Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w1RdeS8TMvoj_4DOpjJD8VIFCLk.roa
File: w1RdeS8TMvoj_4DOpjJD8VIFCLk.roa (raw, json)
Hash identifier: f3Ll4451cwAkBpuG+fcbLUVXTkMphu8s7VcdP8mQNlo=
Subject key identifier: C3:54:5D:79:2F:13:32:FA:23:FF:80:CE:A6:32:43:F1:52:05:08:B9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A4C71DB79E32BDD8369AE28CF57CD9B8C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w1RdeS8TMvoj_4DOpjJD8VIFCLk.roa
Signing time: Thu 31 Aug 2023 16:34:04 +0000
ROA not before: Thu 31 Aug 2023 16:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211318
IP address blocks: 194.135.18.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:71:db:79:e3:2b:dd:83:69:ae:28:cf:57:cd:9b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 31 16:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3545d792f1332fa23ff80cea63243f1520508b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:a7:58:6c:11:dc:16:20:f8:b2:50:aa:5b:
0a:f2:af:89:27:fd:30:e0:44:68:2b:7d:95:19:8e:
e4:9f:eb:3a:de:af:7d:a8:04:ef:bc:a5:7d:87:46:
cc:76:3b:6c:e7:c3:34:68:19:64:0d:75:a4:1f:83:
03:4e:8f:e8:2c:f8:ca:47:0b:5b:ae:67:95:ae:e7:
f9:e2:85:f4:03:62:80:68:63:03:b6:77:49:34:f2:
3a:2a:28:2f:b9:28:1d:b7:88:57:d2:20:0e:b1:9f:
bc:25:7c:6f:41:ec:39:35:ae:49:9c:46:19:18:25:
b1:78:31:be:81:f0:79:48:e0:02:31:e2:67:75:cd:
39:fd:5b:8c:23:fb:0e:f3:b0:2e:c8:3f:4a:36:0c:
05:93:32:8f:e3:53:1a:85:2a:e5:33:96:26:b1:c6:
22:80:02:dc:4b:a9:94:82:44:03:88:80:ed:7e:12:
c0:68:48:30:50:38:7c:7b:54:62:f6:bf:f0:c9:96:
29:8f:2b:4c:e6:44:85:85:2b:ec:42:93:05:73:95:
51:61:ff:f5:ef:59:59:de:7d:43:2b:9e:1a:14:b6:
6b:04:fc:57:c7:60:50:7d:2c:db:c7:fb:d9:38:51:
17:72:b0:a0:c5:9e:f1:fb:13:1a:32:47:a7:29:a7:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:54:5D:79:2F:13:32:FA:23:FF:80:CE:A6:32:43:F1:52:05:08:B9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w1RdeS8TMvoj_4DOpjJD8VIFCLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.33.0/24
194.135.18.0/24
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:24:9a:43:20:1d:5f:d2:43:de:9d:43:0d:11:c0:ae:24:dd:
5c:64:ac:04:d6:6c:31:54:88:c2:8c:90:11:56:2b:59:b9:a1:
c6:c4:04:76:26:46:d3:9d:dc:b8:eb:2f:58:2b:25:46:6e:57:
d6:f5:e8:8a:65:57:77:00:dc:44:fc:f7:8c:20:46:9a:db:1b:
a5:62:e0:dc:83:22:a6:00:96:de:a1:30:2b:62:8f:b8:4e:af:
b8:19:00:70:b7:ce:76:6f:09:db:e0:84:db:3c:a5:50:fb:a0:
87:03:67:a7:d7:29:47:d6:73:7d:6d:2e:92:3e:e7:83:b6:8f:
b0:0b:ed:c3:15:78:f1:4b:1e:ad:63:06:6d:10:d3:f5:9b:72:
28:a3:d8:b4:34:f8:17:6d:69:2a:e4:9d:c2:ff:1f:45:4c:38:
f1:a1:77:56:7f:b9:82:57:e8:59:d5:56:02:d9:ab:34:41:6c:
2a:bf:84:1c:71:8b:c6:3d:b4:23:d6:ab:e1:8a:e4:4b:f4:92:
6e:67:67:da:f6:6d:2a:4e:12:44:52:16:e7:e7:8f:c8:bb:2b:
43:e5:6a:1f:2d:d5:86:1f:99:b1:99:0f:9a:a2:d2:9a:1f:eb:
6a:c9:ac:5e:7a:ed:03:6e:fd:c0:d4:65:f5:47:34:1c:3a:31:
b3:bf:07:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpMcdt54yvdg2muKM9XzZuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODMxMTYzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzU0NWQ3OTJmMTMzMmZhMjNmZjgwY2VhNjMyNDNmMTUyMDUwOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/GnWGwR3BYg+LJQqlsK8q+JJ/0w
4ERoK32VGY7kn+s63q99qATvvKV9h0bMdjts58M0aBlkDXWkH4MDTo/oLPjKRwtb
rmeVruf54oX0A2KAaGMDtndJNPI6KigvuSgdt4hX0iAOsZ+8JXxvQew5Na5JnEYZ
GCWxeDG+gfB5SOACMeJndc05/VuMI/sO87AuyD9KNgwFkzKP41MahSrlM5YmscYi
gALcS6mUgkQDiIDtfhLAaEgwUDh8e1Ri9r/wyZYpjytM5kSFhSvsQpMFc5VRYf/1
71lZ3n1DK54aFLZrBPxXx2BQfSzbx/vZOFEXcrCgxZ7x+xMaMkenKadtfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMNUXXkvEzL6I/+AzqYyQ/FSBQi5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdzFSZGVTOFRNdm9qXzRET3BqSkQ4VklGQ0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlchAwQA
wocSAwQAw4UlMA0GCSqGSIb3DQEBCwUAA4IBAQBsJJpDIB1f0kPenUMNEcCuJN1c
ZKwE1mwxVIjCjJARVitZuaHGxAR2JkbTndy46y9YKyVGblfW9eiKZVd3ANxE/PeM
IEaa2xulYuDcgyKmAJbeoTArYo+4Tq+4GQBwt852bwnb4ITbPKVQ+6CHA2en1ylH
1nN9bS6SPueDto+wC+3DFXjxSx6tYwZtENP1m3Ioo9i0NPgXbWkq5J3C/x9FTDjx
oXdWf7mCV+hZ1VYC2as0QWwqv4QccYvGPbQj1qvhiuRL9JJuZ2fa9m0qThJEUhbn
54/IuytD5WofLdWGH5mxmQ+aotKaH+tqyaxeeu0Dbv3A1GX1RzQcOjGzvweS
-----END CERTIFICATE-----
Generated at Fri Sep 29 06:23:33 2023 by rpki-client on console-fra.rpki-client.org