Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6pGc4cP-KFf8R4FT4Ig_GIAcF2U.roa
File: 6pGc4cP-KFf8R4FT4Ig_GIAcF2U.roa (raw, json)
Hash identifier: f2mn1aKeIPmVOgtAZoNG5NTrdn9kJgFDqcuHrjFwA00=
Subject key identifier: EA:91:9C:E1:C3:FE:28:57:FC:47:81:53:E0:88:3F:18:80:1C:17:65
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D649B0188B03245A0C0BB24AF310374BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6pGc4cP-KFf8R4FT4Ig_GIAcF2U.roa
Signing time: Thu 01 Feb 2024 12:18:16 +0000
ROA not before: Thu 01 Feb 2024 12:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147287
IP address blocks: 194.87.142.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 17:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:9b:01:88:b0:32:45:a0:c0:bb:24:af:31:03:74:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 1 12:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea919ce1c3fe2857fc478153e0883f18801c1765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:75:60:10:f5:d0:8a:7c:80:e0:f5:84:a5:a9:
5a:bb:7d:91:b8:e6:0f:70:9f:97:10:25:9d:16:78:
9a:cf:16:f2:0f:aa:de:d7:d2:33:a4:39:99:17:10:
c3:cb:7e:1f:f4:49:5a:f0:e3:70:6a:06:6e:46:e7:
ce:03:06:bb:57:d0:d2:52:cf:03:2e:0a:af:a9:75:
dc:e6:90:a1:b8:9c:1e:83:57:7d:b6:cd:2b:30:46:
f7:5a:21:70:04:e7:b4:88:6f:24:42:92:8f:a1:51:
9f:79:64:db:e1:7d:ad:ad:9b:5e:9e:d7:fa:d4:81:
2a:32:a4:87:86:9b:3d:c3:16:67:7a:34:40:b9:5f:
e3:43:ce:09:e2:51:a8:cf:87:f8:c8:4d:f7:54:d2:
0f:68:a0:2a:82:bb:e4:20:67:6b:46:cd:82:2e:f2:
8e:90:e7:9d:de:9a:6d:1b:12:80:9d:c0:bf:ee:73:
29:7c:ce:f9:64:ea:56:58:f0:2a:17:37:46:c9:ed:
82:1e:6a:7e:2a:e8:7e:7a:3b:1b:30:d3:75:7d:6a:
a8:0b:fa:75:3a:65:6f:4a:40:ee:0e:46:ec:29:b6:
c4:72:fe:2b:ee:0b:57:0d:49:5c:47:43:1e:8c:5b:
34:68:15:3c:78:b2:18:16:8a:3b:c4:af:51:f8:2f:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:91:9C:E1:C3:FE:28:57:FC:47:81:53:E0:88:3F:18:80:1C:17:65
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6pGc4cP-KFf8R4FT4Ig_GIAcF2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.142.0/24
195.133.78.0/24
Signature Algorithm: sha256WithRSAEncryption
94:2a:26:44:e7:f7:07:69:93:83:f0:40:b8:28:12:68:62:b1:
ae:8f:81:fa:91:65:79:27:3b:60:ac:f2:8a:27:6c:07:5c:bb:
8f:7b:27:c2:9b:9a:3e:fc:e3:ad:90:49:67:ce:95:b6:9b:29:
03:6d:38:a0:76:e5:4b:8c:4f:ea:ee:39:f8:65:0c:cc:aa:6b:
17:99:8e:98:3a:fc:7d:10:87:6a:c5:e1:28:a7:47:cb:6d:ff:
16:c5:71:52:ad:db:c1:21:bd:ce:13:f9:fb:e1:07:85:6e:05:
97:92:4c:b5:08:e3:87:79:a5:64:e9:cb:1f:87:26:0f:10:a2:
78:73:7c:ff:cf:af:e0:57:e7:04:f5:4b:41:1a:77:63:88:03:
39:9a:56:8d:5a:f2:25:51:52:c6:49:09:92:43:99:fc:3e:fc:
53:f8:de:06:23:e2:a7:57:41:dc:d1:56:1b:fc:f5:e3:80:e3:
91:b7:66:49:f0:c8:5f:d6:0a:07:e1:cf:70:f7:9d:90:e5:4d:
5c:f7:8d:24:60:58:f4:58:bb:d7:2d:db:7c:e0:63:08:16:1d:
73:75:6c:40:e8:1a:20:67:ef:19:b6:25:92:58:b8:37:d5:b0:
26:4d:5b:7f:87:12:87:2e:ea:37:4b:0e:92:1c:40:85:09:64:
08:42:0c:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1kmwGIsDJFoMC7JK8xA3S7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAxMTIxODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkxOWNlMWMzZmUyODU3ZmM0NzgxNTNlMDg4M2YxODgwMWMxNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnVgEPXQinyA4PWEpalau32RuOYP
cJ+XECWdFniazxbyD6re19IzpDmZFxDDy34f9Ela8ONwagZuRufOAwa7V9DSUs8D
LgqvqXXc5pChuJweg1d9ts0rMEb3WiFwBOe0iG8kQpKPoVGfeWTb4X2trZtentf6
1IEqMqSHhps9wxZnejRAuV/jQ84J4lGoz4f4yE33VNIPaKAqgrvkIGdrRs2CLvKO
kOed3pptGxKAncC/7nMpfM75ZOpWWPAqFzdGye2CHmp+Kuh+ejsbMNN1fWqoC/p1
OmVvSkDuDkbsKbbEcv4r7gtXDUlcR0MejFs0aBU8eLIYFoo7xK9R+C8RBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOqRnOHD/ihX/EeBU+CIPxiAHBdlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNnBHYzRjUC1LRmY4UjRGVDRJZ19HSUFjRjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwleOAwQA
w4VOMA0GCSqGSIb3DQEBCwUAA4IBAQCUKiZE5/cHaZOD8EC4KBJoYrGuj4H6kWV5
JztgrPKKJ2wHXLuPeyfCm5o+/OOtkElnzpW2mykDbTigduVLjE/q7jn4ZQzMqmsX
mY6YOvx9EIdqxeEop0fLbf8WxXFSrdvBIb3OE/n74QeFbgWXkky1COOHeaVk6csf
hyYPEKJ4c3z/z6/gV+cE9UtBGndjiAM5mlaNWvIlUVLGSQmSQ5n8PvxT+N4GI+Kn
V0Hc0VYb/PXjgOORt2ZJ8Mhf1goH4c9w952Q5U1c940kYFj0WLvXLdt84GMIFh1z
dWxA6BogZ+8ZtiWSWLg31bAmTVt/hxKHLuo3Sw6SHECFCWQIQgw4
-----END CERTIFICATE-----
Generated at Mon Feb 19 21:07:41 2024 by rpki-client on console-fra.rpki-client.org