Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2XRUAC3IXyIk05-Eq_YEhUAfx9I.roa
File: 2XRUAC3IXyIk05-Eq_YEhUAfx9I.roa (raw, json)
Hash identifier: Ul3hMN8f8h3z6Ba0YhS0YwUHuCQ1mxkbNMCGMOrGG8U=
Subject key identifier: D9:74:54:00:2D:C8:5F:22:24:D3:9F:84:AB:F6:04:85:40:1F:C7:D2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BCC2FAA34775FDC49069BC511A57DBDFB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2XRUAC3IXyIk05-Eq_YEhUAfx9I.roa
Signing time: Tue 14 Nov 2023 04:55:57 +0000
ROA not before: Tue 14 Nov 2023 04:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.141.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:2f:aa:34:77:5f:dc:49:06:9b:c5:11:a5:7d:bd:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 04:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d97454002dc85f2224d39f84abf60485401fc7d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:17:0e:17:a2:a5:91:b9:9e:66:88:1a:f0:
20:1b:74:e4:1f:b6:7e:12:9e:e6:ea:ba:2d:41:28:
c9:84:d5:0a:66:08:76:f5:f8:3c:40:d6:f2:46:69:
8a:5e:a4:c1:6b:7f:a6:6e:1c:d6:c7:49:8a:78:e2:
1f:38:53:36:f5:7e:f0:67:4a:f7:9a:a9:82:2e:20:
69:4f:c1:9c:4b:75:78:e5:f8:e5:ee:d4:7b:0a:a4:
90:f5:14:db:9c:cd:13:ca:aa:22:4b:b1:b2:63:eb:
8f:e8:f5:84:93:58:2d:12:d2:56:9c:2a:23:08:54:
3f:6c:d6:ed:48:f6:f6:41:95:80:1d:79:78:cc:e5:
76:03:d0:dd:68:10:22:0f:41:31:fe:c5:52:9e:a8:
b4:31:f7:e3:6b:e0:5c:b4:01:13:6d:fd:6b:e7:6b:
b6:e5:5e:e6:41:14:0b:0c:3e:d4:4a:86:7e:2d:52:
5e:58:82:49:7d:55:bc:cc:d0:ce:da:ef:60:a6:2f:
90:92:48:00:be:a8:df:5a:81:0b:26:3b:cd:f6:db:
62:c0:41:09:e8:e9:47:e5:82:45:e8:2b:1f:f6:ca:
09:bc:3f:8b:72:27:bd:74:86:ca:e3:b7:40:4d:3a:
ea:8b:3c:13:c3:22:e6:29:a6:ba:00:7c:ec:0d:66:
5d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:74:54:00:2D:C8:5F:22:24:D3:9F:84:AB:F6:04:85:40:1F:C7:D2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2XRUAC3IXyIk05-Eq_YEhUAfx9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.141.0/24
194.87.170.0/24
194.87.178.0/24
195.58.63.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
64:30:8b:9b:04:6a:6c:29:2a:2c:37:b0:96:8a:40:f6:75:21:
0d:8c:50:54:ef:71:56:ec:1b:fb:b9:5e:eb:1f:d3:8d:88:77:
d5:fa:d3:9e:10:c7:d3:0e:e8:7f:2b:5e:11:43:a1:49:26:de:
be:0a:8d:92:36:35:b7:79:39:ba:f6:de:bf:d6:cd:ec:85:67:
9f:6d:ef:33:45:b5:26:84:57:5c:8c:5c:78:fb:8e:0b:7b:af:
6b:51:7f:36:43:cd:3f:c8:9b:57:0d:d5:db:ae:32:01:97:ee:
ad:6e:70:2b:bd:b5:25:a5:96:01:0b:b8:df:40:5d:b1:64:ae:
79:88:c1:4c:40:52:a2:88:3f:8e:4b:0e:a8:06:ef:f3:1b:66:
f6:14:f7:f4:47:9d:be:07:b1:b3:67:e8:f7:24:2d:1c:7b:2c:
ed:a1:16:0d:0c:2e:03:42:d3:3d:e5:03:9e:e5:b7:56:64:6d:
f5:74:9a:28:38:5d:36:ac:22:4e:b1:dd:c3:be:2a:40:7d:23:
9f:da:76:f6:b9:79:24:37:b1:cb:02:d7:03:e3:d8:83:4b:7b:
78:34:c3:76:54:68:97:bc:fa:4f:66:08:27:b8:ef:ba:f6:8d:
d1:2e:b4:1a:8c:82:c5:80:3d:0d:3e:d5:1b:7c:e4:c1:c7:22:
20:55:80:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvML6o0d1/cSQabxRGlfb37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE0MDQ1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc0NTQwMDJkYzg1ZjIyMjRkMzlmODRhYmY2MDQ4NTQwMWZjN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g0XDheipZG5nmaIGvAgG3TkH7Z+
Ep7m6rotQSjJhNUKZgh29fg8QNbyRmmKXqTBa3+mbhzWx0mKeOIfOFM29X7wZ0r3
mqmCLiBpT8GcS3V45fjl7tR7CqSQ9RTbnM0TyqoiS7GyY+uP6PWEk1gtEtJWnCoj
CFQ/bNbtSPb2QZWAHXl4zOV2A9DdaBAiD0Ex/sVSnqi0Mffja+BctAETbf1r52u2
5V7mQRQLDD7USoZ+LVJeWIJJfVW8zNDO2u9gpi+QkkgAvqjfWoELJjvN9ttiwEEJ
6OlH5YJF6Csf9soJvD+Lcie9dIbK47dATTrqizwTwyLmKaa6AHzsDWZd6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNl0VAAtyF8iJNOfhKv2BIVAH8fSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMlhSVUFDM0lYeUlrMDUtRXFfWUVoVUFmeDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwleNAwQA
wleqAwQAwleyAwQAwzo/AwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQBkMIubBGps
KSosN7CWikD2dSENjFBU73FW7Bv7uV7rH9ONiHfV+tOeEMfTDuh/K14RQ6FJJt6+
Co2SNjW3eTm69t6/1s3shWefbe8zRbUmhFdcjFx4+44Le69rUX82Q80/yJtXDdXb
rjIBl+6tbnArvbUlpZYBC7jfQF2xZK55iMFMQFKiiD+OSw6oBu/zG2b2FPf0R52+
B7GzZ+j3JC0ceyztoRYNDC4DQtM95QOe5bdWZG31dJooOF02rCJOsd3DvipAfSOf
2nb2uXkkN7HLAtcD49iDS3t4NMN2VGiXvPpPZggnuO+69o3RLrQajILFgD0NPtUb
fOTBxyIgVYCc
-----END CERTIFICATE-----
Generated at Tue Nov 14 12:16:40 2023 by rpki-client on console-ams.rpki-client.org