Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8YHf_x7qDPDwbvIPAieM5rI5BRs.roa
File: 8YHf_x7qDPDwbvIPAieM5rI5BRs.roa (raw, json)
Hash identifier: A/NK/aD45rkG0PHY+X2W6Z7wqyRukVcIE2Nz8y6MTns=
Subject key identifier: F1:81:DF:FF:1E:EA:0C:F0:F0:6E:F2:0F:02:27:8C:E6:B2:39:05:1B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C6D766B0EA9B9EA43EF1C78D53AF4CB58
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8YHf_x7qDPDwbvIPAieM5rI5BRs.roa
Signing time: Fri 15 Dec 2023 12:32:06 +0000
ROA not before: Fri 15 Dec 2023 12:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 194.135.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:76:6b:0e:a9:b9:ea:43:ef:1c:78:d5:3a:f4:cb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 15 12:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f181dfff1eea0cf0f06ef20f02278ce6b239051b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:cb:c8:5d:21:ed:2a:cf:47:6e:53:dd:79:
37:65:ee:98:48:c3:33:85:d7:7d:2b:32:ca:ce:86:
05:3e:17:98:d4:4f:00:03:30:b6:b4:5b:74:ac:4b:
a0:04:ff:79:94:b6:b6:24:07:61:16:57:f9:34:5a:
d2:5a:35:f7:ba:fa:58:50:4c:f8:e1:3b:9c:59:df:
eb:5b:81:d9:34:37:bb:b4:a3:58:41:62:28:e1:06:
69:92:d7:43:40:b5:cd:e4:8f:8f:f6:8a:bd:3c:b1:
63:5a:71:00:05:60:68:bf:9e:26:10:d2:d7:8b:78:
5c:cb:79:b6:54:20:ef:c5:36:df:4d:9e:15:0c:a5:
3c:f0:fb:80:92:e2:17:a1:ca:c3:dc:e4:9d:e3:24:
ce:70:e2:c9:74:6c:e5:26:e5:db:df:29:11:25:e1:
47:c3:fc:57:72:c0:1c:f4:94:51:8f:82:da:38:ec:
83:b6:07:a8:fa:7f:3b:cd:5a:0a:3f:79:f5:9c:b3:
9e:8d:eb:c8:1b:b2:9d:87:1a:09:d4:6b:8b:d0:e3:
be:67:fa:a2:08:80:4c:e7:07:78:4c:69:7d:ac:0f:
da:79:e8:ef:ee:2c:af:04:6f:51:fe:d9:22:cf:21:
4d:48:3c:38:08:33:20:72:fd:7f:58:88:3e:b1:82:
63:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:81:DF:FF:1E:EA:0C:F0:F0:6E:F2:0F:02:27:8C:E6:B2:39:05:1B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8YHf_x7qDPDwbvIPAieM5rI5BRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.38.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f8:2b:4b:80:77:20:49:62:7d:dc:ee:90:f0:a0:03:66:ad:
bc:61:e4:ec:39:3f:06:be:c4:46:a8:56:98:8d:d6:95:0e:67:
45:c3:0e:e8:94:a3:7b:81:6a:00:28:9f:4b:14:d5:71:92:62:
65:43:54:62:72:d7:85:c3:fb:10:4a:22:ca:c3:78:c2:77:fd:
42:a0:fa:c0:38:60:73:93:61:cb:0f:8e:4a:cc:f2:b8:58:c5:
75:c4:ab:33:27:a5:77:f3:23:6d:c2:f9:4a:30:47:4f:2e:3d:
fc:67:e9:c2:af:6d:96:36:06:69:2e:3e:d3:f9:e5:19:16:1a:
79:d3:7b:d7:98:d6:8f:3b:bf:54:4c:c1:8f:f9:7b:90:c5:0d:
f5:92:41:ec:2a:ad:2c:5d:03:f7:4f:91:30:68:cf:36:f2:99:
bc:63:f4:6a:6f:45:60:1f:ea:48:65:6a:57:ab:43:df:04:9e:
56:d3:d5:46:2b:99:72:be:9a:68:2b:80:1a:95:05:e2:bc:84:
76:9d:b8:43:ff:78:5c:c6:01:4f:e0:2b:50:d7:b5:ed:62:fd:
b5:4d:78:23:9d:7b:4e:00:9c:72:a6:cd:91:5d:6a:48:13:65:
92:79:3c:f1:47:68:79:d5:54:28:f7:0e:0e:2e:71:87:b3:46:
ce:a1:ce:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxtdmsOqbnqQ+8ceNU69MtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE1MTIzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgxZGZmZjFlZWEwY2YwZjA2ZWYyMGYwMjI3OGNlNmIyMzkwNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijfLyF0h7SrPR25T3Xk3Ze6YSMMz
hdd9KzLKzoYFPheY1E8AAzC2tFt0rEugBP95lLa2JAdhFlf5NFrSWjX3uvpYUEz4
4TucWd/rW4HZNDe7tKNYQWIo4QZpktdDQLXN5I+P9oq9PLFjWnEABWBov54mENLX
i3hcy3m2VCDvxTbfTZ4VDKU88PuAkuIXocrD3OSd4yTOcOLJdGzlJuXb3ykRJeFH
w/xXcsAc9JRRj4LaOOyDtgeo+n87zVoKP3n1nLOejevIG7KdhxoJ1GuL0OO+Z/qi
CIBM5wd4TGl9rA/aeejv7iyvBG9R/tkizyFNSDw4CDMgcv1/WIg+sYJj6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGB3/8e6gzw8G7yDwInjOayOQUbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOFlIZl94N3FEUER3YnZJUEFpZU01ckk1QlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwocmMA0G
CSqGSIb3DQEBCwUAA4IBAQAz+CtLgHcgSWJ93O6Q8KADZq28YeTsOT8GvsRGqFaY
jdaVDmdFww7olKN7gWoAKJ9LFNVxkmJlQ1RicteFw/sQSiLKw3jCd/1CoPrAOGBz
k2HLD45KzPK4WMV1xKszJ6V38yNtwvlKMEdPLj38Z+nCr22WNgZpLj7T+eUZFhp5
03vXmNaPO79UTMGP+XuQxQ31kkHsKq0sXQP3T5EwaM828pm8Y/Rqb0VgH+pIZWpX
q0PfBJ5W09VGK5lyvppoK4AalQXivIR2nbhD/3hcxgFP4CtQ17XtYv21TXgjnXtO
AJxyps2RXWpIE2WSeTzxR2h51VQo9w4OLnGHs0bOoc42
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org