Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0rhlxwGSkWuEhqiZuUiN1ic4qYs.roa
File: 0rhlxwGSkWuEhqiZuUiN1ic4qYs.roa (raw, json)
Hash identifier: TYa1PPW1URDdv7kDo6iWaU+uyneU8wO5S/OuV+R7k5Q=
Subject key identifier: D2:B8:65:C7:01:92:91:6B:84:86:A8:99:B9:48:8D:D6:27:38:A9:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B2C97515FA28B1BDC4BDC8FDC99694B4F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0rhlxwGSkWuEhqiZuUiN1ic4qYs.roa
Signing time: Sat 14 Oct 2023 05:09:56 +0000
ROA not before: Sat 14 Oct 2023 05:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216394
IP address blocks: 194.87.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2c:97:51:5f:a2:8b:1b:dc:4b:dc:8f:dc:99:69:4b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 05:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2b865c70192916b8486a899b9488dd62738a98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fc:ae:51:cb:f0:50:4f:12:91:3b:90:e0:4a:
0a:b0:1a:5e:01:e5:6c:c9:e4:a9:82:b3:45:d3:bf:
a9:d0:76:33:e6:23:1a:15:3b:66:57:26:6c:a5:f0:
d2:5c:a7:61:56:b1:11:10:9e:4c:1f:c7:fc:d8:f1:
2f:d8:4d:fb:d2:26:e7:27:13:0c:e4:e5:ad:c2:e6:
0a:40:fe:d0:23:c6:d6:55:be:97:20:22:17:3c:2f:
4e:53:89:a3:04:2c:fa:a1:8b:af:4a:fb:ce:3f:9c:
5c:dc:55:57:3f:69:ea:c2:f9:b8:17:24:66:ce:38:
b2:f2:15:3c:d6:92:10:7d:87:a9:02:bf:1a:f9:3a:
1c:63:64:e1:bd:60:1b:c6:52:77:df:fe:bf:9f:7c:
0b:44:39:6c:71:07:f8:c1:b2:70:7d:28:23:f7:78:
84:16:ac:24:ec:02:0e:1c:01:dc:96:fd:f5:2e:24:
16:f9:bb:67:cf:e4:04:33:b2:bc:13:5c:ca:f4:96:
ed:3e:e6:42:1f:1e:41:50:b9:1a:f1:18:79:13:83:
d2:58:45:3b:36:97:00:4b:70:c4:bb:46:ad:65:4e:
46:2c:8e:8e:a6:2d:2d:b7:ce:6f:e4:dc:82:b3:a3:
2b:61:98:ca:8e:e7:bc:29:42:3d:ad:ff:d5:51:c6:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B8:65:C7:01:92:91:6B:84:86:A8:99:B9:48:8D:D6:27:38:A9:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0rhlxwGSkWuEhqiZuUiN1ic4qYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.27.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f2:8d:d9:a5:0b:35:b2:56:56:d5:33:e1:99:39:0d:9f:1c:
d0:26:3d:61:bf:94:03:ea:5e:79:da:3e:20:1c:4d:70:79:8c:
83:2f:f1:fc:79:91:5b:f3:5f:6d:4c:b8:c1:5a:28:4f:29:3a:
7b:b1:64:1e:71:d9:d4:f1:d9:d3:dc:c5:b3:3b:77:ef:52:38:
c5:b8:0f:13:08:35:b6:55:64:8b:a1:07:3e:e9:43:60:c5:6e:
5d:fb:20:27:8c:92:f4:76:be:69:9d:5e:70:0b:ed:93:2a:f6:
70:c1:98:d4:a9:01:9d:e8:66:60:4e:27:d4:54:59:ee:6c:85:
1f:43:d8:83:83:5f:1a:fc:20:70:ef:81:45:11:9c:51:b7:66:
92:f5:b8:f8:82:cf:d6:a8:ba:af:2a:27:d3:61:e0:04:85:02:
31:3e:86:5c:3b:0e:7c:f6:8e:fd:e2:69:08:f7:a2:f9:dc:61:
3b:20:e9:a2:e0:37:f7:26:b5:4c:30:80:97:03:a3:3a:2e:f9:
88:7b:27:6c:7c:92:5e:b6:fe:17:cc:7e:4a:69:55:01:24:8a:
cf:3e:5e:44:3f:2e:0b:93:b1:68:2e:d9:29:66:a6:09:c8:e4:
3f:ca:df:e2:a0:b2:66:ab:37:00:ba:c1:45:ff:1b:58:ce:58:
aa:05:5e:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYssl1Ffoosb3Evcj9yZaUtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE0MDUwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI4NjVjNzAxOTI5MTZiODQ4NmE4OTliOTQ4OGRkNjI3MzhhOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvyuUcvwUE8SkTuQ4EoKsBpeAeVs
yeSpgrNF07+p0HYz5iMaFTtmVyZspfDSXKdhVrEREJ5MH8f82PEv2E370ibnJxMM
5OWtwuYKQP7QI8bWVb6XICIXPC9OU4mjBCz6oYuvSvvOP5xc3FVXP2nqwvm4FyRm
zjiy8hU81pIQfYepAr8a+TocY2ThvWAbxlJ33/6/n3wLRDlscQf4wbJwfSgj93iE
Fqwk7AIOHAHclv31LiQW+btnz+QEM7K8E1zK9JbtPuZCHx5BULka8Rh5E4PSWEU7
NpcAS3DEu0atZU5GLI6Opi0tt85v5NyCs6MrYZjKjue8KUI9rf/VUcbNuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNK4ZccBkpFrhIaomblIjdYnOKmLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMHJobHh3R1NrV3VFaHFpWnVVaU4xaWM0cVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcbMA0G
CSqGSIb3DQEBCwUAA4IBAQAH8o3ZpQs1slZW1TPhmTkNnxzQJj1hv5QD6l552j4g
HE1weYyDL/H8eZFb819tTLjBWihPKTp7sWQecdnU8dnT3MWzO3fvUjjFuA8TCDW2
VWSLoQc+6UNgxW5d+yAnjJL0dr5pnV5wC+2TKvZwwZjUqQGd6GZgTifUVFnubIUf
Q9iDg18a/CBw74FFEZxRt2aS9bj4gs/WqLqvKifTYeAEhQIxPoZcOw589o794mkI
96L53GE7IOmi4Df3JrVMMICXA6M6LvmIeydsfJJetv4XzH5KaVUBJIrPPl5EPy4L
k7FoLtkpZqYJyOQ/yt/ioLJmqzcAusFF/xtYzliqBV5G
-----END CERTIFICATE-----
Generated at Sun Oct 29 11:15:26 2023 by rpki-client on console-fra.rpki-client.org