Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5LtlirSALjZCRM3HljCf8QFmR-E.roa
File: 5LtlirSALjZCRM3HljCf8QFmR-E.roa (raw, json)
Hash identifier: 1dpKzcs4nSwKFKKAog7+xkwbGfBo91dd5VeXW0Lplw0=
Subject key identifier: E4:BB:65:8A:B4:80:2E:36:42:44:CD:C7:96:30:9F:F1:01:66:47:E1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DD2AE823B921FB31E0BE0CF4B89026DC8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5LtlirSALjZCRM3HljCf8QFmR-E.roa
Signing time: Thu 22 Feb 2024 21:17:48 +0000
ROA not before: Thu 22 Feb 2024 21:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 194.87.245.0/24 maxlen: 24
212.192.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 07:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:ae:82:3b:92:1f:b3:1e:0b:e0:cf:4b:89:02:6d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 22 21:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4bb658ab4802e364244cdc796309ff1016647e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:fe:6c:9a:65:3e:10:c4:e1:ee:c5:db:b2:
3f:bc:16:02:a7:9a:4e:d2:a2:7c:8a:68:6d:87:56:
e9:ed:25:9b:57:5c:4a:ef:c6:59:2d:87:cd:17:fa:
0f:1f:e6:c4:80:d8:b4:bd:08:e3:45:00:77:f7:4d:
7a:77:9f:20:34:19:a7:3c:d6:f1:a7:80:38:58:c6:
24:e0:aa:9a:08:ce:90:b0:23:6d:dc:17:67:40:b6:
fb:89:6b:95:fb:df:3b:ae:35:f4:4e:c7:7e:dd:b4:
26:18:3a:66:9a:2f:47:df:e0:8f:10:48:8d:a2:c3:
9b:89:ab:3d:64:ec:0d:73:64:a2:da:05:ad:8b:f2:
86:36:a1:33:46:f6:a9:73:70:18:01:23:21:3c:f3:
c9:a1:d7:1f:3c:90:5a:e9:cd:3f:80:b2:df:0e:2d:
da:ea:51:dc:02:d8:bf:c4:57:c0:72:e6:d4:8d:c1:
1f:16:cd:37:29:9f:76:76:7e:aa:7f:06:af:63:05:
99:7c:c7:68:4d:f9:c8:01:8f:f7:8f:8c:f2:f9:81:
d5:7e:a2:0c:ea:24:4e:20:1c:a2:c9:4e:ff:d6:65:
d5:36:a9:d4:12:94:2f:97:ab:71:25:28:b1:06:1b:
43:f3:9e:e9:9d:62:76:6f:d3:1e:6e:20:45:13:f9:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BB:65:8A:B4:80:2E:36:42:44:CD:C7:96:30:9F:F1:01:66:47:E1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5LtlirSALjZCRM3HljCf8QFmR-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.245.0/24
212.192.213.0/24
Signature Algorithm: sha256WithRSAEncryption
54:16:24:a2:12:c4:2d:9a:af:e4:72:bc:63:9d:42:56:40:ad:
17:62:17:50:73:68:35:ca:7e:88:db:12:95:86:f8:31:16:6b:
cc:75:6e:4b:09:8e:88:df:aa:e3:97:ed:e0:3d:92:c1:e2:2b:
58:c4:21:e5:11:0b:12:7c:31:b4:55:c9:31:9a:cc:0a:a3:de:
66:1e:c5:bc:f3:9c:18:50:d0:b8:a1:b6:d1:bb:c6:2c:f7:8e:
e2:c8:99:cb:c0:eb:9e:d9:13:64:6d:ea:85:72:30:45:76:46:
c2:fd:0d:11:b0:46:71:6c:c6:62:3d:10:e6:7c:27:3a:2c:59:
53:27:f3:cc:06:de:e8:40:2b:29:7d:db:74:38:de:28:87:42:
5e:ec:7c:20:16:1c:0e:f7:27:b4:af:d9:2f:7a:a0:b3:82:cb:
d0:4a:b5:41:3e:54:89:7f:55:e9:d7:bf:86:fe:fa:13:35:28:
f4:90:80:72:77:ef:42:4a:73:b3:93:b2:c6:e9:db:c2:78:85:
56:32:2d:90:d1:74:a3:66:0e:56:e1:d8:4c:88:49:48:3d:3d:
4a:5d:06:77:90:7c:bf:ea:69:25:15:e3:7d:bd:6a:1b:62:20:
73:c4:f2:06:fc:b5:dc:d3:65:69:44:93:64:11:28:51:08:09:
46:c0:23:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3SroI7kh+zHgvgz0uJAm3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIyMjExNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGJiNjU4YWI0ODAyZTM2NDI0NGNkYzc5NjMwOWZmMTAxNjY0N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeH+bJplPhDE4e7F27I/vBYCp5pO
0qJ8imhth1bp7SWbV1xK78ZZLYfNF/oPH+bEgNi0vQjjRQB39016d58gNBmnPNbx
p4A4WMYk4KqaCM6QsCNt3BdnQLb7iWuV+987rjX0Tsd+3bQmGDpmmi9H3+CPEEiN
osObias9ZOwNc2Si2gWti/KGNqEzRvapc3AYASMhPPPJodcfPJBa6c0/gLLfDi3a
6lHcAti/xFfAcubUjcEfFs03KZ92dn6qfwavYwWZfMdoTfnIAY/3j4zy+YHVfqIM
6iROIByiyU7/1mXVNqnUEpQvl6txJSixBhtD857pnWJ2b9MebiBFE/nGmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOS7ZYq0gC42QkTNx5Ywn/EBZkfhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNUx0bGlyU0FMalpDUk0zSGxqQ2Y4UUZtUi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlf1AwQA
1MDVMA0GCSqGSIb3DQEBCwUAA4IBAQBUFiSiEsQtmq/kcrxjnUJWQK0XYhdQc2g1
yn6I2xKVhvgxFmvMdW5LCY6I36rjl+3gPZLB4itYxCHlEQsSfDG0VckxmswKo95m
HsW885wYUNC4obbRu8Ys947iyJnLwOue2RNkbeqFcjBFdkbC/Q0RsEZxbMZiPRDm
fCc6LFlTJ/PMBt7oQCspfdt0ON4oh0Je7HwgFhwO9ye0r9kveqCzgsvQSrVBPlSJ
f1Xp17+G/voTNSj0kIByd+9CSnOzk7LG6dvCeIVWMi2Q0XSjZg5W4dhMiElIPT1K
XQZ3kHy/6mklFeN9vWobYiBzxPIG/LXc02VpRJNkEShRCAlGwCOe
-----END CERTIFICATE-----
Generated at Fri Feb 23 10:45:46 2024 by rpki-client on console-fra.rpki-client.org