Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vL4_oTPKRyp9iucKeqAB0FWXyT8.roa
File: vL4_oTPKRyp9iucKeqAB0FWXyT8.roa (raw, json)
Hash identifier: g+dHsIXQr1wtTP43BWztMGkG8z749GUqdL3Tv05nv8w=
Subject key identifier: BC:BE:3F:A1:33:CA:47:2A:7D:8A:E7:0A:7A:A0:01:D0:55:97:C9:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189918AEB0B008D60DD01105D93209431FB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vL4_oTPKRyp9iucKeqAB0FWXyT8.roa
Signing time: Wed 26 Jul 2023 09:32:27 +0000
ROA not before: Wed 26 Jul 2023 09:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203248
IP address blocks: 212.192.250.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:8a:eb:0b:00:8d:60:dd:01:10:5d:93:20:94:31:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 26 09:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcbe3fa133ca472a7d8ae70a7aa001d05597c93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:cf:bf:97:cf:da:4a:2a:95:13:10:76:03:
9c:fd:6d:9a:2a:8a:7b:d4:be:de:bf:9a:01:77:0b:
91:31:d7:d4:2b:4c:a4:20:a6:79:54:92:07:19:4a:
69:5e:e4:7a:45:c5:dc:b0:97:47:56:93:31:48:33:
e0:44:7b:e6:2e:08:31:9f:cb:27:be:bb:8d:24:80:
64:33:5d:fd:9b:7f:0b:e6:8c:e9:39:98:31:a3:7d:
76:f4:dd:63:59:ff:e2:cb:f2:30:54:44:a4:64:13:
4f:f7:1e:db:a2:c0:61:fd:99:ae:cc:ab:18:5b:95:
17:55:60:3f:ec:38:e4:4b:1c:71:8d:ff:81:f7:1d:
14:9d:cb:d4:8e:70:b3:59:e9:c7:72:e1:08:6a:c7:
da:bd:de:d6:c3:2b:62:d7:7e:c7:e9:d3:4f:06:ec:
8e:5a:65:45:35:8a:15:b7:6c:19:cc:c6:7e:57:a0:
7d:b0:51:d3:f6:07:df:7e:d8:2a:e8:75:d4:cc:1a:
5e:87:a9:77:dd:6b:07:f5:67:5d:1b:06:f8:8e:e7:
4d:80:ee:95:3a:b3:06:2d:c5:1f:7b:f3:7d:13:98:
2c:e0:df:25:83:6c:7b:47:5d:63:bf:50:e6:9c:6c:
8b:02:f3:80:62:d9:26:28:7b:ca:4d:55:8c:8a:7a:
1f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BE:3F:A1:33:CA:47:2A:7D:8A:E7:0A:7A:A0:01:D0:55:97:C9:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vL4_oTPKRyp9iucKeqAB0FWXyT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:b2:7c:a8:87:84:df:3b:5b:12:a7:e4:d0:07:cd:7e:37:6d:
51:00:c9:4f:2f:f7:cf:53:1a:5d:f9:2a:91:61:73:e8:48:90:
7a:b7:39:54:e2:cf:67:fa:14:de:c0:95:09:98:9e:7f:d1:1f:
9f:e6:02:23:82:2b:df:25:1c:3e:a5:cc:10:85:2b:92:0b:09:
d5:c3:60:49:e2:7b:8f:25:bf:b6:c3:58:20:34:d8:37:36:f4:
75:93:1b:0a:e2:76:f7:3e:eb:fa:90:26:b0:ec:25:f4:ff:76:
40:34:53:e3:50:41:d8:cd:f5:ff:d9:96:3b:bd:22:16:6a:3a:
ad:ee:89:3c:08:d4:1f:82:59:82:04:f5:d8:00:ff:93:5b:80:
a7:72:af:df:cb:be:f3:15:34:d9:a3:8e:31:19:d4:b1:f1:72:
1b:50:b1:ea:f6:e7:e0:41:be:28:75:ef:61:7e:04:ad:62:35:
18:91:c2:63:1b:88:11:bf:fe:98:79:12:49:4e:4b:4a:b1:e6:
af:ab:c7:9f:10:f9:03:42:d4:a9:76:b5:2e:9a:64:08:b8:56:
af:28:09:dd:55:7c:10:5c:9a:a0:0f:9b:8d:9c:d8:60:bd:10:
ac:21:f8:13:24:9f:c7:10:37:4d:53:09:9f:c2:5c:c3:8f:cf:
27:4a:82:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmRiusLAI1g3QEQXZMglDH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI2MDkzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2JlM2ZhMTMzY2E0NzJhN2Q4YWU3MGE3YWEwMDFkMDU1OTdjOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8jPv5fP2koqlRMQdgOc/W2aKop7
1L7ev5oBdwuRMdfUK0ykIKZ5VJIHGUppXuR6RcXcsJdHVpMxSDPgRHvmLggxn8sn
vruNJIBkM139m38L5ozpOZgxo3129N1jWf/iy/IwVESkZBNP9x7bosBh/ZmuzKsY
W5UXVWA/7DjkSxxxjf+B9x0UncvUjnCzWenHcuEIasfavd7Wwyti137H6dNPBuyO
WmVFNYoVt2wZzMZ+V6B9sFHT9gffftgq6HXUzBpeh6l33WsH9WddGwb4judNgO6V
OrMGLcUfe/N9E5gs4N8lg2x7R11jv1DmnGyLAvOAYtkmKHvKTVWMinof7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLy+P6EzykcqfYrnCnqgAdBVl8k/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdkw0X29UUEtSeXA5aXVjS2VxQUIwRldYeVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1MD4AwQB
1MD6MA0GCSqGSIb3DQEBCwUAA4IBAQBtsnyoh4TfO1sSp+TQB81+N21RAMlPL/fP
Uxpd+SqRYXPoSJB6tzlU4s9n+hTewJUJmJ5/0R+f5gIjgivfJRw+pcwQhSuSCwnV
w2BJ4nuPJb+2w1ggNNg3NvR1kxsK4nb3Puv6kCaw7CX0/3ZANFPjUEHYzfX/2ZY7
vSIWajqt7ok8CNQfglmCBPXYAP+TW4Cncq/fy77zFTTZo44xGdSx8XIbULHq9ufg
Qb4ode9hfgStYjUYkcJjG4gRv/6YeRJJTktKseavq8efEPkDQtSpdrUummQIuFav
KAndVXwQXJqgD5uNnNhgvRCsIfgTJJ/HEDdNUwmfwlzDj88nSoLs
-----END CERTIFICATE-----
Generated at Wed Jul 26 11:54:53 2023 by rpki-client on console-ams.rpki-client.org