Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8c9GXk8HOqJsYbyFAxH11zzokls.roa
File: 8c9GXk8HOqJsYbyFAxH11zzokls.roa (raw, json)
Hash identifier: Q8yoHC/Bfs6rOI3Q0NL21pMBPTTqNTKKhvnA2qaIURc=
Subject key identifier: F1:CF:46:5E:4F:07:3A:A2:6C:61:BC:85:03:11:F5:D7:3C:E8:92:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66FD96CACD9B8E7A7D28F5EE5CDB75
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8c9GXk8HOqJsYbyFAxH11zzokls.roa
Signing time: Sun 01 Jan 2023 22:14:58 +0000
ROA not before: Sun 01 Jan 2023 22:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 194.87.6.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:fd:96:ca:cd:9b:8e:7a:7d:28:f5:ee:5c:db:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1cf465e4f073aa26c61bc850311f5d73ce8925b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c0:68:ba:89:8f:29:17:e4:79:26:a9:77:5e:
35:f4:b9:ea:0b:3d:4a:4e:17:ab:b7:4b:7b:fa:ec:
ae:95:a7:49:b8:23:ef:cf:36:73:fc:16:6e:f6:e9:
a1:e2:ef:43:7d:3d:50:e9:a8:89:fa:9c:46:35:24:
af:46:77:82:31:02:4f:db:43:f6:3e:ae:51:60:3c:
5c:5f:5f:de:8e:a4:b5:5a:59:1f:a3:fb:b4:ac:bc:
1d:cd:71:ef:29:5c:72:9f:07:38:b1:96:9d:70:40:
4d:a6:5e:42:23:b0:5d:7e:4a:71:46:a4:2e:ef:79:
d1:74:09:88:a7:20:cc:47:8a:3d:76:ee:8a:9f:7b:
65:b6:86:00:fb:56:0f:82:eb:36:00:89:87:8c:c2:
b1:8c:f3:d1:55:50:7a:80:32:4d:c4:5d:fb:12:65:
9e:0c:4d:86:f6:df:b1:3c:23:ad:e9:03:4d:51:b0:
2d:43:44:3b:c0:0d:21:d3:dd:2d:3c:05:b4:01:fa:
46:8a:e1:b7:2f:18:84:29:50:90:24:6d:4c:d0:20:
2d:62:07:29:af:4b:e1:80:6d:6a:59:12:2d:dc:b9:
07:da:cf:5a:8e:1e:7f:9d:7d:ea:b2:52:e1:0e:58:
07:05:e7:5c:cb:13:bb:76:ee:06:d9:ad:f4:e2:b1:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CF:46:5E:4F:07:3A:A2:6C:61:BC:85:03:11:F5:D7:3C:E8:92:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8c9GXk8HOqJsYbyFAxH11zzokls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.6.0/24
194.87.119.0/24
194.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:b0:fa:7b:67:bd:d4:fe:54:fc:af:2a:7c:34:d9:32:35:cb:
88:60:da:c9:76:86:3b:8f:bd:5a:fe:e8:a2:4d:0d:bc:69:12:
fe:6c:9e:c4:b6:7f:e8:82:15:3f:30:2c:76:17:83:73:03:dd:
3d:02:3f:cd:b1:16:92:b2:2e:e3:dc:79:c0:13:82:97:29:43:
22:58:51:02:4f:e2:30:4b:36:92:21:8a:90:ff:74:2b:6b:3f:
82:3d:53:99:7c:81:93:2d:87:e4:84:5f:81:c4:d6:75:ce:8b:
5c:02:14:81:41:ad:a0:e1:1e:d8:fb:c7:a4:04:c1:58:c7:28:
8a:39:fb:b1:01:e7:9b:a6:3f:be:c5:a1:f7:0e:dc:cc:0d:6f:
37:62:ff:fd:6e:de:90:39:2b:00:8f:8b:83:61:23:18:3a:a1:
69:c4:df:54:d4:30:62:46:e6:72:3f:8a:b8:fe:fa:97:04:66:
f5:2e:cb:fb:33:76:de:8b:5f:5a:84:3e:7b:c2:1f:df:ec:a6:
0f:b2:ba:46:b8:c1:63:4e:ef:6a:54:39:3c:55:f6:0b:91:6c:
f4:5c:6b:90:c8:65:ba:0d:74:04:b9:63:bb:20:1a:4e:41:f4:
a6:93:c6:0b:4a:e2:cc:89:c5:a8:0e:d4:27:f4:ad:56:74:27:
0c:8b:54:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZv2Wys2bjnp9KPXuXNt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNmNDY1ZTRmMDczYWEyNmM2MWJjODUwMzExZjVkNzNjZTg5MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8BouomPKRfkeSapd1419LnqCz1K
Thert0t7+uyuladJuCPvzzZz/BZu9umh4u9DfT1Q6aiJ+pxGNSSvRneCMQJP20P2
Pq5RYDxcX1/ejqS1Wlkfo/u0rLwdzXHvKVxynwc4sZadcEBNpl5CI7BdfkpxRqQu
73nRdAmIpyDMR4o9du6Kn3tltoYA+1YPgus2AImHjMKxjPPRVVB6gDJNxF37EmWe
DE2G9t+xPCOt6QNNUbAtQ0Q7wA0h090tPAW0AfpGiuG3LxiEKVCQJG1M0CAtYgcp
r0vhgG1qWRIt3LkH2s9ajh5/nX3qslLhDlgHBedcyxO7du4G2a304rEXfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPHPRl5PBzqibGG8hQMR9dc86JJbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOGM5R1hrOEhPcUpzWWJ5RkF4SDExenpva2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcGAwQA
wld3AwQAwlfeMA0GCSqGSIb3DQEBCwUAA4IBAQB7sPp7Z73U/lT8ryp8NNkyNcuI
YNrJdoY7j71a/uiiTQ28aRL+bJ7Etn/oghU/MCx2F4NzA909Aj/NsRaSsi7j3HnA
E4KXKUMiWFECT+IwSzaSIYqQ/3Qraz+CPVOZfIGTLYfkhF+BxNZ1zotcAhSBQa2g
4R7Y+8ekBMFYxyiKOfuxAeebpj++xaH3DtzMDW83Yv/9bt6QOSsAj4uDYSMYOqFp
xN9U1DBiRuZyP4q4/vqXBGb1Lsv7M3bei19ahD57wh/f7KYPsrpGuMFjTu9qVDk8
VfYLkWz0XGuQyGW6DXQEuWO7IBpOQfSmk8YLSuLMicWoDtQn9K1WdCcMi1T1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org