Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qtVyBt4rYs9Mv5v1j_qUf-0R3Q.roa
File: 9qtVyBt4rYs9Mv5v1j_qUf-0R3Q.roa (raw, json)
Hash identifier: pz77wYLpicCrQRd1SkI08kEtX2f+O7FTcSM88XF+d/c=
Subject key identifier: F6:AB:55:C8:1B:78:AD:8B:3D:32:FE:6F:D6:3F:EA:51:FF:B4:47:74
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F671C7C4E98352075EF7895734B995C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qtVyBt4rYs9Mv5v1j_qUf-0R3Q.roa
Signing time: Sun 01 Jan 2023 22:15:06 +0000
ROA not before: Sun 01 Jan 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 266169
IP address blocks: 194.87.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:1c:7c:4e:98:35:20:75:ef:78:95:73:4b:99:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6ab55c81b78ad8b3d32fe6fd63fea51ffb44774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:eb:a7:ba:6b:94:ac:33:a6:e5:59:fb:da:
92:c1:42:9c:00:71:65:1d:2b:b6:31:02:62:85:72:
9b:c0:3e:58:a0:58:01:2c:b4:fa:d3:c8:bd:0b:80:
e5:bc:f6:11:56:e3:81:a9:86:d3:8e:ae:7a:b4:f4:
a8:28:68:d2:c2:3c:7e:b8:c5:ee:41:34:37:74:fe:
83:33:ad:2c:8d:1e:ae:00:df:aa:dd:a3:3f:52:ee:
93:d5:c2:53:48:09:cc:d2:ee:a3:20:06:72:b8:6a:
47:02:c7:f6:6f:d8:12:e7:51:9d:a3:03:c3:14:7c:
ff:10:95:7f:bf:fa:82:58:8a:c4:13:85:3b:93:3a:
72:0c:a3:0d:c7:af:b1:3c:ee:27:d0:89:3d:d6:74:
92:2b:43:a3:6a:58:56:df:4d:c1:40:a5:fe:ac:7a:
93:03:52:a0:40:ab:eb:e5:45:b0:6b:91:14:2f:ec:
4b:bc:85:cc:a2:ad:ec:93:52:74:91:07:fa:19:14:
ad:a1:01:48:ba:03:ef:88:97:a5:e7:aa:01:ea:cc:
bb:af:01:af:d7:d7:ec:4a:ed:48:a2:3f:c7:67:67:
f8:77:e9:7b:21:8e:1d:61:af:af:83:ac:3c:05:49:
1c:a6:61:55:10:44:bc:9c:91:c4:8f:e9:f0:33:c8:
fa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:AB:55:C8:1B:78:AD:8B:3D:32:FE:6F:D6:3F:EA:51:FF:B4:47:74
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qtVyBt4rYs9Mv5v1j_qUf-0R3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.164.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4a:b3:08:6d:3c:6a:f9:f4:0c:27:e0:3d:f2:79:ce:ef:d6:
59:52:d7:ba:5c:68:92:68:59:5d:41:47:cd:88:be:99:73:c5:
97:8d:bc:d1:f7:e3:56:60:78:4b:08:2f:91:c5:89:5d:a1:c7:
1b:e0:c7:cb:ce:41:0b:f6:87:ba:3d:30:c4:d3:b2:b7:48:dd:
38:91:67:ad:fc:a1:60:96:b5:c0:c4:d6:23:a9:30:c2:1d:6d:
c5:dd:74:19:f7:75:a7:29:e1:1f:54:e5:2b:09:3b:0d:1b:67:
67:6b:8f:06:7b:1b:76:8c:71:65:ca:13:2b:f8:1c:a8:11:72:
2d:f0:6d:00:93:fc:ff:a4:d3:d7:cb:a6:4e:01:34:63:46:e2:
07:79:2f:9f:2a:50:36:33:81:ae:b9:c2:75:12:22:75:a7:71:
cf:75:7a:47:51:6b:a2:e8:e0:d2:7c:81:64:da:a4:55:90:da:
e1:a1:ca:c9:60:0f:13:0e:2b:f5:ad:fa:c8:71:a0:a5:dc:b7:
d4:bd:ca:36:19:fc:8c:be:06:72:5a:1f:f9:88:48:79:cd:ef:
1a:65:4c:e2:6b:c4:26:3b:b5:f6:1b:29:6f:46:b5:de:ed:69:
79:5f:c5:a7:00:37:e4:e2:20:8b:f6:e3:51:76:78:e0:af:74:
19:e4:44:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZxx8Tpg1IHXveJVzS5lcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmFiNTVjODFiNzhhZDhiM2QzMmZlNmZkNjNmZWE1MWZmYjQ0Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqHrp7prlKwzpuVZ+9qSwUKcAHFl
HSu2MQJihXKbwD5YoFgBLLT608i9C4DlvPYRVuOBqYbTjq56tPSoKGjSwjx+uMXu
QTQ3dP6DM60sjR6uAN+q3aM/Uu6T1cJTSAnM0u6jIAZyuGpHAsf2b9gS51GdowPD
FHz/EJV/v/qCWIrEE4U7kzpyDKMNx6+xPO4n0Ik91nSSK0OjalhW303BQKX+rHqT
A1KgQKvr5UWwa5EUL+xLvIXMoq3sk1J0kQf6GRStoQFIugPviJel56oB6sy7rwGv
19fsSu1Ioj/HZ2f4d+l7IY4dYa+vg6w8BUkcpmFVEES8nJHEj+nwM8j6zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFParVcgbeK2LPTL+b9Y/6lH/tEd0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOXF0VnlCdDRyWXM5TXY1djFqX3FVZi0wUjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlekMA0G
CSqGSIb3DQEBCwUAA4IBAQApSrMIbTxq+fQMJ+A98nnO79ZZUte6XGiSaFldQUfN
iL6Zc8WXjbzR9+NWYHhLCC+RxYldoccb4MfLzkEL9oe6PTDE07K3SN04kWet/KFg
lrXAxNYjqTDCHW3F3XQZ93WnKeEfVOUrCTsNG2dna48Gext2jHFlyhMr+ByoEXIt
8G0Ak/z/pNPXy6ZOATRjRuIHeS+fKlA2M4GuucJ1EiJ1p3HPdXpHUWui6ODSfIFk
2qRVkNrhocrJYA8TDiv1rfrIcaCl3LfUvco2GfyMvgZyWh/5iEh5ze8aZUzia8Qm
O7X2GylvRrXe7Wl5X8WnADfk4iCL9uNRdnjgr3QZ5ESn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org