Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uy19DTGqCiqMnH1Lerbb1AVIQIE.roa
File: uy19DTGqCiqMnH1Lerbb1AVIQIE.roa (raw, json)
Hash identifier: Mo0fw+XHoOgAvnlGMx67m81qzbmFo3bjMN6QMaBSXaQ=
Subject key identifier: BB:2D:7D:0D:31:AA:0A:2A:8C:9C:7D:4B:7A:B6:DB:D4:05:48:40:81
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C166BA1D2471F62BCAC8417B0F1E139C3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uy19DTGqCiqMnH1Lerbb1AVIQIE.roa
Signing time: Tue 28 Nov 2023 14:53:21 +0000
ROA not before: Tue 28 Nov 2023 14:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211138
IP address blocks: 195.58.39.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 16:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:6b:a1:d2:47:1f:62:bc:ac:84:17:b0:f1:e1:39:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 14:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb2d7d0d31aa0a2a8c9c7d4b7ab6dbd405484081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f0:79:eb:2a:3f:7d:62:47:ba:f4:c2:2b:03:
21:4b:ec:f1:a3:4b:ee:0f:ca:33:18:a7:45:1b:e0:
ca:35:61:7a:2d:ed:be:a7:33:8d:14:5b:df:33:47:
e2:19:26:57:2b:9a:69:da:79:e6:79:d2:f3:34:1d:
2f:31:5f:d0:63:a2:0a:2e:94:03:ac:64:d9:75:08:
b2:dc:aa:f7:b8:23:66:17:27:05:51:fb:26:0b:97:
9b:3f:91:cf:73:97:f9:fa:82:c1:fd:eb:8e:8a:81:
ac:ac:85:8c:92:9a:54:8f:32:ac:06:ba:34:4a:07:
7c:60:da:bb:67:ac:62:91:3f:e9:61:93:61:50:f7:
18:00:5c:1b:ac:b6:56:d8:6d:27:57:99:d0:4a:cc:
7e:8e:14:6b:99:81:b0:6c:18:e2:31:ab:6e:e1:60:
47:1b:6f:1d:9d:42:7e:d1:1e:70:aa:75:8d:06:24:
18:ab:80:ec:a3:47:4f:20:9c:04:1f:d0:e6:a7:51:
af:c5:1d:dc:fa:ea:e3:3b:04:49:7d:3a:5a:19:b0:
6b:7f:16:c6:24:2b:69:a3:0a:c7:e4:45:86:2b:be:
4d:4b:09:0e:25:2c:0e:c2:1c:8a:49:78:28:b3:a8:
0f:72:9c:fe:9b:c7:4b:6b:8b:c4:57:90:e1:06:5f:
9b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2D:7D:0D:31:AA:0A:2A:8C:9C:7D:4B:7A:B6:DB:D4:05:48:40:81
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uy19DTGqCiqMnH1Lerbb1AVIQIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
195.58.39.0/24
Signature Algorithm: sha256WithRSAEncryption
36:42:14:d0:15:a1:b5:7a:6c:1f:cb:af:d6:de:f8:1d:97:61:
4c:d9:1a:15:83:a7:e4:ba:18:f7:4a:1a:fa:a7:ad:2f:6f:e6:
bd:af:7b:b6:17:a7:a0:17:f4:54:93:05:c1:03:71:fc:82:03:
10:1f:f6:56:72:07:b4:27:37:1b:09:21:85:10:40:52:f9:8b:
65:fe:54:37:a5:b1:0e:b1:65:78:89:3a:0e:3a:67:68:19:18:
34:2d:61:90:6f:23:e9:7c:54:97:a4:47:ba:75:a7:f1:06:b1:
48:23:65:1c:cf:08:e2:4b:96:84:36:ad:76:e6:67:d3:2f:ef:
5a:89:ea:47:a5:11:15:8c:d1:70:08:ca:5e:64:de:67:3c:aa:
d6:53:2e:7f:ca:79:0c:dd:6a:dd:4f:4a:09:49:3a:8c:d8:a9:
4e:08:78:ae:d9:42:2c:bf:b1:83:f7:5c:b1:da:9a:18:f8:09:
61:cd:9e:ed:ff:d0:f1:30:8b:d0:b0:4f:52:0e:0a:e1:69:4c:
0b:7f:72:bb:ba:50:a4:0e:29:0c:04:9a:56:0a:05:f6:93:69:
a5:9d:88:72:d9:3a:cb:1d:ec:ef:40:8e:bc:28:9d:b8:81:1f:
af:6a:cc:c0:3b:3d:ce:79:ae:3c:9e:22:68:49:1e:40:e4:a7:
d2:a3:d9:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwWa6HSRx9ivKyEF7Dx4TnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI4MTQ1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJkN2QwZDMxYWEwYTJhOGM5YzdkNGI3YWI2ZGJkNDA1NDg0MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvB56yo/fWJHuvTCKwMhS+zxo0vu
D8ozGKdFG+DKNWF6Le2+pzONFFvfM0fiGSZXK5pp2nnmedLzNB0vMV/QY6IKLpQD
rGTZdQiy3Kr3uCNmFycFUfsmC5ebP5HPc5f5+oLB/euOioGsrIWMkppUjzKsBro0
Sgd8YNq7Z6xikT/pYZNhUPcYAFwbrLZW2G0nV5nQSsx+jhRrmYGwbBjiMatu4WBH
G28dnUJ+0R5wqnWNBiQYq4Dso0dPIJwEH9Dmp1GvxR3c+urjOwRJfTpaGbBrfxbG
JCtpowrH5EWGK75NSwkOJSwOwhyKSXgos6gPcpz+m8dLa4vEV5DhBl+b9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLstfQ0xqgoqjJx9S3q229QFSECBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdXkxOURUR3FDaXFNbkgxTGVyYmIxQVZJUUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzLAwQA
wzonMA0GCSqGSIb3DQEBCwUAA4IBAQA2QhTQFaG1emwfy6/W3vgdl2FM2RoVg6fk
uhj3Shr6p60vb+a9r3u2F6egF/RUkwXBA3H8ggMQH/ZWcge0JzcbCSGFEEBS+Ytl
/lQ3pbEOsWV4iToOOmdoGRg0LWGQbyPpfFSXpEe6dafxBrFII2UczwjiS5aENq12
5mfTL+9aiepHpREVjNFwCMpeZN5nPKrWUy5/ynkM3WrdT0oJSTqM2KlOCHiu2UIs
v7GD91yx2poY+AlhzZ7t/9DxMIvQsE9SDgrhaUwLf3K7ulCkDikMBJpWCgX2k2ml
nYhy2TrLHezvQI68KJ24gR+vaszAOz3Oea48niJoSR5A5KfSo9mW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org