Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXsoaary6IsoCXqC_S8oBpZn4B0.roa
File: DXsoaary6IsoCXqC_S8oBpZn4B0.roa (raw, json)
Hash identifier: eYKijg4H9oELhvTo0JMHaJUYHHb263C/a8VcHL7H8Zo=
Subject key identifier: 0D:7B:28:69:AA:F2:E8:8B:28:09:7A:82:FD:2F:28:06:96:67:E0:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018681C949A074A18EF6DDA684C82EF2EB1F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXsoaary6IsoCXqC_S8oBpZn4B0.roa
Signing time: Fri 24 Feb 2023 04:58:17 +0000
ROA not before: Fri 24 Feb 2023 04:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1997855
IP address blocks: 194.58.33.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Feb 2023 14:40:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:81:c9:49:a0:74:a1:8e:f6:dd:a6:84:c8:2e:f2:eb:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 24 04:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d7b2869aaf2e88b28097a82fd2f28069667e01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:90:9b:78:a5:83:1e:0d:91:e4:ac:11:67:74:
30:48:19:c9:13:98:ae:23:dd:99:6c:fa:df:5a:42:
b6:9d:e4:c4:54:3b:11:f5:9b:f6:73:21:00:d6:7c:
8e:9d:b9:81:04:d1:8f:b3:75:4f:d1:9b:34:78:37:
1b:83:7e:c4:91:39:0c:6f:87:6f:99:91:53:f6:cc:
f1:bc:13:fe:0b:ac:1e:24:d2:7d:ee:cb:a9:7f:6b:
2e:16:58:b1:77:56:05:c4:85:b1:fc:2c:d9:12:2b:
53:ee:b7:8c:ea:14:c2:9b:cb:9d:71:98:40:11:57:
eb:fb:f5:38:9c:a7:6d:4d:04:f8:55:38:08:63:a3:
b2:a7:c8:3f:da:c0:82:93:c6:d7:23:cf:8b:94:11:
3e:5d:0f:83:ae:a4:05:30:8c:a2:4d:fc:18:05:7c:
5c:5a:84:00:f8:7a:a6:92:14:ae:2f:82:23:dc:c4:
e0:17:3a:99:3e:80:43:fe:bb:54:99:19:6a:41:0c:
6e:07:f3:17:23:78:6a:b8:94:d4:f1:d2:be:fc:4e:
d3:7d:d5:73:a5:a0:e6:cf:90:19:11:07:c9:ce:c2:
59:49:e9:4e:57:89:51:08:43:88:82:e0:1c:41:52:
1b:3e:4e:6a:b3:e5:90:dd:05:02:7a:e3:19:6b:61:
ef:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7B:28:69:AA:F2:E8:8B:28:09:7A:82:FD:2F:28:06:96:67:E0:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DXsoaary6IsoCXqC_S8oBpZn4B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.199.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c1:d2:02:99:9b:7b:81:c6:a7:93:ee:6c:93:d6:a8:a4:81:
f7:60:a4:69:6d:59:ef:e4:8c:9e:30:8f:25:50:d9:76:63:af:
13:b2:4a:bc:fa:7a:7b:84:17:98:e0:0d:e5:f5:a1:b9:4a:18:
25:cd:c8:6c:ed:fa:6f:1a:39:df:59:35:25:72:31:ac:cc:71:
be:29:f6:70:39:4f:9c:2f:f2:c0:ed:ed:68:76:48:7c:82:6a:
7e:b9:54:43:3f:0f:c6:12:ad:72:84:2a:97:3d:9c:27:59:ae:
0c:fc:9a:9b:ed:83:23:0c:5b:52:a6:40:4e:9a:3d:41:64:1b:
39:e3:1b:a6:13:76:f0:bd:08:c9:23:b3:38:8c:cf:a7:98:d3:
96:f2:4e:16:44:b8:d7:2d:04:da:b3:59:a3:82:df:cc:f1:9f:
c1:10:cf:2a:7e:84:d9:62:a5:15:2c:dc:84:0d:cb:c6:8c:01:
08:d7:a2:fa:87:e0:d0:2d:49:3a:4f:55:84:43:ce:35:4b:28:
7f:8e:53:52:a9:32:b4:49:b2:7d:51:b7:00:3e:58:d5:6d:e3:
53:5a:99:0c:42:1a:e4:b1:ca:b6:44:4b:d9:0d:8c:6c:5e:69:
23:01:bc:63:c1:e5:a9:76:1f:25:ad:ae:5e:c5:68:ce:6a:7a:
9c:fa:dd:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaByUmgdKGO9t2mhMgu8usfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI0MDQ1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDdiMjg2OWFhZjJlODhiMjgwOTdhODJmZDJmMjgwNjk2NjdlMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5CbeKWDHg2R5KwRZ3QwSBnJE5iu
I92ZbPrfWkK2neTEVDsR9Zv2cyEA1nyOnbmBBNGPs3VP0Zs0eDcbg37EkTkMb4dv
mZFT9szxvBP+C6weJNJ97supf2suFlixd1YFxIWx/CzZEitT7reM6hTCm8udcZhA
EVfr+/U4nKdtTQT4VTgIY6Oyp8g/2sCCk8bXI8+LlBE+XQ+DrqQFMIyiTfwYBXxc
WoQA+HqmkhSuL4Ij3MTgFzqZPoBD/rtUmRlqQQxuB/MXI3hquJTU8dK+/E7TfdVz
paDmz5AZEQfJzsJZSelOV4lRCEOIguAcQVIbPk5qs+WQ3QUCeuMZa2Hv7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA17KGmq8uiLKAl6gv0vKAaWZ+AdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFhzb2Fhcnk2SXNvQ1hxQ19TOG9CcFpuNEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjohAwQA
wlfHAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQBYwdICmZt7gcank+5sk9aopIH3
YKRpbVnv5IyeMI8lUNl2Y68Tskq8+np7hBeY4A3l9aG5Shglzchs7fpvGjnfWTUl
cjGszHG+KfZwOU+cL/LA7e1odkh8gmp+uVRDPw/GEq1yhCqXPZwnWa4M/Jqb7YMj
DFtSpkBOmj1BZBs54xumE3bwvQjJI7M4jM+nmNOW8k4WRLjXLQTas1mjgt/M8Z/B
EM8qfoTZYqUVLNyEDcvGjAEI16L6h+DQLUk6T1WEQ841Syh/jlNSqTK0SbJ9UbcA
PljVbeNTWpkMQhrkscq2REvZDYxsXmkjAbxjweWpdh8lra5exWjOanqc+t1l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org