Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3dnnCrtfGN7Pybid6DArn6X_HE.roa
File: y3dnnCrtfGN7Pybid6DArn6X_HE.roa (raw, json)
Hash identifier: grw054iS2pceoYNnqX8mYzd60czd0VKiuEZMhi4Y8rA=
Subject key identifier: CB:77:67:9C:2A:ED:7C:63:7B:3F:26:E2:77:A0:C0:AE:7E:97:FC:71
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66EDD6BDF681E34D3DE8803EA24559
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3dnnCrtfGN7Pybid6DArn6X_HE.roa
Signing time: Sun 01 Jan 2023 22:14:54 +0000
ROA not before: Sun 01 Jan 2023 22:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18450
IP address blocks: 194.87.213.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ed:d6:bd:f6:81:e3:4d:3d:e8:80:3e:a2:45:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb77679c2aed7c637b3f26e277a0c0ae7e97fc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:05:fd:22:54:c5:a0:b7:bc:9e:bd:88:f0:
2a:74:c5:2a:74:77:3b:84:69:1e:6a:67:a1:86:83:
19:6a:12:52:79:cf:7d:38:d4:1b:8b:45:f4:92:cf:
f7:66:90:a8:21:a2:18:74:44:13:f0:45:5d:d2:12:
32:14:43:3a:4f:72:04:98:dd:97:24:23:f2:32:90:
7d:af:4f:d0:19:5a:03:ab:c2:f9:fb:92:40:b6:d3:
c6:1e:d2:1f:8f:01:d4:22:60:7d:77:ab:97:8c:92:
09:cc:75:38:6e:7d:08:e9:b6:e1:52:13:45:8d:04:
91:f4:ea:9e:ba:4b:1f:0f:51:d5:a5:7b:9b:9a:f6:
83:48:1f:c9:a6:d0:03:3f:b8:7d:8c:a3:c0:7c:92:
d0:c9:a4:b7:4a:00:85:d5:b4:21:a5:7e:4b:d1:b7:
ae:6e:b4:f6:78:22:a9:6a:82:20:e2:42:34:5e:24:
5e:91:67:eb:46:85:05:1f:3d:05:54:df:b4:cd:be:
99:90:0d:8f:84:e8:4e:7e:7c:e1:0d:01:59:36:35:
1f:a1:82:a8:85:ec:b4:46:a4:51:71:d9:dc:7d:af:
c8:f6:d3:3b:9a:a7:4a:d2:1f:cf:78:ce:f0:68:46:
c1:4c:c8:5b:de:c2:69:2a:01:58:61:1a:35:84:21:
75:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:77:67:9C:2A:ED:7C:63:7B:3F:26:E2:77:A0:C0:AE:7E:97:FC:71
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3dnnCrtfGN7Pybid6DArn6X_HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.87.213.0/24
Signature Algorithm: sha256WithRSAEncryption
93:88:a7:6e:04:5e:57:63:63:24:39:71:d8:35:6e:47:e0:33:
21:6e:07:15:4e:90:bd:83:2a:d6:36:9a:8f:1d:53:ee:cb:3e:
45:97:32:de:ea:65:76:e2:7b:20:d2:81:cc:cd:e9:39:38:cc:
97:4a:71:c9:12:dc:d0:ab:e2:c1:7f:ee:d8:ef:9c:e7:f2:a8:
be:09:7c:ed:86:b8:cb:9e:70:fe:f3:da:f8:0e:a2:6c:f6:8c:
79:93:d8:7d:77:4c:b7:c3:a8:9e:ea:21:ba:c6:fe:58:d0:98:
96:2f:0d:17:a4:53:b8:d1:51:d3:3d:a1:97:28:a5:2c:27:2f:
25:7f:5d:f9:b9:f5:1c:ee:47:a7:55:91:43:10:ba:f1:03:60:
ec:79:6e:37:81:1b:30:aa:8a:2e:46:5c:7a:3e:95:4c:2d:b0:
41:6a:68:48:42:42:7e:1d:06:de:b2:4d:bf:5c:67:1e:d4:d0:
56:96:70:70:ef:33:f3:85:26:f5:e6:86:3b:76:7a:40:51:02:
ba:d6:16:4e:22:ad:8e:9a:cf:2f:36:4f:13:b2:b6:51:e3:2b:
99:ae:89:51:ee:80:3d:b4:ca:4d:a9:ef:90:8e:f5:3b:68:b1:
b9:f6:04:f6:98:3c:26:e4:23:5c:15:65:56:5a:d4:41:cb:11:
22:c8:9f:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZu3WvfaB40096IA+okVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc3Njc5YzJhZWQ3YzYzN2IzZjI2ZTI3N2EwYzBhZTdlOTdmYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAgF/SJUxaC3vJ69iPAqdMUqdHc7
hGkeamehhoMZahJSec99ONQbi0X0ks/3ZpCoIaIYdEQT8EVd0hIyFEM6T3IEmN2X
JCPyMpB9r0/QGVoDq8L5+5JAttPGHtIfjwHUImB9d6uXjJIJzHU4bn0I6bbhUhNF
jQSR9OqeuksfD1HVpXubmvaDSB/JptADP7h9jKPAfJLQyaS3SgCF1bQhpX5L0beu
brT2eCKpaoIg4kI0XiRekWfrRoUFHz0FVN+0zb6ZkA2PhOhOfnzhDQFZNjUfoYKo
hey0RqRRcdncfa/I9tM7mqdK0h/PeM7waEbBTMhb3sJpKgFYYRo1hCF1awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMt3Z5wq7Xxjez8m4negwK5+l/xxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveTNkbm5DcnRmR043UHliaWQ2REFybjZYX0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXwRAwQA
wlfVMA0GCSqGSIb3DQEBCwUAA4IBAQCTiKduBF5XY2MkOXHYNW5H4DMhbgcVTpC9
gyrWNpqPHVPuyz5FlzLe6mV24nsg0oHMzek5OMyXSnHJEtzQq+LBf+7Y75zn8qi+
CXzthrjLnnD+89r4DqJs9ox5k9h9d0y3w6ie6iG6xv5Y0JiWLw0XpFO40VHTPaGX
KKUsJy8lf135ufUc7kenVZFDELrxA2DseW43gRswqoouRlx6PpVMLbBBamhIQkJ+
HQbesk2/XGce1NBWlnBw7zPzhSb15oY7dnpAUQK61hZOIq2Oms8vNk8TsrZR4yuZ
rolR7oA9tMpNqe+QjvU7aLG59gT2mDwm5CNcFWVWWtRByxEiyJ9m
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-ams.rpki-client.org