Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/c4OvI6-a4TAWrcNBMNNUwnsxweA.roa
File: c4OvI6-a4TAWrcNBMNNUwnsxweA.roa (raw, json)
Hash identifier: 0rTtoSzx9NMkppv4zJP3xYuZVySQtkWjG3h16tXGBhQ=
Subject key identifier: 73:83:AF:23:AF:9A:E1:30:16:AD:C3:41:30:D3:54:C2:7B:31:C1:E0
Certificate issuer: /CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Certificate serial: 01856E1D424B6664398DA5DDB926A0264782
Authority key identifier: F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/c4OvI6-a4TAWrcNBMNNUwnsxweA.roa
Signing time: Sun 01 Jan 2023 16:14:49 +0000
ROA not before: Sun 01 Jan 2023 16:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209979
IP address blocks: 194.35.103.0/24 maxlen: 24
194.35.100.0/22 maxlen: 22
194.35.100.0/24 maxlen: 24
194.35.101.0/24 maxlen: 24
194.35.102.0/24 maxlen: 24
2a09:c580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:42:4b:66:64:39:8d:a5:dd:b9:26:a0:26:47:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Validity
Not Before: Jan 1 16:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7383af23af9ae13016adc34130d354c27b31c1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:74:f2:53:e3:9a:cc:c3:21:c5:58:64:37:37:
32:b6:96:5d:95:31:3d:9b:50:4c:ff:06:78:72:32:
ad:8b:4d:f9:ec:23:d8:4c:81:20:37:0b:2f:79:dd:
47:f4:65:b3:7a:13:97:88:d2:9c:99:96:1b:52:a2:
61:36:9d:5b:b6:43:83:f1:84:52:98:08:26:80:bf:
ff:a5:9c:b7:28:9c:8b:95:c4:a6:11:40:6a:3b:db:
ac:9f:64:9e:0e:0b:03:f9:a0:8b:cc:bb:f7:bf:8d:
35:1c:24:60:0c:3a:d5:2b:58:f2:59:32:c5:80:45:
ed:a8:dd:47:90:67:72:19:76:d3:80:da:f0:66:c8:
18:bc:70:66:44:b8:2d:49:40:c1:c7:f4:11:dc:38:
14:14:b1:4c:ec:34:18:3f:d0:0e:20:74:23:a5:3f:
10:02:86:f6:6e:4b:4b:b3:bc:2a:cd:58:93:f5:8b:
ce:eb:0e:e6:67:8f:c3:36:6c:31:22:82:8a:0c:ca:
32:fa:36:d8:a6:0d:5b:22:a2:c9:73:e7:cc:17:96:
08:4b:99:a8:cf:00:cc:30:e0:75:95:d6:5b:f7:f7:
92:c5:66:03:01:29:0b:d1:94:56:c8:ea:41:3b:eb:
67:61:b6:ce:98:97:b7:ba:41:cd:49:32:c3:8e:8e:
0e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:83:AF:23:AF:9A:E1:30:16:AD:C3:41:30:D3:54:C2:7B:31:C1:E0
X509v3 Authority Key Identifier:
keyid:F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/c4OvI6-a4TAWrcNBMNNUwnsxweA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/8d15W-NuS1swnryOBOpzlBNccUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.100.0/22
IPv6:
2a09:c580::/32
Signature Algorithm: sha256WithRSAEncryption
2a:98:5d:ed:fb:be:84:a4:bf:a6:61:74:74:3e:7c:b7:f4:22:
1a:53:87:85:e3:b4:6b:cb:c2:bd:8f:1c:f8:d9:c7:04:39:52:
a8:82:b0:c2:ab:c1:bf:e4:13:a5:5d:1e:e0:51:d6:93:be:e1:
47:c0:c2:b6:ce:54:c0:3a:f4:37:2f:65:30:d3:34:44:cf:9f:
a5:ae:28:2c:83:4e:fa:04:28:57:9a:d7:a4:1a:1a:3f:56:24:
32:97:e3:55:68:9c:25:77:af:8a:3f:0e:a3:ee:be:b3:70:40:
e8:3d:4a:1c:6e:3d:0d:b5:07:16:c9:84:6d:25:8f:fa:2d:6f:
6d:18:86:db:f1:0d:b7:bb:df:f0:f9:aa:05:31:6a:6f:e5:4e:
bc:39:98:9f:f7:5d:bf:14:71:ec:a4:ec:2d:50:89:6b:f9:14:
49:fb:6f:20:4a:3e:be:60:7c:2c:55:75:97:4f:44:e5:69:f3:
74:48:77:b1:a9:2b:14:e9:b2:62:a4:fb:d6:b1:12:83:33:fa:
c8:6f:ec:c8:a7:7b:5b:d7:95:a1:7e:53:5a:14:76:a3:1c:ec:
04:7a:7e:81:ee:80:d0:26:7d:d2:2f:b8:60:4e:ee:49:6f:ac:
7e:73:b1:e4:70:5d:21:c8:bb:6b:d4:14:73:da:16:6b:08:8d:
9d:98:c2:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuHUJLZmQ5jaXduSagJkeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGQ3OTViZTM2ZTRiNWIzMDllYmM4ZTA0ZWE3Mzk0MTM1
YzcxNGMwHhcNMjMwMTAxMTYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzgzYWYyM2FmOWFlMTMwMTZhZGMzNDEzMGQzNTRjMjdiMzFjMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHTyU+OazMMhxVhkNzcytpZdlTE9
m1BM/wZ4cjKti0357CPYTIEgNwsved1H9GWzehOXiNKcmZYbUqJhNp1btkOD8YRS
mAgmgL//pZy3KJyLlcSmEUBqO9usn2SeDgsD+aCLzLv3v401HCRgDDrVK1jyWTLF
gEXtqN1HkGdyGXbTgNrwZsgYvHBmRLgtSUDBx/QR3DgUFLFM7DQYP9AOIHQjpT8Q
Aob2bktLs7wqzViT9YvO6w7mZ4/DNmwxIoKKDMoy+jbYpg1bIqLJc+fMF5YIS5mo
zwDMMOB1ldZb9/eSxWYDASkL0ZRWyOpBO+tnYbbOmJe3ukHNSTLDjo4OHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHODryOvmuEwFq3DQTDTVMJ7McHgMB8GA1UdIwQY
MBaAFPHdeVvjbktbMJ68jgTqc5QTXHFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYt
ZmU0NDc3MmQ1YWUxLzEvYzRPdkk2LWE0VEFXcmNOQk1OTlV3bnN4d2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYtZmU0NDc3MmQ1YWUx
LzEvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiNkMA0E
AgACMAcDBQAqCcWAMA0GCSqGSIb3DQEBCwUAA4IBAQAqmF3t+76EpL+mYXR0Pny3
9CIaU4eF47Rry8K9jxz42ccEOVKogrDCq8G/5BOlXR7gUdaTvuFHwMK2zlTAOvQ3
L2Uw0zREz5+lrigsg076BChXmtekGho/ViQyl+NVaJwld6+KPw6j7r6zcEDoPUoc
bj0NtQcWyYRtJY/6LW9tGIbb8Q23u9/w+aoFMWpv5U68OZif912/FHHspOwtUIlr
+RRJ+28gSj6+YHwsVXWXT0TlafN0SHexqSsU6bJipPvWsRKDM/rIb+zIp3tb15Wh
flNaFHajHOwEen6B7oDQJn3SL7hgTu5Jb6x+c7HkcF0hyLtr1BRz2hZrCI2dmMJ8
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:15 2024 by rpki-client on console-fra.rpki-client.org