Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AflqKTbNxaEPKTf-dDiNYnFtIoY.roa
File: AflqKTbNxaEPKTf-dDiNYnFtIoY.roa (raw, json)
Hash identifier: l/378I/dPIzjg3zUiejMxaaB9vnbtEBBXsRQKHW7+/E=
Subject key identifier: 01:F9:6A:29:36:CD:C5:A1:0F:29:37:FE:74:38:8D:62:71:6D:22:86
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BED107898D0FA7C5BC85A2CD210D45E25
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AflqKTbNxaEPKTf-dDiNYnFtIoY.roa
Signing time: Mon 20 Nov 2023 14:09:21 +0000
ROA not before: Mon 20 Nov 2023 14:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197789
IP address blocks: 194.87.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:10:78:98:d0:fa:7c:5b:c8:5a:2c:d2:10:d4:5e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 20 14:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f96a2936cdc5a10f2937fe74388d62716d2286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:01:ab:7e:4c:38:ef:5a:74:4b:ed:a0:47:
e1:0d:63:0c:7b:43:36:7c:24:51:ae:b8:85:c2:de:
a6:31:68:96:f3:55:4c:3a:96:b2:f4:05:ca:1a:43:
2e:62:d2:ba:41:b5:6f:7f:87:88:d4:34:a8:22:27:
f3:05:c8:31:fd:5e:85:4f:5a:61:fc:7d:d0:e1:4f:
7f:f1:14:ae:6c:d2:96:48:a5:3c:40:c5:45:5c:26:
82:59:8b:aa:0f:9d:af:51:8d:4e:9f:b1:f2:91:70:
f4:89:e2:b4:c2:b9:ae:d5:ce:c0:79:95:68:a8:60:
6a:bd:c9:a1:60:60:ba:58:fd:13:95:1e:88:cc:8f:
01:fa:82:c0:b3:c8:d4:b1:e9:ed:d4:86:7b:ab:25:
53:d4:64:5b:73:fe:61:8b:09:ed:1a:e6:ea:e7:d7:
c8:8b:23:99:58:3f:6d:b5:39:a8:b8:fc:36:e1:7d:
6b:fc:e6:89:2c:a5:13:5f:bd:79:a9:2b:a0:a3:11:
1b:28:c9:c2:41:34:0c:ef:4b:46:f0:f8:15:34:0b:
76:c4:ca:9c:71:f9:65:a9:18:fc:08:9b:8c:f4:dc:
28:33:0f:be:61:d1:e0:c3:56:4e:aa:72:c8:10:4e:
19:57:07:e4:58:95:5d:db:27:d5:ed:7d:64:9e:0e:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F9:6A:29:36:CD:C5:A1:0F:29:37:FE:74:38:8D:62:71:6D:22:86
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AflqKTbNxaEPKTf-dDiNYnFtIoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.54.0/24
Signature Algorithm: sha256WithRSAEncryption
98:cd:cc:59:e5:de:e4:09:9f:66:0e:dc:4f:fc:87:28:2a:c1:
be:94:8c:b2:ce:fb:d9:57:9b:97:81:97:c9:29:52:67:74:86:
c2:c8:72:bc:04:4b:03:c4:75:bd:c2:00:88:68:e9:99:15:53:
5d:db:93:4e:24:e2:0c:73:d0:8e:28:8d:a3:47:30:eb:25:e2:
d7:d5:51:64:37:2f:bb:2a:c8:0f:63:03:d9:49:d5:20:c5:22:
0e:5f:eb:3b:ac:7b:22:2b:04:ed:2b:da:7b:57:ec:88:83:a6:
ab:c5:e0:a9:2f:69:66:c4:a9:40:2c:b6:29:d0:42:80:31:20:
1c:4d:67:33:b0:e9:49:9c:80:71:dc:98:a5:3d:75:bd:5a:36:
2b:3c:47:9b:02:00:85:f0:9e:0d:41:8e:c1:dc:43:1f:7c:a7:
4c:b2:1b:cb:82:f9:54:d3:bd:86:4b:58:0a:ce:87:7f:96:f5:
f3:10:cc:26:70:7d:23:da:79:a8:d8:62:ca:ca:40:08:79:8e:
54:42:97:d4:34:0c:ea:f7:1b:7b:eb:92:cb:34:50:ca:e6:16:
f3:d7:8b:ba:df:73:22:20:21:02:ee:21:1b:46:8c:e4:24:06:
61:a2:b2:37:fb:9d:15:93:c2:9b:d0:cc:97:cc:b4:73:44:c8:
b8:87:06:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvtEHiY0Pp8W8haLNIQ1F4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIwMTQwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY5NmEyOTM2Y2RjNWExMGYyOTM3ZmU3NDM4OGQ2MjcxNmQyMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQsBq35MOO9adEvtoEfhDWMMe0M2
fCRRrriFwt6mMWiW81VMOpay9AXKGkMuYtK6QbVvf4eI1DSoIifzBcgx/V6FT1ph
/H3Q4U9/8RSubNKWSKU8QMVFXCaCWYuqD52vUY1On7HykXD0ieK0wrmu1c7AeZVo
qGBqvcmhYGC6WP0TlR6IzI8B+oLAs8jUsent1IZ7qyVT1GRbc/5hiwntGubq59fI
iyOZWD9ttTmouPw24X1r/OaJLKUTX715qSugoxEbKMnCQTQM70tG8PgVNAt2xMqc
cfllqRj8CJuM9NwoMw++YdHgw1ZOqnLIEE4ZVwfkWJVd2yfV7X1kng66uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAH5aik2zcWhDyk3/nQ4jWJxbSKGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWZscUtUYk54YUVQS1RmLWREaU5ZbkZ0SW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlc2MA0G
CSqGSIb3DQEBCwUAA4IBAQCYzcxZ5d7kCZ9mDtxP/IcoKsG+lIyyzvvZV5uXgZfJ
KVJndIbCyHK8BEsDxHW9wgCIaOmZFVNd25NOJOIMc9COKI2jRzDrJeLX1VFkNy+7
KsgPYwPZSdUgxSIOX+s7rHsiKwTtK9p7V+yIg6arxeCpL2lmxKlALLYp0EKAMSAc
TWczsOlJnIBx3JilPXW9WjYrPEebAgCF8J4NQY7B3EMffKdMshvLgvlU072GS1gK
zod/lvXzEMwmcH0j2nmo2GLKykAIeY5UQpfUNAzq9xt765LLNFDK5hbz14u633Mi
ICEC7iEbRozkJAZhorI3+50Vk8Kb0MyXzLRzRMi4hwYZ
-----END CERTIFICATE-----
Generated at Sat Dec 9 11:57:35 2023 by rpki-client on console-ams.rpki-client.org