Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3v4XRklpcr6PB7SNcIeBHif0IUE.roa
File: 3v4XRklpcr6PB7SNcIeBHif0IUE.roa (raw, json)
Hash identifier: 1iR37hKdTcqpROobR/kJQ7xNGYJwiq+rSw6lFqwOx/g=
Subject key identifier: DE:FE:17:46:49:69:72:BE:8F:07:B4:8D:70:87:81:1E:27:F4:21:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875257BED38043651C477B8BD2CD42641D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3v4XRklpcr6PB7SNcIeBHif0IUE.roa
Signing time: Wed 05 Apr 2023 16:54:54 +0000
ROA not before: Wed 05 Apr 2023 16:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:57:be:d3:80:43:65:1c:47:7b:8b:d2:cd:42:64:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=defe1746496972be8f07b48d7087811e27f42141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c2:67:d3:c5:e0:4b:60:75:e4:81:27:3d:63:
49:ee:e3:b4:15:3e:da:65:1d:62:62:0d:4a:58:b9:
37:e4:80:dd:34:d5:78:3a:a5:d5:82:43:8b:22:2d:
eb:15:84:87:6e:a1:df:4d:8a:39:42:82:23:1f:27:
22:18:62:cc:91:46:e2:70:5d:2d:7e:78:2c:c3:d9:
26:92:f9:2a:72:d4:ea:7e:85:65:98:e2:99:46:58:
d0:e8:cc:e8:80:8b:f1:db:72:53:0c:d7:88:44:66:
2e:9a:70:45:92:d2:7e:18:ae:c4:da:f4:92:5b:16:
50:9f:e7:2c:9e:eb:e8:ac:01:7a:8f:01:fa:c4:a3:
ca:50:ce:d6:94:03:8d:a4:7c:c4:0d:58:94:ca:23:
5b:00:d7:30:14:01:cc:a7:2d:9a:9b:e6:08:72:d7:
d9:27:59:c1:40:92:80:bb:c1:43:0e:d6:da:ae:54:
06:ec:a1:a5:39:75:0b:35:39:c9:39:49:9b:23:a9:
6e:12:b3:b1:e4:a1:d3:a7:4b:bd:75:78:ec:57:d9:
87:81:30:48:b0:6e:39:96:9c:16:e4:a3:92:70:2b:
10:14:2b:2b:14:a8:bb:a5:45:da:ce:71:0e:38:2d:
05:c6:5b:eb:a6:88:1b:8a:27:f8:4a:64:af:02:7e:
9a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FE:17:46:49:69:72:BE:8F:07:B4:8D:70:87:81:1E:27:F4:21:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3v4XRklpcr6PB7SNcIeBHif0IUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.71.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:2a:9b:e3:63:77:3e:94:c5:94:eb:06:1b:5c:b9:d8:c7:59:
83:ec:f7:5f:e4:d7:c0:ae:98:41:dc:82:06:54:3b:87:87:44:
c0:bd:69:44:79:24:be:54:52:e3:e1:9f:86:1b:9a:5d:b9:ed:
ff:b0:61:57:e7:d7:70:2b:bd:a9:15:bd:58:da:b3:10:47:f0:
15:a5:44:6f:fb:c9:69:7b:70:4e:59:ae:8c:4c:7d:89:37:fc:
8e:14:dc:a0:06:a3:00:0a:ec:06:66:7f:2a:49:24:37:cd:e9:
11:55:9e:72:57:63:74:63:a7:db:f3:52:67:00:ac:aa:74:7f:
11:40:c8:f4:4c:17:28:7f:c1:8d:55:2b:b6:b2:31:a5:85:4f:
17:ab:a1:d3:8f:80:d9:96:fc:4b:16:f4:e7:82:c8:c4:79:76:
5c:c8:f9:2a:ed:c6:40:3f:08:d1:a4:50:3f:eb:0e:82:c1:fc:
d3:3f:3c:5a:a1:91:e7:c6:87:01:4f:9c:85:94:ec:02:55:b0:
39:79:d8:59:b1:a6:d1:e7:8a:fe:24:f3:5f:08:6b:5a:65:cb:
cd:50:81:85:2b:99:79:b6:8e:4d:96:9d:7f:c9:a0:5b:c4:72:
39:2c:ed:24:41:a1:1f:8e:5e:e8:ab:0e:3c:cc:5a:db:fd:ea:
8e:e5:1c:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdSV77TgENlHEd7i9LNQmQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZlMTc0NjQ5Njk3MmJlOGYwN2I0OGQ3MDg3ODExZTI3ZjQyMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcJn08XgS2B15IEnPWNJ7uO0FT7a
ZR1iYg1KWLk35IDdNNV4OqXVgkOLIi3rFYSHbqHfTYo5QoIjHyciGGLMkUbicF0t
fngsw9kmkvkqctTqfoVlmOKZRljQ6MzogIvx23JTDNeIRGYumnBFktJ+GK7E2vSS
WxZQn+csnuvorAF6jwH6xKPKUM7WlAONpHzEDViUyiNbANcwFAHMpy2am+YIctfZ
J1nBQJKAu8FDDtbarlQG7KGlOXULNTnJOUmbI6luErOx5KHTp0u9dXjsV9mHgTBI
sG45lpwW5KOScCsQFCsrFKi7pUXaznEOOC0Fxlvrpogbiif4SmSvAn6aowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7+F0ZJaXK+jwe0jXCHgR4n9CFBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM3Y0WFJrbHBjcjZQQjdTTmNJZUJIaWYwSVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldHMA0G
CSqGSIb3DQEBCwUAA4IBAQB7KpvjY3c+lMWU6wYbXLnYx1mD7Pdf5NfArphB3IIG
VDuHh0TAvWlEeSS+VFLj4Z+GG5pdue3/sGFX59dwK72pFb1Y2rMQR/AVpURv+8lp
e3BOWa6MTH2JN/yOFNygBqMACuwGZn8qSSQ3zekRVZ5yV2N0Y6fb81JnAKyqdH8R
QMj0TBcof8GNVSu2sjGlhU8Xq6HTj4DZlvxLFvTngsjEeXZcyPkq7cZAPwjRpFA/
6w6CwfzTPzxaoZHnxocBT5yFlOwCVbA5edhZsabR54r+JPNfCGtaZcvNUIGFK5l5
to5Nlp1/yaBbxHI5LO0kQaEfjl7oqw48zFrb/eqO5Rwa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org