Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCPf-pu2SJYvYcBvfqzG153S8oE.roa
File: yCPf-pu2SJYvYcBvfqzG153S8oE.roa (raw, json)
Hash identifier: uJu6AWvRm6eGR7YFBhWT/VbBpIn7DY5Zr6crofxGYXs=
Subject key identifier: C8:23:DF:FA:9B:B6:48:96:2F:61:C0:6F:7E:AC:C6:D7:9D:D2:F2:81
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01895E121ACA1C22606EF7ED873BF9CCD297
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCPf-pu2SJYvYcBvfqzG153S8oE.roa
Signing time: Sun 16 Jul 2023 09:39:52 +0000
ROA not before: Sun 16 Jul 2023 09:39:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 193.124.47.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 08:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5e:12:1a:ca:1c:22:60:6e:f7:ed:87:3b:f9:cc:d2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 16 09:39:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c823dffa9bb648962f61c06f7eacc6d79dd2f281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:92:e8:54:26:b7:08:c7:75:ff:ab:3f:18:4a:
40:4e:93:f6:09:05:96:27:38:87:52:31:4f:3d:3c:
ec:35:49:77:7c:d6:68:96:d3:3e:77:bc:44:d1:69:
29:fc:b4:a0:52:30:7c:14:3a:a2:97:1b:fe:61:0c:
f0:d9:de:fe:20:8d:03:c8:f6:20:77:a5:65:f2:64:
98:64:5b:5c:15:22:2d:e1:3c:ee:1d:a1:4f:ad:ca:
2f:1a:4b:a3:04:57:95:f2:f3:00:71:f0:ec:d7:f3:
a2:ca:cf:a8:f9:e0:23:d6:da:c3:39:c1:f0:c1:52:
c9:21:03:bf:b0:77:46:7a:85:e9:f6:73:33:b4:f9:
2d:64:d7:43:13:a3:60:07:0d:9d:c6:6d:a4:00:2f:
00:ec:94:dc:5f:4f:3f:f3:1f:d0:33:78:59:52:da:
d5:1e:45:e3:21:8b:6e:be:b9:86:08:9e:07:f8:4f:
c3:16:c6:9d:6d:3a:48:6f:61:f0:6a:38:8a:36:f7:
14:ac:d2:16:fa:2e:f7:9a:31:b9:0a:9f:77:fa:9d:
f5:e3:0e:39:73:fa:37:5f:a0:1b:eb:76:a8:23:a5:
e2:7c:a2:f4:bb:3d:14:d6:0e:82:16:92:cc:33:1c:
f2:7d:41:4f:04:8c:1b:c9:c2:8b:82:5e:1e:2e:0c:
61:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:23:DF:FA:9B:B6:48:96:2F:61:C0:6F:7E:AC:C6:D7:9D:D2:F2:81
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCPf-pu2SJYvYcBvfqzG153S8oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.149.0/24
194.87.163.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:32:ee:49:34:4a:a8:51:8e:ce:53:54:a2:ae:b1:8b:18:68:
af:89:56:b1:09:3e:46:3d:1d:3c:2a:9f:f9:5a:2d:c3:81:5a:
2b:f8:57:40:7f:34:21:12:e4:0a:ae:bb:65:8d:e1:ab:3b:c6:
bd:ba:df:5b:4b:47:a4:5b:df:c1:ad:56:88:29:52:56:01:23:
ad:02:a2:d8:f8:89:e4:51:b3:28:e2:70:a2:4d:b0:45:ad:1d:
d3:d3:93:2e:a4:2a:ed:92:5b:bf:94:18:bc:dc:31:0b:e1:5f:
0b:d8:3d:46:90:fc:00:9b:80:0f:79:88:d9:0e:b8:a9:f2:d7:
b5:4c:42:8c:45:e2:19:51:f5:55:7b:70:07:da:21:80:0f:f2:
36:32:f0:0e:16:bd:8f:72:7c:c7:bb:6c:0d:99:b0:ea:f4:af:
43:7b:68:fa:c3:b9:61:50:bd:82:7d:58:7d:08:ed:f8:c7:3e:
20:b8:59:a3:1d:39:b8:9f:c4:05:32:0f:fb:fb:d3:20:3f:56:
a2:c1:a0:74:1c:ea:88:bb:14:db:5e:85:7b:ff:f6:f8:29:b9:
5b:3a:bb:aa:0c:de:e8:51:3d:81:4b:19:b4:d3:7a:64:ec:99:
bf:75:43:b4:2d:68:57:e7:98:b6:37:cf:d7:2e:02:20:5f:7e:
31:94:92:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYleEhrKHCJgbvfthzv5zNKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE2MDkzOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIzZGZmYTliYjY0ODk2MmY2MWMwNmY3ZWFjYzZkNzlkZDJmMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJLoVCa3CMd1/6s/GEpATpP2CQWW
JziHUjFPPTzsNUl3fNZoltM+d7xE0Wkp/LSgUjB8FDqilxv+YQzw2d7+II0DyPYg
d6Vl8mSYZFtcFSIt4TzuHaFPrcovGkujBFeV8vMAcfDs1/Oiys+o+eAj1trDOcHw
wVLJIQO/sHdGeoXp9nMztPktZNdDE6NgBw2dxm2kAC8A7JTcX08/8x/QM3hZUtrV
HkXjIYtuvrmGCJ4H+E/DFsadbTpIb2HwajiKNvcUrNIW+i73mjG5Cp93+p314w45
c/o3X6Ab63aoI6XifKL0uz0U1g6CFpLMMxzyfUFPBIwbycKLgl4eLgxhiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMgj3/qbtkiWL2HAb36sxted0vKBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveUNQZi1wdTJTSll2WWNCdmZxekcxNTNTOG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwvAwQA
wleVAwQAwlejMA0GCSqGSIb3DQEBCwUAA4IBAQCNMu5JNEqoUY7OU1SirrGLGGiv
iVaxCT5GPR08Kp/5Wi3DgVor+FdAfzQhEuQKrrtljeGrO8a9ut9bS0ekW9/BrVaI
KVJWASOtAqLY+InkUbMo4nCiTbBFrR3T05MupCrtklu/lBi83DEL4V8L2D1GkPwA
m4APeYjZDrip8te1TEKMReIZUfVVe3AH2iGAD/I2MvAOFr2PcnzHu2wNmbDq9K9D
e2j6w7lhUL2CfVh9CO34xz4guFmjHTm4n8QFMg/7+9MgP1aiwaB0HOqIuxTbXoV7
//b4KblbOruqDN7oUT2BSxm003pk7Jm/dUO0LWhX55i2N8/XLgIgX34xlJIE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org