Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8I7iG0KQZ3p0icEZU8jyQo89iBI.roa
File: 8I7iG0KQZ3p0icEZU8jyQo89iBI.roa (raw, json)
Hash identifier: jxp37Y6ESN4GUj59w3Kz8XfVhO4X9hLrLoEETTVD5Xs=
Subject key identifier: F0:8E:E2:1B:42:90:67:7A:74:89:C1:19:53:C8:F2:42:8F:3D:88:12
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F873FEC316DCFC3B93A2B487DAC0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8I7iG0KQZ3p0icEZU8jyQo89iBI.roa
Signing time: Sun 01 Jan 2023 22:14:57 +0000
ROA not before: Sun 01 Jan 2023 22:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50321
IP address blocks: 194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 05:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f8:73:fe:c3:16:dc:fc:3b:93:a2:b4:87:da:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f08ee21b4290677a7489c11953c8f2428f3d8812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:25:3f:34:0b:bb:f6:cc:8e:18:97:5d:44:10:
6c:50:42:b1:e3:40:f1:4e:53:72:b2:e5:bf:85:2e:
74:29:b4:64:18:bb:b4:f0:f9:4a:c2:e8:38:a1:b9:
52:45:6a:1a:fb:49:6b:b2:98:b4:a5:09:64:31:49:
a7:c9:6b:b9:3e:c5:be:9d:72:55:f3:9a:88:2d:70:
b5:24:f8:1b:25:0c:2f:5d:d6:ed:d2:88:29:34:b3:
d2:09:16:6e:30:f4:50:1f:13:96:8b:aa:bd:01:f9:
db:5a:97:95:bd:3f:91:23:6f:da:36:93:df:36:06:
a3:94:a9:dc:7f:cf:ae:14:33:9d:ce:2b:4d:9c:93:
81:da:2f:f9:f0:67:d1:8d:3c:29:f4:fe:b2:1c:58:
ed:0a:60:02:27:83:34:a5:07:77:af:0d:f2:99:22:
64:ff:30:0e:36:21:88:61:cd:6c:a9:03:21:27:b6:
23:2d:d1:d3:69:15:37:65:f3:2c:6f:56:68:b4:77:
5d:a7:d3:f6:a1:03:85:62:b3:98:72:32:ea:d6:a4:
60:ca:e9:29:75:b7:62:3f:03:5e:15:57:13:25:b7:
a7:4c:5b:72:21:86:df:ca:3e:0e:7b:7c:0f:de:d3:
38:af:b8:29:ab:14:58:55:6f:dd:a2:20:e6:2c:b0:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8E:E2:1B:42:90:67:7A:74:89:C1:19:53:C8:F2:42:8F:3D:88:12
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8I7iG0KQZ3p0icEZU8jyQo89iBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.30.0/24
212.192.0.0/24
Signature Algorithm: sha256WithRSAEncryption
99:bb:40:c9:03:a5:14:21:59:a5:d0:cd:f2:5f:b9:47:4e:fe:
72:78:e9:64:92:11:bc:fc:fe:fc:50:a6:4b:21:cc:ef:43:eb:
8e:8c:d8:3c:ba:f2:a2:f6:e3:b3:78:96:6d:e0:a5:3e:74:4d:
3c:40:0a:06:83:d1:fb:81:88:31:ee:a4:cf:ba:7b:a0:4d:8c:
08:5c:df:ec:ab:e2:4b:0d:fb:5a:1f:7d:1a:72:fa:9b:56:49:
26:5d:71:ec:3d:93:af:d1:8b:f8:dc:df:33:f6:78:68:70:b1:
c6:04:7a:d0:0f:9a:ed:9b:ff:6f:0e:98:ae:56:1e:49:a1:bc:
81:51:2a:d6:19:56:d1:9d:a5:fc:80:fe:1b:31:6e:88:59:60:
98:42:12:41:a3:7d:1f:3f:74:f4:78:71:e4:33:f7:e5:1c:90:
a0:46:75:a1:be:b4:f0:90:1d:af:6f:b0:96:60:14:c7:1d:2d:
26:cb:6d:7d:79:6b:4c:64:1c:49:9a:79:32:80:b3:fb:29:d0:
18:12:d9:dc:04:84:31:c1:a6:1d:a3:b4:1d:7f:64:f6:80:b7:
6f:c1:ec:86:d8:4d:0d:3f:4b:c6:d9:2f:d8:a5:c9:2f:56:37:
fb:fd:95:bb:96:85:a8:55:0f:f8:52:e6:fa:9f:c7:df:2a:a0:
07:6d:2e:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvhz/sMW3Pw7k6K0h9rAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDhlZTIxYjQyOTA2NzdhNzQ4OWMxMTk1M2M4ZjI0MjhmM2Q4ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CU/NAu79syOGJddRBBsUEKx40Dx
TlNysuW/hS50KbRkGLu08PlKwug4oblSRWoa+0lrspi0pQlkMUmnyWu5PsW+nXJV
85qILXC1JPgbJQwvXdbt0ogpNLPSCRZuMPRQHxOWi6q9AfnbWpeVvT+RI2/aNpPf
NgajlKncf8+uFDOdzitNnJOB2i/58GfRjTwp9P6yHFjtCmACJ4M0pQd3rw3ymSJk
/zAONiGIYc1sqQMhJ7YjLdHTaRU3ZfMsb1ZotHddp9P2oQOFYrOYcjLq1qRgyukp
dbdiPwNeFVcTJbenTFtyIYbfyj4Oe3wP3tM4r7gpqxRYVW/doiDmLLBLwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCO4htCkGd6dInBGVPI8kKPPYgSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOEk3aUcwS1FaM3AwaWNFWlU4anlRbzg5aUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwoceAwQA
1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQCZu0DJA6UUIVml0M3yX7lHTv5yeOlkkhG8
/P78UKZLIczvQ+uOjNg8uvKi9uOzeJZt4KU+dE08QAoGg9H7gYgx7qTPunugTYwI
XN/sq+JLDftaH30acvqbVkkmXXHsPZOv0Yv43N8z9nhocLHGBHrQD5rtm/9vDpiu
Vh5JobyBUSrWGVbRnaX8gP4bMW6IWWCYQhJBo30fP3T0eHHkM/flHJCgRnWhvrTw
kB2vb7CWYBTHHS0my219eWtMZBxJmnkygLP7KdAYEtncBIQxwaYdo7Qdf2T2gLdv
weyG2E0NP0vG2S/YpckvVjf7/ZW7loWoVQ/4Uub6n8ffKqAHbS5v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org