Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vEbIq9DqKaC_OhFndg7rQAruovg.roa
File: vEbIq9DqKaC_OhFndg7rQAruovg.roa (raw, json)
Hash identifier: k/Efzq6Fuh3UCBnTsKec9rsc1ygwZep2zTGmgP7XsoA=
Subject key identifier: BC:46:C8:AB:D0:EA:29:A0:BF:3A:11:67:76:0E:EB:40:0A:EE:A2:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185CA54108B57668067FB87E801C475B35C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vEbIq9DqKaC_OhFndg7rQAruovg.roa
Signing time: Thu 19 Jan 2023 13:59:44 +0000
ROA not before: Thu 19 Jan 2023 13:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.120.0/23 maxlen: 24
195.133.24.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:54:10:8b:57:66:80:67:fb:87:e8:01:c4:75:b3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 13:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc46c8abd0ea29a0bf3a1167760eeb400aeea2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:fe:17:6d:bb:8d:5d:4f:72:cf:81:d3:a7:
8d:68:c6:cf:9a:54:d5:6f:37:77:98:9f:a8:8a:3a:
fe:9f:d6:c6:96:3e:7d:d6:58:d5:53:d9:4c:63:98:
c1:58:e6:3a:6b:4b:05:a8:45:ad:60:c2:72:78:b2:
0e:2f:70:c1:82:a8:56:1f:70:78:00:f5:23:6f:d1:
be:55:1a:b8:7f:e1:8e:8a:11:9d:be:35:e6:5d:d2:
59:c7:bc:b9:6a:e3:22:68:8b:6e:fd:71:83:4d:4f:
ea:99:8e:96:6e:c1:4c:09:42:13:2e:69:de:a2:01:
ec:37:06:0c:a6:96:28:bc:f3:1d:c0:18:ae:07:ad:
28:3b:45:51:43:d5:34:9b:af:70:71:d9:eb:48:b6:
1a:09:c9:44:bb:ee:7d:ec:9f:2b:57:2d:68:ab:35:
bb:5c:b3:1b:f5:c9:0d:ef:0c:79:ba:b4:af:5d:21:
33:43:61:d9:a2:4c:0c:c0:1f:94:29:48:63:b7:47:
1a:a7:7b:10:d2:44:fa:92:02:5a:e5:8d:2a:8e:76:
a5:31:d2:c6:a6:da:24:8b:40:d1:b7:57:34:cb:b0:
b4:f5:57:62:dd:c0:52:37:55:95:ee:cb:7b:b8:10:
38:1c:a7:1f:1e:8c:91:b0:10:b4:f3:c0:95:86:d0:
4c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:46:C8:AB:D0:EA:29:A0:BF:3A:11:67:76:0E:EB:40:0A:EE:A2:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vEbIq9DqKaC_OhFndg7rQAruovg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.39.0/24
194.87.120.0/23
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b1:ff:57:84:1b:66:77:ea:27:7c:9b:d9:70:f2:84:e8:d4:
92:88:ca:1e:f2:82:30:6c:c7:16:64:37:ec:e0:3e:fb:61:a7:
62:87:f0:b6:09:b3:39:ad:10:ff:6a:ac:c5:00:06:ff:11:2e:
f6:58:94:db:08:d6:13:d7:74:18:a4:b2:e1:38:5a:9f:40:f1:
e3:6e:1e:ce:94:05:f7:57:bb:96:e8:68:4e:94:d5:b8:21:e5:
9c:af:ed:27:e4:81:83:c5:0b:39:49:d8:d8:a9:c2:49:40:5b:
cb:1a:33:d3:3b:5a:cf:f6:3d:f6:e5:8d:d4:cc:ef:a3:e0:1a:
63:d5:0d:ed:cb:3a:3c:59:1d:c3:51:a6:be:b8:87:3d:d5:87:
c2:cf:30:98:f2:53:b8:7a:f6:b9:7d:ba:d6:35:16:20:b2:0b:
db:ff:c6:e3:e7:1c:ca:db:03:42:66:a9:73:78:35:40:2f:a8:
3b:d3:84:31:06:d9:e8:50:46:dc:ac:d2:ac:3d:50:d3:f8:53:
b7:10:a7:25:89:bf:16:a0:3b:42:c6:dc:00:d5:05:e8:2a:f4:
9c:2c:a0:44:e5:f0:1d:4f:67:2d:90:bf:b8:da:96:48:85:2a:
32:ea:97:01:d5:0d:d6:61:20:c3:7c:09:c9:15:bd:cb:1d:a6:
1e:7d:7f:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXKVBCLV2aAZ/uH6AHEdbNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE5MTM1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ2YzhhYmQwZWEyOWEwYmYzYTExNjc3NjBlZWI0MDBhZWVhMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxT+F227jV1Pcs+B06eNaMbPmlTV
bzd3mJ+oijr+n9bGlj591ljVU9lMY5jBWOY6a0sFqEWtYMJyeLIOL3DBgqhWH3B4
APUjb9G+VRq4f+GOihGdvjXmXdJZx7y5auMiaItu/XGDTU/qmY6WbsFMCUITLmne
ogHsNwYMppYovPMdwBiuB60oO0VRQ9U0m69wcdnrSLYaCclEu+597J8rVy1oqzW7
XLMb9ckN7wx5urSvXSEzQ2HZokwMwB+UKUhjt0cap3sQ0kT6kgJa5Y0qjnalMdLG
ptoki0DRt1c0y7C09Vdi3cBSN1WV7st7uBA4HKcfHoyRsBC088CVhtBMrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLxGyKvQ6imgvzoRZ3YO60AK7qL4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdkViSXE5RHFLYUNfT2hGbmRnN3JRQXJ1b3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjonAwQB
wld4AwQAw4UYMA0GCSqGSIb3DQEBCwUAA4IBAQA4sf9XhBtmd+onfJvZcPKE6NSS
iMoe8oIwbMcWZDfs4D77Yadih/C2CbM5rRD/aqzFAAb/ES72WJTbCNYT13QYpLLh
OFqfQPHjbh7OlAX3V7uW6GhOlNW4IeWcr+0n5IGDxQs5SdjYqcJJQFvLGjPTO1rP
9j325Y3UzO+j4Bpj1Q3tyzo8WR3DUaa+uIc91YfCzzCY8lO4eva5fbrWNRYgsgvb
/8bj5xzK2wNCZqlzeDVAL6g704QxBtnoUEbcrNKsPVDT+FO3EKclib8WoDtCxtwA
1QXoKvScLKBE5fAdT2ctkL+42pZIhSoy6pcB1Q3WYSDDfAnJFb3LHaYefX9p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-ams.rpki-client.org