Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdb9rLua6ew1RHLkDmPenuHXIzo.roa
File: xdb9rLua6ew1RHLkDmPenuHXIzo.roa (raw, json)
Hash identifier: 2fLxw9UNC+VoUAUBqf1AxM3Z7oFm2WpSpOtaWQ0A+6s=
Subject key identifier: C5:D6:FD:AC:BB:9A:E9:EC:35:44:72:E4:0E:63:DE:9E:E1:D7:23:3A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189F8541B545B12842BD1A196AC799A3C93
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdb9rLua6ew1RHLkDmPenuHXIzo.roa
Signing time: Tue 15 Aug 2023 08:33:28 +0000
ROA not before: Tue 15 Aug 2023 08:33:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:54:1b:54:5b:12:84:2b:d1:a1:96:ac:79:9a:3c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 15 08:33:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5d6fdacbb9ae9ec354472e40e63de9ee1d7233a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:86:56:ee:e2:0f:2a:b9:04:0e:b8:4b:38:72:
04:f0:97:e8:49:19:d8:9d:50:9a:b9:21:a3:e4:5f:
30:af:28:65:8e:bd:c1:db:01:15:b5:dd:ed:c0:56:
8a:b5:29:05:27:72:41:41:ea:d4:66:5c:5c:3c:ad:
26:1b:e3:d4:4c:72:6f:60:7a:2b:30:a4:8c:ec:0d:
32:80:13:41:9d:a6:3a:23:e2:2b:2f:63:5e:47:4f:
e7:34:54:c9:25:ff:a8:19:d4:7e:1b:e2:ae:97:b2:
2c:cb:fb:c5:a0:5f:81:82:ec:01:ae:3c:46:2d:1c:
80:ba:3e:66:0a:0d:13:03:30:f4:23:47:0b:ca:8e:
cf:e2:f8:e1:85:a4:b2:2e:6c:c8:2e:73:76:4b:51:
11:41:e4:0f:34:14:4d:d7:e2:ba:08:b3:b3:9d:1d:
d5:a7:67:9a:7a:54:25:df:26:a8:c6:77:41:26:eb:
0f:ce:94:aa:43:3e:3d:54:47:50:2e:9d:73:5c:c8:
19:3c:96:ef:e6:80:a7:1e:e2:1c:be:e1:fc:00:f9:
44:5c:59:bf:b3:a5:77:05:be:79:bf:be:af:dc:a8:
04:8e:a8:05:fd:60:b2:7b:87:f2:0a:21:64:e0:bc:
80:5f:2d:d2:69:d4:7a:b6:ee:e7:8b:96:64:f3:af:
26:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D6:FD:AC:BB:9A:E9:EC:35:44:72:E4:0E:63:DE:9E:E1:D7:23:3A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdb9rLua6ew1RHLkDmPenuHXIzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.209.0/24
193.108.112.0/24
212.192.6.0/24
212.193.10.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a4:8b:55:ba:e1:b7:9c:22:41:aa:39:32:5a:41:e6:ca:ad:
3f:4f:1c:f3:7d:64:bb:40:61:72:b9:6e:63:62:ff:3d:e2:53:
04:4e:9a:8e:01:8a:7f:f3:e5:fb:12:f7:77:47:f0:1f:94:06:
46:73:3e:2b:22:f0:a2:3a:51:77:de:cc:16:f1:af:ee:78:d5:
29:ab:bf:a5:a7:0b:be:f3:28:3a:24:b3:86:90:0c:35:de:c8:
a1:7f:63:40:e4:fa:03:66:d9:41:3b:e8:70:c3:66:8f:0a:e8:
61:d1:5a:f6:7b:c5:14:1b:40:ba:ac:d4:6a:35:ee:c3:c8:a5:
7e:a4:de:15:ce:9c:0c:98:4f:58:57:a5:e8:63:21:77:e0:fa:
42:c7:d9:c0:61:8a:0a:d7:27:dd:53:fb:43:b3:c5:83:cd:23:
f7:27:d8:54:a2:e8:ff:7d:14:03:51:0d:40:4d:29:5c:be:c2:
c9:75:d3:71:9c:c6:79:a1:a4:c1:35:7a:19:f3:59:2c:cc:ec:
80:54:d8:21:f1:1f:04:fc:da:ed:73:14:f1:3f:9f:6e:96:6e:
a9:86:87:6a:bc:85:1e:44:98:9c:4a:23:76:87:50:d1:1b:4b:
5a:cc:98:db:2e:2d:31:ed:48:1b:f1:73:b9:81:83:75:00:cf:
14:a1:79:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYn4VBtUWxKEK9Ghlqx5mjyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE1MDgzMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ2ZmRhY2JiOWFlOWVjMzU0NDcyZTQwZTYzZGU5ZWUxZDcyMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoZW7uIPKrkEDrhLOHIE8JfoSRnY
nVCauSGj5F8wryhljr3B2wEVtd3twFaKtSkFJ3JBQerUZlxcPK0mG+PUTHJvYHor
MKSM7A0ygBNBnaY6I+IrL2NeR0/nNFTJJf+oGdR+G+Kul7Isy/vFoF+BguwBrjxG
LRyAuj5mCg0TAzD0I0cLyo7P4vjhhaSyLmzILnN2S1ERQeQPNBRN1+K6CLOznR3V
p2eaelQl3yaoxndBJusPzpSqQz49VEdQLp1zXMgZPJbv5oCnHuIcvuH8APlEXFm/
s6V3Bb55v76v3KgEjqgF/WCye4fyCiFk4LyAXy3SadR6tu7ni5Zk868mPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMXW/ay7munsNURy5A5j3p7h1yM6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGRiOXJMdWE2ZXcxUkhMa0RtUGVudUhYSXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHzRAwQA
wWxwAwQA1MAGAwQA1MEKMA0GCSqGSIb3DQEBCwUAA4IBAQBapItVuuG3nCJBqjky
WkHmyq0/TxzzfWS7QGFyuW5jYv894lMETpqOAYp/8+X7Evd3R/AflAZGcz4rIvCi
OlF33swW8a/ueNUpq7+lpwu+8yg6JLOGkAw13sihf2NA5PoDZtlBO+hww2aPCuhh
0Vr2e8UUG0C6rNRqNe7DyKV+pN4VzpwMmE9YV6XoYyF34PpCx9nAYYoK1yfdU/tD
s8WDzSP3J9hUouj/fRQDUQ1ATSlcvsLJddNxnMZ5oaTBNXoZ81kszOyAVNgh8R8E
/NrtcxTxP59ulm6phodqvIUeRJicSiN2h1DRG0tazJjbLi0x7Ugb8XO5gYN1AM8U
oXkP
-----END CERTIFICATE-----
Generated at Mon Aug 28 09:24:32 2023 by rpki-client on console-ams.rpki-client.org