRSAEncryption
78:96:7f:70:06:d0:9c:e7:8b:45:65:a4:46:a2:e3:c6:7c:c2:
27:df:ee:b1:d2:5f:2f:7f:15:4d:d3:31:11:fd:41:43:80:d8:
fe:5d:2b:41:36:b7:75:a3:4e:93:96:92:46:08:3f:9e:05:47:
b9:a3:e7:9b:48:c2:1e:ad:e4:47:d4:86:b1:09:f6:40:bf:61:
06:93:0b:a9:fc:c4:9a:7e:ec:24:19:96:73:8e:67:28:84:cc:
45:9f:b6:8f:b4:04:0e:c0:f8:61:27:19:be:fd:70:8e:9a:f8:
7a:64:4e:eb:44:0f:5f:34:a7:8c:aa:d5:a2:09:e5:64:c7:d2:
37:cf:3d:3a:f5:b1:b4:ba:e4:6d:32:84:a8:51:69:f0:68:d7:
1d:fc:e8:4c:87:db:1b:81:98:39:d4:89:af:7c:80:a5:1b:5d:
fb:d1:db:2e:45:07:d0:38:6d:ea:44:32:74:cc:70:b9:a2:5e:
58:1f:71:cf:c3:8a:06:54:e0:7b:e3:d3:ff:26:e5:04:69:0a:
42:0f:0f:2c:5c:94:71:73:37:ba:3f:bd:d2:58:11:ab:1d:9c:
31:85:74:da:b2:54:9b:7b:74:ac:7b:bc:8b:03:ed:72:ff:d5:
84:ab:d0:49:37:83:99:ae:9a:e8:66:d4:2c:6f:8e:4e:30:88:
c1:2b:bc:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvH86zSzYUncSwC210/1r1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMDkxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzUxYTUxZDdhMTY3MTFhNzliODNmM2Y5MTc3NDMzOWRjODgxYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv3pkLdDWI84Et1FOw1zl05dTEAf
Zj7A8mjanmDq4qHdPHZXOFggBqm2oEukWWQETyZb935bURo4ql86NVXBCU1ICYnS
6IKDi78t0N+OYGX7lqXxMrk5RACv/k5evevFQvLbLdNnhF2SsQepRu3Tr/6/NwJr
0OmclzY29ftnVhDQfhoeKUskrwZO9PO3O2vHjZknfKwwdrxDJqKdttCHkwivwy5i
0u8Iyk0DGVL7eReb+BjlNEqgNyaXIeTVisLIZL3zMROOIFerD/WbzSehHQv5lBRR
KKORhUooyLbeE4UbYhDFneg2m9dmOj7gzjmMuFuQFWo/0JojWiL+w3F2/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLNRpR16FnEaebg/P5F3QznciBtIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvczFHbEhYb1djUnA1dUQ4X2tYZERPZHlJRzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzgAwQA
wlc2AwQAwldaAwQA1MDXMA0GCSqGSIb3DQEBCwUAA4IBAQB4ln9wBtCc54tFZaRG
ouPGfMIn3+6x0l8vfxVN0zER/UFDgNj+XStBNrd1o06TlpJGCD+eBUe5o+ebSMIe
reRH1IaxCfZAv2EGkwup/MSafuwkGZZzjmcohMxFn7aPtAQOwPhhJxm+/XCOmvh6
ZE7rRA9fNKeMqtWiCeVkx9I3zz069bG0uuRtMoSoUWnwaNcd/OhMh9sbgZg51Imv
fIClG1370dsuRQfQOG3qRDJ0zHC5ol5YH3HPw4oGVOB749P/JuUEaQpCDw8sXJRx
cze6P73SWBGrHZwxhXTaslSbe3Sse7yLA+1y/9WEq9BJN4OZrproZtQsb45OMIjB
K7xq
-----END CERTIFICATE-----
Generated at Fri Nov 17 10:52:32 2023 by rpki-client on console-fra.rpki-client.org