Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVcjBPqYZ6AmBUZyl-IYyll9uIk.roa
File: uVcjBPqYZ6AmBUZyl-IYyll9uIk.roa (raw, json)
Hash identifier: 1cNpQT8bGKhLsQcJbUC2/JIqOptEvv7cYqJbGY6FEuo=
Subject key identifier: B9:57:23:04:FA:98:67:A0:26:05:46:72:97:E2:18:CA:59:7D:B8:89
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189C06555EF4C8F8FE1FF7FAB2F15FDE5F5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVcjBPqYZ6AmBUZyl-IYyll9uIk.roa
Signing time: Fri 04 Aug 2023 11:53:33 +0000
ROA not before: Fri 04 Aug 2023 11:53:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.166.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:65:55:ef:4c:8f:8f:e1:ff:7f:ab:2f:15:fd:e5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 4 11:53:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9572304fa9867a02605467297e218ca597db889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:14:aa:75:f3:b3:bf:b3:bc:94:80:c0:81:
0f:5e:7f:24:36:9a:10:18:21:93:29:53:60:50:3c:
e3:2d:e4:00:d6:b9:a8:0f:c7:d7:d0:9e:68:b4:78:
e0:2f:32:ce:83:df:af:28:56:2c:1e:75:83:25:d5:
f6:c8:88:91:1a:5d:e1:a2:1b:bc:2e:45:dc:44:c1:
00:2c:76:5e:a1:5a:5a:f0:7c:12:1b:6d:d9:8e:94:
50:60:02:f3:64:5b:db:e7:54:86:85:ec:ec:a8:13:
f8:8c:b3:7b:4c:83:e2:30:6d:6c:f1:fd:91:12:1d:
5b:09:7d:61:76:af:77:c4:4e:0f:05:ff:9f:ba:3b:
a3:3e:11:b1:dd:f9:c2:12:34:1f:7f:87:60:81:78:
63:37:24:d9:77:e6:77:d4:20:6f:77:c3:d0:f3:31:
17:e4:cb:59:d7:9b:6f:30:da:cb:d7:5c:10:94:f8:
d5:89:bc:b8:a5:4f:20:05:79:5a:c5:58:6e:e1:b9:
3a:a7:a9:5a:4c:8b:00:c5:61:a9:d7:61:03:26:4d:
20:0e:a3:5a:c1:fa:26:85:e3:81:43:5f:62:7c:2d:
b1:80:c8:bb:43:d2:6f:07:0a:03:0b:e0:a3:51:4b:
e1:80:ff:43:b2:4a:ae:f9:c7:e8:09:c3:71:90:2a:
37:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:57:23:04:FA:98:67:A0:26:05:46:72:97:E2:18:CA:59:7D:B8:89
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVcjBPqYZ6AmBUZyl-IYyll9uIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.201.0/24
194.87.166.0/24
194.87.181.0/24
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
61:1e:11:25:2b:cc:cf:cb:af:85:d0:08:59:6e:b0:11:8b:6b:
50:e1:68:ae:35:fa:9f:77:58:11:8e:37:fb:f7:4a:12:47:06:
09:b0:1c:65:15:0f:f0:dc:97:a9:b6:32:7b:57:14:35:a4:80:
01:52:d8:c4:bb:3c:c8:ee:0c:a0:fb:26:bf:55:6d:ba:84:83:
dd:29:7e:93:9d:d5:96:fc:ca:37:ed:5a:18:56:c5:64:f2:98:
aa:24:c3:7c:c0:c4:cb:7e:05:c3:4c:3f:c6:a3:f2:dc:61:a5:
92:c5:c3:28:42:02:cd:c2:56:33:7e:d0:4c:ed:4f:ba:df:f6:
89:b0:d3:b2:18:3c:f2:72:1d:64:da:1d:92:16:d9:36:83:2e:
41:36:d7:70:c1:49:49:24:83:00:45:56:23:33:a5:c2:0b:f3:
ab:83:4f:4e:17:be:66:d1:7e:d4:4b:a5:f5:4b:ee:f0:2a:cd:
e5:e6:80:7e:ee:07:50:0d:1d:72:b5:84:3c:3d:e1:21:55:90:
f1:19:1b:8e:0e:ef:ba:71:d1:f3:7a:56:76:72:a6:0e:de:51:
44:67:94:42:5f:d1:cf:8e:a5:ea:e3:cf:9d:33:af:cb:eb:9c:
87:6f:aa:ed:09:c6:2d:e8:8b:6f:75:91:50:50:2d:9c:03:f6:
72:91:51:68
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnAZVXvTI+P4f9/qy8V/eX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA0MTE1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTU3MjMwNGZhOTg2N2EwMjYwNTQ2NzI5N2UyMThjYTU5N2RiODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYwUqnXzs7+zvJSAwIEPXn8kNpoQ
GCGTKVNgUDzjLeQA1rmoD8fX0J5otHjgLzLOg9+vKFYsHnWDJdX2yIiRGl3hohu8
LkXcRMEALHZeoVpa8HwSG23ZjpRQYALzZFvb51SGhezsqBP4jLN7TIPiMG1s8f2R
Eh1bCX1hdq93xE4PBf+fujujPhGx3fnCEjQff4dggXhjNyTZd+Z31CBvd8PQ8zEX
5MtZ15tvMNrL11wQlPjViby4pU8gBXlaxVhu4bk6p6laTIsAxWGp12EDJk0gDqNa
wfomheOBQ19ifC2xgMi7Q9JvBwoDC+CjUUvhgP9Dskqu+cfoCcNxkCo3QwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLlXIwT6mGegJgVGcpfiGMpZfbiJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVZjakJQcVlaNkFtQlVaeWwtSVl5bGw5dUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzJAwQA
wlemAwQAwle1AwQA1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUAA4IBAQBhHhElK8zP
y6+F0AhZbrARi2tQ4WiuNfqfd1gRjjf790oSRwYJsBxlFQ/w3JeptjJ7VxQ1pIAB
UtjEuzzI7gyg+ya/VW26hIPdKX6TndWW/Mo37VoYVsVk8piqJMN8wMTLfgXDTD/G
o/LcYaWSxcMoQgLNwlYzftBM7U+63/aJsNOyGDzych1k2h2SFtk2gy5BNtdwwUlJ
JIMARVYjM6XCC/Org09OF75m0X7US6X1S+7wKs3l5oB+7gdQDR1ytYQ8PeEhVZDx
GRuODu+6cdHzelZ2cqYO3lFEZ5RCX9HPjqXq48+dM6/L65yHb6rtCcYt6ItvdZFQ
UC2cA/ZykVFo
-----END CERTIFICATE-----
Generated at Thu Aug 10 06:17:08 2023 by rpki-client on console-fra.rpki-client.org