Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87mNOw4Wwm6xBYw1pigcEWL_zq4.roa
File: 87mNOw4Wwm6xBYw1pigcEWL_zq4.roa (raw, json)
Hash identifier: 1Zxt9aiR9t17okLGNISzTyjjAPc2mnWas61FS6isL18=
Subject key identifier: F3:B9:8D:3B:0E:16:C2:6E:B1:05:8C:35:A6:28:1C:11:62:FF:CE:AE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01887BC5ADDEE32FB36F0F0227BD641D49AA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87mNOw4Wwm6xBYw1pigcEWL_zq4.roa
Signing time: Fri 02 Jun 2023 11:02:12 +0000
ROA not before: Fri 02 Jun 2023 11:02:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 195.133.84.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 11:46:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:c5:ad:de:e3:2f:b3:6f:0f:02:27:bd:64:1d:49:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 2 11:02:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3b98d3b0e16c26eb1058c35a6281c1162ffceae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:34:b2:53:51:fb:73:5d:db:d2:65:f6:40:
fa:0d:e8:7d:ac:d8:56:64:67:93:56:5d:62:fd:ef:
3a:50:ab:98:54:34:d2:6e:9b:bc:1f:f8:e1:5d:ff:
1a:62:43:cf:f3:46:e0:c7:ed:e6:9d:3a:22:8a:09:
a9:b0:f7:a1:a1:1b:b7:e1:ed:bb:3b:10:6d:a7:6e:
96:40:c4:18:7a:b6:32:88:be:58:0c:11:70:7d:f7:
ad:5a:f2:35:11:a8:57:b7:d8:b4:e0:c3:0f:67:b9:
d2:ad:92:8e:be:42:31:38:63:b3:26:ab:15:54:07:
fa:1d:6f:d8:30:07:6e:0f:16:29:b5:b7:93:72:18:
0d:4a:89:bd:21:a5:60:38:eb:e4:b3:03:7b:f6:d4:
3c:da:31:21:c9:4e:c8:0f:30:df:ec:03:ce:41:6e:
5e:0d:17:22:34:05:f8:48:4b:4f:1d:f9:46:08:f4:
c5:4c:d5:5b:61:2a:af:3f:73:15:68:c9:5b:43:f9:
0f:f1:90:a8:ef:44:a2:e3:03:1e:6c:00:2b:6c:be:
42:7b:ea:9d:a2:5f:5c:14:fe:a2:25:21:d3:cd:17:
c9:eb:e7:0a:20:1a:56:1a:2a:0e:dc:5f:ff:35:d3:
88:f6:bc:c5:41:a7:69:6d:67:72:cf:cd:e5:c5:2f:
6e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B9:8D:3B:0E:16:C2:6E:B1:05:8C:35:A6:28:1C:11:62:FF:CE:AE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87mNOw4Wwm6xBYw1pigcEWL_zq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.91.0/24
194.87.188.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
83:d7:95:ac:3e:56:f8:da:98:8c:00:02:7a:91:51:dc:19:e8:
00:4e:56:d7:17:a8:e5:e2:b6:c5:a8:c4:3b:2a:2d:78:f1:69:
4a:0e:44:22:f0:c8:7f:40:8a:70:53:c0:31:ac:19:fb:e0:c9:
ec:45:27:fe:c3:80:55:f4:9f:9c:48:01:b9:93:b0:30:cc:5c:
2f:12:c3:71:c0:c2:57:61:4b:17:0e:dc:b7:36:5e:a5:c4:b3:
4a:59:2c:d5:0e:4f:e4:dc:cd:a4:8a:06:78:3a:28:32:83:11:
6b:28:52:3c:eb:e2:51:ec:7e:bb:c5:ba:2c:6c:67:f0:0f:a7:
fc:68:12:e1:6d:3f:ac:3a:d0:bf:02:e8:4d:30:c3:8e:7e:f6:
e2:37:9e:d4:de:76:13:47:03:76:18:5e:76:c4:5c:f6:fe:b4:
67:f4:f8:a9:c9:a9:34:9d:1b:a4:87:30:60:04:e2:dc:0e:ea:
12:48:61:82:be:b8:d4:87:63:ed:8c:0c:a5:41:21:50:4f:af:
55:54:49:7c:44:d5:30:9e:98:ce:97:b3:26:9f:ef:30:22:89:
eb:35:0d:ae:60:b8:9d:7e:8c:2d:7c:ad:ae:59:30:76:b5:67:
00:65:a5:37:73:a6:b0:a1:34:d5:3a:e8:0f:df:ec:cd:2b:c9:
63:bf:97:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh7xa3e4y+zbw8CJ71kHUmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAyMTEwMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I5OGQzYjBlMTZjMjZlYjEwNThjMzVhNjI4MWMxMTYyZmZjZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU00slNR+3Nd29Jl9kD6Deh9rNhW
ZGeTVl1i/e86UKuYVDTSbpu8H/jhXf8aYkPP80bgx+3mnToiigmpsPehoRu34e27
OxBtp26WQMQYerYyiL5YDBFwffetWvI1EahXt9i04MMPZ7nSrZKOvkIxOGOzJqsV
VAf6HW/YMAduDxYptbeTchgNSom9IaVgOOvkswN79tQ82jEhyU7IDzDf7APOQW5e
DRciNAX4SEtPHflGCPTFTNVbYSqvP3MVaMlbQ/kP8ZCo70Si4wMebAArbL5Ce+qd
ol9cFP6iJSHTzRfJ6+cKIBpWGioO3F//NdOI9rzFQadpbWdyz83lxS9umwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPO5jTsOFsJusQWMNaYoHBFi/86uMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvODdtTk93NFd3bTZ4Qll3MXBpZ2NFV0xfenE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwldbAwQA
wle8AwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQCD15WsPlb42piMAAJ6kVHcGegA
TlbXF6jl4rbFqMQ7Ki148WlKDkQi8Mh/QIpwU8AxrBn74MnsRSf+w4BV9J+cSAG5
k7AwzFwvEsNxwMJXYUsXDty3Nl6lxLNKWSzVDk/k3M2kigZ4OigygxFrKFI86+JR
7H67xbosbGfwD6f8aBLhbT+sOtC/AuhNMMOOfvbiN57U3nYTRwN2GF52xFz2/rRn
9Pipyak0nRukhzBgBOLcDuoSSGGCvrjUh2PtjAylQSFQT69VVEl8RNUwnpjOl7Mm
n+8wIonrNQ2uYLidfowtfK2uWTB2tWcAZaU3c6awoTTVOugP3+zNK8ljv5e7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org