Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5VBcH1xQMa3Rwt568yM8cHWMss.roa
File: z5VBcH1xQMa3Rwt568yM8cHWMss.roa (raw, json)
Hash identifier: lfSUc/HXwIAYTsygoIiPBDSirrLFDDdtBp7ijZW/y88=
Subject key identifier: CF:95:41:70:7D:71:40:C6:B7:47:0B:79:EB:CC:8C:F1:C1:D6:32:CB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CA5B20CA3C742B459DF5141D82BDD8457
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5VBcH1xQMa3Rwt568yM8cHWMss.roa
Signing time: Tue 26 Dec 2023 10:35:58 +0000
ROA not before: Tue 26 Dec 2023 10:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210107
IP address blocks: 194.58.42.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:b2:0c:a3:c7:42:b4:59:df:51:41:d8:2b:dd:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 26 10:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf9541707d7140c6b7470b79ebcc8cf1c1d632cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:76:ef:67:04:ec:0e:55:ca:58:17:dd:21:
32:52:58:ec:24:68:1d:13:2a:da:7f:c1:bc:a2:1d:
3b:6b:c0:00:d8:de:80:b9:0b:16:a4:74:cd:19:46:
f6:e9:6b:c2:6c:f3:41:2d:71:5e:76:be:8b:de:61:
1c:a0:35:9d:d1:da:62:9c:27:65:aa:fc:16:b8:c9:
16:4d:14:ce:ce:8b:9f:be:a5:3f:4b:c3:b0:33:b4:
26:67:c4:b5:de:85:f3:5e:e8:94:19:25:aa:16:1d:
3b:12:69:9a:c9:c7:d9:b1:f9:56:fc:11:7c:e7:46:
d5:41:29:cf:da:99:11:4a:25:66:54:2e:b9:75:ea:
02:50:b4:9e:60:23:6e:eb:3c:6a:94:62:11:b2:11:
0a:5e:90:e3:63:88:c8:ca:0e:e0:11:6f:e6:0a:fb:
13:06:4c:33:c4:13:cc:e4:27:75:ca:b1:59:e0:cf:
99:32:10:6c:d9:22:ec:54:a2:c8:a2:b9:85:02:e5:
10:1c:20:95:e9:c3:9c:2c:a6:ce:bc:58:1b:2c:cb:
f4:2e:08:1b:43:38:5b:83:0f:49:1c:ca:48:1f:cb:
34:4c:40:29:9a:9e:66:49:5e:26:e5:eb:c7:b1:6e:
3c:ec:f3:22:6d:d8:57:48:f0:06:96:79:07:f5:9f:
c7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:95:41:70:7D:71:40:C6:B7:47:0B:79:EB:CC:8C:F1:C1:D6:32:CB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5VBcH1xQMa3Rwt568yM8cHWMss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.42.0/24
194.87.81.0/24
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:9b:3a:e6:a0:c2:f1:bd:76:8c:6d:a3:9e:b1:f0:cf:37:26:
33:1a:30:a0:9c:ea:d2:c0:78:cd:87:55:21:fb:23:5c:18:2b:
c9:91:12:16:dd:76:d7:46:11:63:e1:1b:af:d2:99:e7:4b:2f:
2b:e8:7f:72:6c:f1:2f:1f:72:12:df:28:cd:31:d6:8b:6c:77:
11:6a:f9:03:bc:66:4f:17:6b:71:9e:2a:0c:ff:c3:73:53:cb:
4d:d2:8b:19:47:82:9a:12:f8:16:71:6f:c9:06:63:62:cd:42:
2f:29:06:10:dc:b1:7e:a7:12:d4:5e:9e:c3:a1:a4:6f:cc:34:
ab:71:32:dc:7c:f8:ee:0b:0e:10:82:6c:25:0e:b9:2d:9a:bc:
5d:82:b9:89:f5:c6:be:c0:66:07:3f:96:23:76:6a:af:45:37:
9c:51:54:5e:c2:6d:9c:69:3f:a4:ec:b8:ce:b6:69:12:e2:bc:
25:19:e7:de:d6:04:6d:8c:d7:15:7a:28:7b:b0:df:91:9d:43:
c0:80:46:09:cd:4a:31:70:37:77:a2:3e:2d:9e:f3:28:32:3a:
98:9e:ad:dd:2d:fb:a9:ab:b7:33:82:cd:05:99:a7:a1:0e:d5:
4b:4b:8e:01:2d:cd:d2:62:ac:01:6f:5f:a5:ca:a7:d2:74:4c:
53:41:c5:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYylsgyjx0K0Wd9RQdgr3YRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI2MTAzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjk1NDE3MDdkNzE0MGM2Yjc0NzBiNzllYmNjOGNmMWMxZDYzMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlB272cE7A5VylgX3SEyUljsJGgd
Eyraf8G8oh07a8AA2N6AuQsWpHTNGUb26WvCbPNBLXFedr6L3mEcoDWd0dpinCdl
qvwWuMkWTRTOzoufvqU/S8OwM7QmZ8S13oXzXuiUGSWqFh07EmmaycfZsflW/BF8
50bVQSnP2pkRSiVmVC65deoCULSeYCNu6zxqlGIRshEKXpDjY4jIyg7gEW/mCvsT
BkwzxBPM5Cd1yrFZ4M+ZMhBs2SLsVKLIormFAuUQHCCV6cOcLKbOvFgbLMv0Lggb
Qzhbgw9JHMpIH8s0TEApmp5mSV4m5evHsW487PMibdhXSPAGlnkH9Z/HXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM+VQXB9cUDGt0cLeevMjPHB1jLLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvejVWQmNIMXhRTWEzUnd0NTY4eU04Y0hXTXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjoqAwQA
wldRAwQA1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQBamzrmoMLxvXaMbaOesfDPNyYz
GjCgnOrSwHjNh1Uh+yNcGCvJkRIW3XbXRhFj4Ruv0pnnSy8r6H9ybPEvH3IS3yjN
MdaLbHcRavkDvGZPF2txnioM/8NzU8tN0osZR4KaEvgWcW/JBmNizUIvKQYQ3LF+
pxLUXp7DoaRvzDSrcTLcfPjuCw4QgmwlDrktmrxdgrmJ9ca+wGYHP5YjdmqvRTec
UVRewm2caT+k7LjOtmkS4rwlGefe1gRtjNcVeih7sN+RnUPAgEYJzUoxcDd3oj4t
nvMoMjqYnq3dLfupq7czgs0FmaehDtVLS44BLc3SYqwBb1+lyqfSdExTQcXS
-----END CERTIFICATE-----
Generated at Fri Dec 29 09:54:12 2023 by rpki-client on console-fra.rpki-client.org