Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23y7tt5our1YAMcUEe4EL1CJi1k.roa
File: 23y7tt5our1YAMcUEe4EL1CJi1k.roa (raw, json)
Hash identifier: DQbiti5IFe1Pto4V6qdQHQTFK1Tk3JIoluO6vm0buqo=
Subject key identifier: DB:7C:BB:B6:DE:68:BA:BD:58:00:C7:14:11:EE:04:2F:50:89:8B:59
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190A71206D17043E20B5A7DE87B1DB8D88E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23y7tt5our1YAMcUEe4EL1CJi1k.roa
Signing time: Fri 12 Jul 2024 13:11:34 +0000
ROA not before: Fri 12 Jul 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jul 2024 12:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:12:06:d1:70:43:e2:0b:5a:7d:e8:7b:1d:b8:d8:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 12 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db7cbbb6de68babd5800c71411ee042f50898b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:14:1f:8a:f5:06:e1:10:66:d8:cc:c5:95:46:
51:8a:db:07:6d:ac:61:3b:9f:76:f2:4a:5d:4d:1f:
b6:19:55:8d:37:17:bf:d8:f5:8f:72:18:b5:45:c1:
11:a8:74:74:65:56:c8:99:79:d9:56:14:a8:be:88:
cf:ce:f3:aa:f9:f9:58:02:26:cd:77:d8:38:82:87:
38:49:5d:ec:d2:92:1d:bf:38:5d:cd:c1:80:ff:e8:
e8:ee:5e:0a:7e:aa:3f:c7:9f:a6:ee:1c:5f:84:b5:
9c:11:61:cd:f9:64:62:4e:c3:b9:58:21:ae:30:02:
5f:23:a6:93:fe:07:2b:84:8a:8f:70:77:5f:6a:77:
b5:7c:22:18:cf:d2:dd:8d:d8:b5:e1:19:5a:47:a3:
e9:fb:3c:9d:6d:7f:ce:09:d6:18:70:9c:6b:a5:9e:
35:09:d3:e9:d3:12:64:9f:93:0a:1d:62:ac:8a:bf:
25:e5:09:84:60:68:d2:34:a8:27:f8:1f:7b:86:e9:
cf:91:be:81:69:45:94:47:b7:1d:e4:2e:48:87:7c:
1c:9a:9b:88:17:89:10:75:c0:96:0b:d3:c8:14:ff:
a8:4c:ee:82:e3:e5:f7:f4:c2:20:31:b9:a0:47:09:
c2:9c:e7:2b:59:25:f8:f4:e4:d9:f8:79:f6:54:da:
e9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7C:BB:B6:DE:68:BA:BD:58:00:C7:14:11:EE:04:2F:50:89:8B:59
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/23y7tt5our1YAMcUEe4EL1CJi1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.154.0/23
194.87.1.0/24
194.87.122.0/24
194.87.179.0/24
Signature Algorithm: sha256WithRSAEncryption
24:63:b6:6c:7b:96:34:55:ae:ed:85:ea:aa:b8:c6:94:47:39:
dd:bc:d9:e5:30:30:e8:9e:00:7a:f2:5d:d0:30:fd:90:03:65:
46:0c:88:6f:23:95:43:d7:c9:7c:2f:ef:0c:83:39:48:bd:fb:
11:db:fa:3a:43:9e:da:00:df:5c:52:db:53:d8:a1:ab:32:56:
83:02:bd:48:db:83:6a:7e:85:c7:b7:43:44:59:04:0c:cc:f1:
d1:f6:21:2c:62:b9:58:fb:7a:c2:d0:f8:e0:99:98:6f:93:30:
a3:c2:69:b9:f6:e8:b7:91:9e:62:8c:9e:50:93:18:0d:f3:7f:
6b:8f:41:4c:c9:73:c3:55:5b:68:e5:b0:ee:f0:ba:8b:e6:53:
ad:b2:cd:5a:94:11:52:19:08:09:20:9d:2f:7a:be:7e:cc:5e:
b9:79:29:6a:63:23:6a:cc:e3:61:03:99:fe:d8:d5:20:fb:36:
76:d9:90:f2:26:11:0e:e3:a0:50:d8:4d:f1:fa:e5:20:66:11:
4f:72:ac:81:4b:e2:a2:67:e6:96:b6:5f:1d:42:ba:5e:92:1b:
35:ed:4c:e7:52:f3:92:bd:3c:88:e1:9a:07:f0:3b:4a:5c:6c:
9e:9d:6b:7c:84:64:a5:5d:d9:07:44:03:9f:5a:a2:fe:03:1d:
19:fd:1f:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCnEgbRcEPiC1p96HsduNiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzEyMTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjdjYmJiNmRlNjhiYWJkNTgwMGM3MTQxMWVlMDQyZjUwODk4YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhQfivUG4RBm2MzFlUZRitsHbaxh
O5928kpdTR+2GVWNNxe/2PWPchi1RcERqHR0ZVbImXnZVhSovojPzvOq+flYAibN
d9g4goc4SV3s0pIdvzhdzcGA/+jo7l4Kfqo/x5+m7hxfhLWcEWHN+WRiTsO5WCGu
MAJfI6aT/gcrhIqPcHdfane1fCIYz9Ldjdi14RlaR6Pp+zydbX/OCdYYcJxrpZ41
CdPp0xJkn5MKHWKsir8l5QmEYGjSNKgn+B97hunPkb6BaUWUR7cd5C5Ih3wcmpuI
F4kQdcCWC9PIFP+oTO6C4+X39MIgMbmgRwnCnOcrWSX49OTZ+Hn2VNrpfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNt8u7beaLq9WADHFBHuBC9QiYtZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMjN5N3R0NW91cjFZQU1jVUVlNEVMMUNKaTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwjqaAwQA
wlcBAwQAwld6AwQAwlezMA0GCSqGSIb3DQEBCwUAA4IBAQAkY7Zse5Y0Va7theqq
uMaURzndvNnlMDDongB68l3QMP2QA2VGDIhvI5VD18l8L+8MgzlIvfsR2/o6Q57a
AN9cUttT2KGrMlaDAr1I24NqfoXHt0NEWQQMzPHR9iEsYrlY+3rC0PjgmZhvkzCj
wmm59ui3kZ5ijJ5QkxgN839rj0FMyXPDVVto5bDu8LqL5lOtss1alBFSGQgJIJ0v
er5+zF65eSlqYyNqzONhA5n+2NUg+zZ22ZDyJhEO46BQ2E3x+uUgZhFPcqyBS+Ki
Z+aWtl8dQrpekhs17UznUvOSvTyI4ZoH8DtKXGyenWt8hGSlXdkHRAOfWqL+Ax0Z
/R++
-----END CERTIFICATE-----
Generated at Fri Jul 26 14:10:37 2024 by rpki-client on console-fra.rpki-client.org