Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uKU-QYKpJGJKQtmcPpz-s9eSJa8.roa
File: uKU-QYKpJGJKQtmcPpz-s9eSJa8.roa (raw, json)
Hash identifier: Nxq5D5Woo8ZbreUbxJsO3MjZ1Tz7gFj5yYvV3jiOG4g=
Subject key identifier: B8:A5:3E:41:82:A9:24:62:4A:42:D9:9C:3E:9C:FE:B3:D7:92:25:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018754BA66BB67FE493854B0FF62A05E9BE0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uKU-QYKpJGJKQtmcPpz-s9eSJa8.roa
Signing time: Thu 06 Apr 2023 04:01:54 +0000
ROA not before: Thu 06 Apr 2023 04:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206216
IP address blocks: 212.192.210.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 09:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:54:ba:66:bb:67:fe:49:38:54:b0:ff:62:a0:5e:9b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 04:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8a53e4182a924624a42d99c3e9cfeb3d79225af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:22:0a:40:64:4d:f3:89:5d:16:3d:25:86:7f:
1c:81:7b:0f:af:38:8e:63:63:4b:dc:29:7f:0b:0d:
3d:ee:70:ba:32:98:3d:31:df:0b:23:51:33:21:6c:
59:82:d3:b3:b2:85:66:7a:a0:f9:9f:35:d9:60:73:
b3:e5:eb:48:cc:ac:3a:cb:5c:74:ee:91:63:45:63:
fd:20:85:51:6c:7a:31:52:8d:ce:62:08:b0:0b:2d:
4b:16:40:e8:c0:24:5c:ce:90:c5:b7:4e:13:55:44:
a9:50:0f:53:3e:bd:2b:57:12:4a:fe:6d:bd:b6:4a:
83:34:a5:0b:1d:a4:db:1d:74:38:15:13:7c:d0:05:
02:03:79:7d:c8:5e:64:5f:6c:c3:ab:42:65:56:e5:
26:ae:54:e1:22:09:df:d6:e0:a0:bf:f2:77:55:17:
c3:8a:bb:29:8b:1a:aa:8c:c3:89:0d:37:59:db:8e:
20:fc:3e:21:a8:73:d0:7e:c0:fd:7d:2c:4f:6b:1e:
d6:ed:4d:93:81:d4:22:79:1d:b2:1b:7b:bd:25:df:
28:28:f4:ad:d8:7f:26:6b:c1:c1:b2:04:62:00:a4:
9e:48:bb:c3:5b:4a:37:f0:8b:24:0c:85:3e:6f:40:
da:ab:f9:76:5f:cc:f9:77:67:7a:85:f7:f9:b5:9b:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A5:3E:41:82:A9:24:62:4A:42:D9:9C:3E:9C:FE:B3:D7:92:25:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uKU-QYKpJGJKQtmcPpz-s9eSJa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.169.0/24
212.192.210.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b2:8b:cb:7b:4d:d3:4c:46:bf:10:41:da:13:d8:29:7a:16:
55:17:a4:05:92:02:0c:b2:ee:d4:1e:84:30:1a:0c:f6:d8:cf:
18:af:db:ee:e7:e7:22:f5:03:b8:15:8e:e7:62:b6:d2:6b:d2:
2b:23:f4:c7:27:8f:13:c0:c8:4e:6c:58:1f:2e:7c:ae:21:7b:
51:52:ce:2d:ef:bf:19:49:c1:2e:cd:02:88:d9:d4:d3:c2:d7:
d1:a7:6d:42:30:46:91:49:28:d4:12:d6:9f:d0:33:5c:7d:b6:
f9:e7:39:44:e5:9a:7e:92:0d:7b:1d:54:3d:38:b4:77:e6:36:
90:ca:a5:79:fb:de:eb:27:ae:53:ae:7b:3f:5a:28:b2:07:4c:
85:ef:3a:3f:de:7a:c0:c8:27:48:5b:d9:c8:3a:be:64:9a:af:
01:9e:14:0e:c6:33:5f:d9:1e:04:af:dc:c1:00:8a:5d:b6:22:
30:01:ae:44:3d:c3:d5:a1:f0:d7:5d:30:34:b1:f2:e5:e0:6a:
4e:37:f8:82:e2:8a:e2:86:91:11:9b:ef:89:e5:6a:64:84:9f:
a6:4e:32:60:18:af:e3:69:86:70:05:d6:9e:70:0b:52:e5:82:
07:b2:76:64:81:d4:a2:e2:48:00:94:b2:d4:51:cd:02:51:5a:
a9:f9:2f:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdUuma7Z/5JOFSw/2KgXpvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MDQwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE1M2U0MTgyYTkyNDYyNGE0MmQ5OWMzZTljZmViM2Q3OTIyNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiIKQGRN84ldFj0lhn8cgXsPrziO
Y2NL3Cl/Cw097nC6Mpg9Md8LI1EzIWxZgtOzsoVmeqD5nzXZYHOz5etIzKw6y1x0
7pFjRWP9IIVRbHoxUo3OYgiwCy1LFkDowCRczpDFt04TVUSpUA9TPr0rVxJK/m29
tkqDNKULHaTbHXQ4FRN80AUCA3l9yF5kX2zDq0JlVuUmrlThIgnf1uCgv/J3VRfD
irspixqqjMOJDTdZ244g/D4hqHPQfsD9fSxPax7W7U2TgdQieR2yG3u9Jd8oKPSt
2H8ma8HBsgRiAKSeSLvDW0o38IskDIU+b0Daq/l2X8z5d2d6hff5tZs0TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLilPkGCqSRiSkLZnD6c/rPXkiWvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdUtVLVFZS3BKR0pLUXRtY1Bwei1zOWVTSmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlepAwQA
1MDSAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQAFsovLe03TTEa/EEHaE9gpehZV
F6QFkgIMsu7UHoQwGgz22M8Yr9vu5+ci9QO4FY7nYrbSa9IrI/THJ48TwMhObFgf
LnyuIXtRUs4t778ZScEuzQKI2dTTwtfRp21CMEaRSSjUEtaf0DNcfbb55zlE5Zp+
kg17HVQ9OLR35jaQyqV5+97rJ65Trns/WiiyB0yF7zo/3nrAyCdIW9nIOr5kmq8B
nhQOxjNf2R4Er9zBAIpdtiIwAa5EPcPVofDXXTA0sfLl4GpON/iC4orihpERm++J
5WpkhJ+mTjJgGK/jaYZwBdaecAtS5YIHsnZkgdSi4kgAlLLUUc0CUVqp+S/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org