Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/4mZwMWegaj7zulmMj6VRX-uC-ik.roa
File: 4mZwMWegaj7zulmMj6VRX-uC-ik.roa (raw, json)
Hash identifier: NFmvlxxEs8OLZlqYNCtbnCDMlMe1iPni8B4lEmu55Cc=
Subject key identifier: E2:66:70:31:67:A0:6A:3E:F3:BA:59:8C:8F:A5:51:5F:EB:82:FA:29
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 018C67B46AAD0299B31BF7879C59EED66425
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/4mZwMWegaj7zulmMj6VRX-uC-ik.roa
Signing time: Thu 14 Dec 2023 09:42:06 +0000
ROA not before: Thu 14 Dec 2023 09:42:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35041
IP address blocks: 109.235.168.0/21 maxlen: 21
194.30.169.0/24 maxlen: 24
195.74.36.0/22 maxlen: 22
193.17.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:b4:6a:ad:02:99:b3:1b:f7:87:9c:59:ee:d6:64:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Dec 14 09:42:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e266703167a06a3ef3ba598c8fa5515feb82fa29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:59:6b:15:59:5f:28:45:94:bc:cd:ad:54:00:
2b:c7:55:7d:1a:31:3e:63:78:cb:d6:86:10:18:6a:
8e:04:28:85:8b:74:70:3f:58:04:af:31:61:c2:d5:
00:7a:59:ab:c3:7e:b9:b1:45:ef:5c:49:d6:a8:66:
ac:76:11:9f:92:5b:79:9a:b7:b7:ec:3f:59:98:67:
c7:b8:8a:7b:0a:93:5c:86:7b:c9:5c:35:f6:71:64:
20:23:c7:2e:f2:17:e8:0f:c1:0b:99:ab:6a:81:0d:
c2:7b:34:8d:5b:03:31:75:2f:18:24:c3:97:fd:1b:
f9:22:04:98:d4:79:fb:ee:ee:01:be:43:e2:67:5d:
9c:cd:41:84:15:20:67:2c:c2:05:c9:3a:9f:c8:fc:
bf:f3:17:90:93:33:4c:58:9c:47:0e:bf:a3:2e:6a:
7f:14:4c:09:a6:d9:4f:af:a0:f7:7b:99:4c:ad:2c:
29:48:3f:a7:86:ce:97:8e:5c:6e:f7:08:a9:bc:10:
af:28:48:4d:32:2b:98:d8:e7:42:66:bf:6b:b2:0b:
2f:6b:f6:47:85:2e:ac:a6:01:48:a1:6d:01:45:ef:
09:79:e9:03:38:cb:ec:f1:7c:af:f1:4d:10:49:f0:
77:cb:75:9a:0f:16:09:e8:99:3b:f4:da:b4:18:65:
c6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:66:70:31:67:A0:6A:3E:F3:BA:59:8C:8F:A5:51:5F:EB:82:FA:29
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/4mZwMWegaj7zulmMj6VRX-uC-ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.168.0/21
193.17.218.0/24
194.30.169.0/24
195.74.36.0/22
Signature Algorithm: sha256WithRSAEncryption
74:9d:06:9b:76:dd:d6:ba:a0:1f:4d:f6:7c:34:eb:a7:7f:2b:
46:1d:19:a6:3a:19:a8:0b:16:ad:b4:39:10:89:d6:cd:a7:e1:
bf:d4:78:25:d2:e5:9e:93:9c:2a:b6:28:20:17:4f:91:4a:40:
91:6e:90:31:0e:85:6a:13:e9:34:6b:e0:aa:88:63:6d:28:e0:
23:fb:e5:c1:e6:99:72:bb:34:00:26:45:45:88:0c:10:90:0b:
b9:cf:da:33:06:48:4c:36:22:12:22:2a:46:cc:5b:eb:10:28:
bf:c7:6f:b8:4c:83:92:63:4d:3a:c7:e3:d6:f0:6b:10:81:17:
69:c4:23:ab:a4:5a:9c:9a:f5:24:da:e9:94:b4:14:41:eb:fa:
02:17:2d:7c:fc:4a:c0:b2:00:bb:46:dc:a8:66:a1:4a:00:9b:
76:43:8f:21:64:e8:8c:48:60:19:7a:b6:34:b9:5c:4e:46:e0:
43:18:c2:cf:fb:94:ab:72:a0:33:3c:97:c9:e4:2b:f1:b7:b3:
d6:5f:ea:7e:a7:4a:62:66:f4:66:26:85:ef:d5:b6:da:9d:eb:
63:21:eb:27:dd:1c:27:95:17:13:b6:41:51:d9:b3:13:73:3e:
39:ee:e8:d8:e7:69:6d:bf:de:90:e0:9e:3f:71:ad:3a:57:b6:
76:c1:4a:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxntGqtApmzG/eHnFnu1mQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjMxMjE0MDk0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY2NzAzMTY3YTA2YTNlZjNiYTU5OGM4ZmE1NTE1ZmViODJmYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51lrFVlfKEWUvM2tVAArx1V9GjE+
Y3jL1oYQGGqOBCiFi3RwP1gErzFhwtUAelmrw365sUXvXEnWqGasdhGfklt5mre3
7D9ZmGfHuIp7CpNchnvJXDX2cWQgI8cu8hfoD8ELmatqgQ3CezSNWwMxdS8YJMOX
/Rv5IgSY1Hn77u4BvkPiZ12czUGEFSBnLMIFyTqfyPy/8xeQkzNMWJxHDr+jLmp/
FEwJptlPr6D3e5lMrSwpSD+nhs6Xjlxu9wipvBCvKEhNMiuY2OdCZr9rsgsva/ZH
hS6spgFIoW0BRe8JeekDOMvs8Xyv8U0QSfB3y3WaDxYJ6Jk79Nq0GGXGCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOJmcDFnoGo+87pZjI+lUV/rgvopMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvNG1ad01XZWdhajd6dWxtTWo2VlJYLXVDLWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDbeuoAwQA
wRHaAwQAwh6pAwQCw0okMA0GCSqGSIb3DQEBCwUAA4IBAQB0nQabdt3WuqAfTfZ8
NOunfytGHRmmOhmoCxattDkQidbNp+G/1Hgl0uWek5wqtiggF0+RSkCRbpAxDoVq
E+k0a+CqiGNtKOAj++XB5plyuzQAJkVFiAwQkAu5z9ozBkhMNiISIipGzFvrECi/
x2+4TIOSY006x+PW8GsQgRdpxCOrpFqcmvUk2umUtBRB6/oCFy18/ErAsgC7Rtyo
ZqFKAJt2Q48hZOiMSGAZerY0uVxORuBDGMLP+5SrcqAzPJfJ5Cvxt7PWX+p+p0pi
ZvRmJoXv1bbanetjIesn3RwnlRcTtkFR2bMTcz457ujY52ltv96Q4J4/ca06V7Z2
wUp3
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:16 2024 by rpki-client on console-ams.rpki-client.org