Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D76y4t7XzpMxDCwLECfM0x63DFo.roa
File: D76y4t7XzpMxDCwLECfM0x63DFo.roa (raw, json)
Hash identifier: QOstZOrB6cB7XgflU0m4hsO8MkaWJOWIKetLfNjFURc=
Subject key identifier: 0F:BE:B2:E2:DE:D7:CE:93:31:0C:2C:0B:10:27:CC:D3:1E:B7:0C:5A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D68EC0BF9AFFECC8D918F7102B6CD84C1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D76y4t7XzpMxDCwLECfM0x63DFo.roa
Signing time: Fri 02 Feb 2024 08:25:16 +0000
ROA not before: Fri 02 Feb 2024 08:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 194.87.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 15:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:ec:0b:f9:af:fe:cc:8d:91:8f:71:02:b6:cd:84:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 08:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fbeb2e2ded7ce93310c2c0b1027ccd31eb70c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:78:41:d9:26:3f:01:a3:8c:9c:ed:bc:04:34:
a2:5f:b3:57:98:a2:8d:8b:a7:1d:01:9a:4f:11:5f:
05:72:8b:04:41:e5:a3:3c:96:0e:fb:70:df:ec:54:
aa:4f:72:44:af:fc:33:72:17:03:a3:b4:68:d8:74:
7b:fb:b2:4d:52:f8:94:b7:40:15:af:2e:d9:a4:f0:
f7:35:f8:c7:ab:a9:07:f4:ba:d5:f7:c6:d8:7c:99:
fd:1c:37:75:0c:30:3c:8e:95:08:a8:bc:7a:04:3a:
53:b1:7c:68:90:72:56:17:89:e5:be:54:5f:a8:36:
1b:32:04:18:d7:d4:a5:76:77:97:73:dd:34:5e:10:
16:d9:a7:f5:11:d4:6a:7d:b5:a5:99:8c:c4:b7:a5:
70:d1:a8:84:b4:02:64:93:64:a1:01:7b:ab:30:41:
51:0a:d7:b4:b2:7e:d3:56:a3:20:c2:c0:6d:8f:58:
6f:7a:71:8f:35:38:39:fe:61:b0:25:de:0c:d3:60:
ca:db:c9:ca:90:25:bc:57:b6:dd:aa:98:bd:84:91:
1a:87:7a:64:e7:cc:50:91:2d:1a:c1:68:b8:d1:79:
38:8e:77:13:c0:46:75:d8:bc:81:66:37:60:87:43:
47:94:2d:fa:c9:20:30:fb:ee:c8:d3:c7:5d:52:b5:
7b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BE:B2:E2:DE:D7:CE:93:31:0C:2C:0B:10:27:CC:D3:1E:B7:0C:5A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D76y4t7XzpMxDCwLECfM0x63DFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.169.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5b:ff:ec:86:4b:45:e4:17:84:e0:e1:ef:83:a1:c3:13:ad:
00:3e:04:ed:52:e3:ce:1b:1b:79:0d:91:c4:a3:70:15:d5:70:
32:06:d6:0a:8b:6d:56:0c:99:62:02:fd:14:ca:69:15:0d:3d:
6b:4d:0b:58:82:4f:05:0e:3c:03:e7:88:c4:2b:cb:f6:00:79:
f7:62:2e:4d:d3:4f:c3:ac:ef:64:29:96:8d:7e:85:c0:79:bf:
4c:53:a3:d9:4d:b5:ab:56:da:c9:fa:0d:b9:f1:ad:f7:b8:f1:
7f:e1:fc:ab:91:54:19:01:17:0e:05:de:54:96:69:aa:b3:62:
c3:37:ba:13:7a:42:95:d2:2c:c7:7a:55:7c:84:c2:9f:bf:56:
26:85:2d:38:6f:2c:74:4f:3a:df:de:3c:69:34:53:1b:e0:2c:
27:1b:22:b6:26:db:cb:82:27:d4:0e:9e:86:ba:64:ed:2f:c0:
45:74:7a:b5:18:a5:80:4e:e1:5a:95:66:a4:4d:65:5b:1d:80:
12:9e:06:39:80:23:0e:a6:54:18:c6:2b:4c:52:c1:91:4f:52:
79:b0:f9:64:dc:33:a3:96:08:9a:43:64:f7:c7:a5:93:16:3c:
44:48:0a:e8:3d:b3:ce:a9:f8:9b:af:10:61:30:c4:ea:d6:2d:
07:83:26:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1o7Av5r/7MjZGPcQK2zYTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAyMDgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJlYjJlMmRlZDdjZTkzMzEwYzJjMGIxMDI3Y2NkMzFlYjcwYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnhB2SY/AaOMnO28BDSiX7NXmKKN
i6cdAZpPEV8FcosEQeWjPJYO+3Df7FSqT3JEr/wzchcDo7Ro2HR7+7JNUviUt0AV
ry7ZpPD3NfjHq6kH9LrV98bYfJn9HDd1DDA8jpUIqLx6BDpTsXxokHJWF4nlvlRf
qDYbMgQY19SldneXc900XhAW2af1EdRqfbWlmYzEt6Vw0aiEtAJkk2ShAXurMEFR
Cte0sn7TVqMgwsBtj1hvenGPNTg5/mGwJd4M02DK28nKkCW8V7bdqpi9hJEah3pk
58xQkS0awWi40Xk4jncTwEZ12LyBZjdgh0NHlC36ySAw++7I08ddUrV71wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA++suLe186TMQwsCxAnzNMetwxaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRDc2eTR0N1h6cE14REN3TEVDZk0weDYzREZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlepMA0G
CSqGSIb3DQEBCwUAA4IBAQACW//shktF5BeE4OHvg6HDE60APgTtUuPOGxt5DZHE
o3AV1XAyBtYKi21WDJliAv0UymkVDT1rTQtYgk8FDjwD54jEK8v2AHn3Yi5N00/D
rO9kKZaNfoXAeb9MU6PZTbWrVtrJ+g258a33uPF/4fyrkVQZARcOBd5Ulmmqs2LD
N7oTekKV0izHelV8hMKfv1YmhS04byx0Tzrf3jxpNFMb4CwnGyK2JtvLgifUDp6G
umTtL8BFdHq1GKWATuFalWakTWVbHYASngY5gCMOplQYxitMUsGRT1J5sPlk3DOj
lgiaQ2T3x6WTFjxESAroPbPOqfibrxBhMMTq1i0Hgyak
-----END CERTIFICATE-----
Generated at Tue Feb 20 18:07:33 2024 by rpki-client on console-ams.rpki-client.org