Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wCkRpYHtnmVBXvva-ypPapfi4iA.roa
File: wCkRpYHtnmVBXvva-ypPapfi4iA.roa (raw, json)
Hash identifier: Fc8UQTCXA43qU/nJM1FT2AYM0KLvKR4nNaTxlvwcY9U=
Subject key identifier: C0:29:11:A5:81:ED:9E:65:41:5E:FB:DA:FB:2A:4F:6A:97:E2:E2:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C11A2A7E277EFD5044F788B42FB07B6E0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wCkRpYHtnmVBXvva-ypPapfi4iA.roa
Signing time: Mon 27 Nov 2023 16:35:21 +0000
ROA not before: Mon 27 Nov 2023 16:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21769
IP address blocks: 194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:a2:a7:e2:77:ef:d5:04:4f:78:8b:42:fb:07:b6:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 16:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c02911a581ed9e65415efbdafb2a4f6a97e2e220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:f3:2d:ad:87:35:59:8c:55:9f:0f:4e:e3:
3a:89:af:86:bb:26:5b:0a:04:92:1f:f9:21:69:b0:
e2:ab:54:cd:07:67:2f:00:90:bc:6e:91:4b:e0:50:
51:a2:ef:3d:20:55:c3:44:35:c3:6d:95:50:37:88:
d4:92:81:a6:5e:6f:75:b3:05:da:95:af:90:9a:e5:
e6:15:1b:b6:a0:00:55:49:62:34:32:cf:89:fa:f2:
7d:25:22:fb:06:70:19:d1:b8:78:91:38:76:a3:4f:
2c:49:17:c0:f5:c6:99:87:13:4e:8a:c4:7c:3c:83:
d0:b8:f1:36:a2:02:6b:e2:e8:b0:22:2e:33:6a:4e:
ea:47:c8:d5:99:68:ff:f3:82:38:2a:97:7f:57:7f:
ed:4b:ec:b7:6a:dc:2f:da:63:ea:1b:de:65:7c:cf:
90:67:1f:3b:e1:7e:6a:dc:24:fb:72:7a:dd:e2:1f:
2d:36:ad:59:e7:14:b2:26:8f:8e:de:de:3d:ed:9d:
29:ec:f6:e1:83:77:2f:72:f0:7a:66:4d:4f:e1:0f:
7b:53:a1:14:50:8c:e0:26:b9:61:a5:1f:df:ff:69:
c9:0a:d5:88:de:1e:33:9b:10:22:de:cc:a1:2d:1e:
b9:97:7d:ed:fc:a2:1a:f9:99:ed:45:e1:4a:13:79:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:29:11:A5:81:ED:9E:65:41:5E:FB:DA:FB:2A:4F:6A:97:E2:E2:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wCkRpYHtnmVBXvva-ypPapfi4iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
193.124.47.0/24
193.124.204.0/24
194.87.22.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:8a:15:be:2f:6b:5d:51:6e:57:f3:d3:b4:da:e5:73:5a:e8:
dc:5d:71:8d:29:9b:48:81:dd:11:1c:81:75:da:9b:25:89:da:
2b:2f:b2:4e:30:0c:d3:84:2a:7d:5c:91:81:f3:36:88:d1:2f:
c0:71:91:32:64:19:a8:b5:4f:57:1d:aa:5a:64:a0:fb:c0:74:
db:92:21:07:f8:e2:aa:af:c8:72:ce:1f:e1:c2:a8:42:52:cc:
58:13:14:22:24:01:cc:0e:e5:ba:d1:76:00:ff:27:ec:0e:72:
5d:d7:81:43:3c:70:6a:01:d6:6b:e3:d6:6b:e5:4b:7e:42:0c:
61:a4:9b:b2:6b:43:e5:52:9a:c0:81:fb:d4:f8:dd:5d:f3:2f:
e5:47:05:58:4e:a2:19:d2:68:a5:98:d7:4b:08:5e:45:cd:10:
0d:36:d4:ac:01:65:79:53:e4:31:cf:3b:67:dc:4d:ef:5a:a4:
e3:a1:4b:33:48:9b:17:84:47:6c:d1:86:4a:63:e1:e1:75:22:
2e:06:7c:30:7b:fa:71:d4:c1:72:2b:36:3e:8a:b3:a7:16:12:
e7:ee:61:e2:b9:ad:2e:75:cb:8d:15:87:59:c6:6e:f7:c1:e6:
f6:26:86:c6:0e:a5:eb:b1:be:ff:5e:7a:16:cc:bb:26:b9:7c:
f9:f8:73:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwRoqfid+/VBE94i0L7B7bgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI3MTYzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI5MTFhNTgxZWQ5ZTY1NDE1ZWZiZGFmYjJhNGY2YTk3ZTJlMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhHzLa2HNVmMVZ8PTuM6ia+GuyZb
CgSSH/khabDiq1TNB2cvAJC8bpFL4FBRou89IFXDRDXDbZVQN4jUkoGmXm91swXa
la+QmuXmFRu2oABVSWI0Ms+J+vJ9JSL7BnAZ0bh4kTh2o08sSRfA9caZhxNOisR8
PIPQuPE2ogJr4uiwIi4zak7qR8jVmWj/84I4Kpd/V3/tS+y3atwv2mPqG95lfM+Q
Zx874X5q3CT7cnrd4h8tNq1Z5xSyJo+O3t497Z0p7Pbhg3cvcvB6Zk1P4Q97U6EU
UIzgJrlhpR/f/2nJCtWI3h4zmxAi3syhLR65l33t/KIa+ZntReFKE3nJlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMApEaWB7Z5lQV772vsqT2qX4uIgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd0NrUnBZSHRubVZCWHZ2YS15cFBhcGZpNGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwsAwQA
wXwvAwQAwXzMAwQAwlcWMA0GCSqGSIb3DQEBCwUAA4IBAQA9ihW+L2tdUW5X89O0
2uVzWujcXXGNKZtIgd0RHIF12pslidorL7JOMAzThCp9XJGB8zaI0S/AcZEyZBmo
tU9XHapaZKD7wHTbkiEH+OKqr8hyzh/hwqhCUsxYExQiJAHMDuW60XYA/yfsDnJd
14FDPHBqAdZr49Zr5Ut+QgxhpJuya0PlUprAgfvU+N1d8y/lRwVYTqIZ0milmNdL
CF5FzRANNtSsAWV5U+Qxzztn3E3vWqTjoUszSJsXhEds0YZKY+HhdSIuBnwwe/px
1MFyKzY+irOnFhLn7mHiua0udcuNFYdZxm73web2JobGDqXrsb7/XnoWzLsmuXz5
+HNM
-----END CERTIFICATE-----
Generated at Thu Dec 14 16:47:01 2023 by rpki-client on console-ams.rpki-client.org