Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4zVD2mRmksHve7l6viqWwCOYFLc.roa
File: 4zVD2mRmksHve7l6viqWwCOYFLc.roa (raw, json)
Hash identifier: pg3LGEIELMlqTgqJ8pv6/pvP25ZFiaZENOGbuo6CpUk=
Subject key identifier: E3:35:43:DA:64:66:92:C1:EF:7B:B9:7A:BE:2A:96:C0:23:98:14:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB9B91EBE9684E88741A5F374EF368935
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4zVD2mRmksHve7l6viqWwCOYFLc.roa
Signing time: Fri 10 Nov 2023 14:53:18 +0000
ROA not before: Fri 10 Nov 2023 14:53:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 194.87.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Nov 2023 14:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:b9:1e:be:96:84:e8:87:41:a5:f3:74:ef:36:89:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 10 14:53:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e33543da646692c1ef7bb97abe2a96c0239814b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d2:b0:6e:a5:04:b0:c0:b1:5e:3f:28:08:1c:
dd:30:99:8d:b2:b7:1f:a0:31:b6:ea:d6:24:82:ce:
f6:34:66:d1:9d:3a:5d:3f:84:f5:6d:cc:76:24:be:
bb:75:db:45:f0:6a:73:be:e1:f3:94:e9:36:19:50:
bb:1b:11:18:54:1d:f8:19:7e:95:a5:74:de:a5:73:
06:ce:a2:24:7f:ba:5f:d4:e6:7e:ea:66:d0:57:fb:
27:9d:86:14:a1:58:84:17:de:ab:b9:22:8d:57:72:
05:76:ae:a7:9c:d5:44:48:98:36:21:ad:73:d8:88:
4a:3c:85:a1:13:c1:ef:20:0a:78:b3:0e:08:de:45:
d2:8a:64:f1:a5:46:f0:61:b3:72:fd:2e:7c:2b:6b:
4a:e4:c3:d2:48:83:22:39:d7:ec:0d:39:7f:f7:da:
10:f6:85:11:11:bc:f8:ab:0b:48:9b:e7:12:07:ce:
cb:3b:92:66:dd:81:6b:14:45:a3:6c:a2:4c:69:95:
96:94:5b:92:85:00:f5:03:dd:77:12:23:ca:59:da:
6f:87:ea:e6:d8:16:d0:82:d6:3c:97:cc:6f:a4:f1:
4b:e8:1d:60:7a:67:21:f7:4a:99:78:59:85:d4:58:
ae:61:52:26:66:b1:e3:54:bb:44:a3:4d:aa:ba:77:
35:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:35:43:DA:64:66:92:C1:EF:7B:B9:7A:BE:2A:96:C0:23:98:14:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4zVD2mRmksHve7l6viqWwCOYFLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.190.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:7a:cb:c8:76:fd:b2:56:16:37:1b:7d:ad:2a:25:61:3e:23:
25:1a:14:13:6f:54:ef:77:0f:bf:99:dd:40:20:e8:04:ed:25:
a7:3a:d3:f9:85:06:54:74:36:28:5f:eb:82:a5:78:8a:83:bd:
a7:2c:a5:6f:aa:02:3e:a6:7d:e0:ea:8d:2e:bf:21:5f:37:18:
3e:d7:7f:9e:62:cd:af:42:e6:6b:ab:2d:af:1a:fa:5e:cd:21:
a9:86:b6:ff:0e:db:b7:7f:fb:fc:9e:d1:f7:68:f7:43:be:64:
31:c7:10:fe:05:30:5d:3b:80:75:76:24:23:e8:a3:17:c6:9d:
c6:0f:17:54:38:d8:0c:b6:fb:06:c8:f1:03:ca:7d:4d:a0:f7:
be:bf:2c:bd:3c:c0:5f:03:39:1e:8b:23:74:3f:61:9d:8d:9d:
04:e0:2f:ad:a1:4e:f0:77:1f:0b:43:30:34:0e:77:11:ff:bc:
b1:29:83:0e:86:ba:be:2a:76:85:d8:95:fa:1f:9e:f6:f6:61:
00:ed:58:91:8f:e6:5c:d0:79:5c:36:bf:e5:72:e2:31:af:e1:
f6:84:b9:7a:c9:f5:c9:3e:81:53:7d:64:a7:68:c9:ab:e9:03:
68:17:fa:8a:96:eb:33:62:00:dc:e3:0b:8f:26:4a:2a:e1:83:
d9:be:50:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu5uR6+loToh0Gl83TvNok1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEwMTQ1MzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzM1NDNkYTY0NjY5MmMxZWY3YmI5N2FiZTJhOTZjMDIzOTgxNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9KwbqUEsMCxXj8oCBzdMJmNsrcf
oDG26tYkgs72NGbRnTpdP4T1bcx2JL67ddtF8GpzvuHzlOk2GVC7GxEYVB34GX6V
pXTepXMGzqIkf7pf1OZ+6mbQV/snnYYUoViEF96ruSKNV3IFdq6nnNVESJg2Ia1z
2IhKPIWhE8HvIAp4sw4I3kXSimTxpUbwYbNy/S58K2tK5MPSSIMiOdfsDTl/99oQ
9oUREbz4qwtIm+cSB87LO5Jm3YFrFEWjbKJMaZWWlFuShQD1A913EiPKWdpvh+rm
2BbQgtY8l8xvpPFL6B1gemch90qZeFmF1FiuYVImZrHjVLtEo02qunc1PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOM1Q9pkZpLB73u5er4qlsAjmBS3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHpWRDJtUm1rc0h2ZTdsNnZpcVd3Q09ZRkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwle+MA0G
CSqGSIb3DQEBCwUAA4IBAQA8esvIdv2yVhY3G32tKiVhPiMlGhQTb1Tvdw+/md1A
IOgE7SWnOtP5hQZUdDYoX+uCpXiKg72nLKVvqgI+pn3g6o0uvyFfNxg+13+eYs2v
QuZrqy2vGvpezSGphrb/Dtu3f/v8ntH3aPdDvmQxxxD+BTBdO4B1diQj6KMXxp3G
DxdUONgMtvsGyPEDyn1NoPe+vyy9PMBfAzkeiyN0P2GdjZ0E4C+toU7wdx8LQzA0
DncR/7yxKYMOhrq+KnaF2JX6H5729mEA7ViRj+Zc0HlcNr/lcuIxr+H2hLl6yfXJ
PoFTfWSnaMmr6QNoF/qKluszYgDc4wuPJkoq4YPZvlCW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org