Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EhNm8O_LhsyFAj8C7d7LVZFkEjU.roa
File: EhNm8O_LhsyFAj8C7d7LVZFkEjU.roa (raw, json)
Hash identifier: u8cXPbnLMPSm8nV03+d78UPNxdf4fBo+MwGoNLmMqzI=
Subject key identifier: 12:13:66:F0:EF:CB:86:CC:85:02:3F:02:ED:DE:CB:55:91:64:12:35
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BCE62DEC72DFA0A9A0DF0867AA98E1044
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EhNm8O_LhsyFAj8C7d7LVZFkEjU.roa
Signing time: Tue 14 Nov 2023 15:11:07 +0000
ROA not before: Tue 14 Nov 2023 15:11:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 212.192.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 10:41:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:62:de:c7:2d:fa:0a:9a:0d:f0:86:7a:a9:8e:10:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 15:11:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=121366f0efcb86cc85023f02eddecb5591641235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:d6:cf:3b:e3:ee:1d:53:8e:53:83:b4:18:
40:ad:1c:ec:d9:a6:6f:ec:4e:bf:00:94:81:ce:8a:
ae:c7:e9:5b:72:82:4d:63:c2:c5:9c:cc:e5:e8:56:
85:9e:a7:90:05:b3:ef:f4:74:c8:13:51:ab:5f:48:
4b:c9:8e:4a:99:cf:3f:dd:2e:4c:60:2d:d7:04:97:
a4:de:8b:0b:62:e8:52:7c:28:0d:97:ee:9f:61:01:
05:46:c0:d8:e8:be:46:97:47:9b:c5:32:ae:b9:9b:
92:f1:cb:2b:5b:b6:5f:f7:1f:e8:db:94:75:bc:c2:
68:b3:2a:bb:1e:9e:db:d2:ca:8d:bb:b4:ff:ab:c0:
c7:76:a0:ea:42:47:57:62:c5:0e:9b:6f:ee:f6:f7:
ad:1a:63:df:ce:fe:0a:cc:ba:ef:82:38:5c:a1:62:
19:f6:34:ed:4b:60:81:16:14:11:ef:1b:d0:de:68:
b8:3c:25:b5:cb:6b:b9:11:1c:db:21:25:cb:b4:2b:
cd:c0:24:cf:7e:0a:e4:75:bd:a8:d3:d7:82:87:dc:
cd:45:c5:d1:8d:7f:ee:cd:29:8c:0f:ac:b4:d0:c8:
69:c7:8a:3c:a8:b8:ac:6f:60:bd:ea:e0:86:19:25:
5d:99:ef:96:c8:a6:00:2d:a1:22:fe:a5:85:1b:a2:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:13:66:F0:EF:CB:86:CC:85:02:3F:02:ED:DE:CB:55:91:64:12:35
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EhNm8O_LhsyFAj8C7d7LVZFkEjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
25:0a:96:cc:aa:44:53:af:45:f3:f0:66:c8:bb:0b:85:84:78:
25:a4:0c:25:63:64:c5:d6:d9:97:18:9f:9e:69:4b:20:f6:1f:
1f:98:27:ff:2d:5c:96:5d:87:c2:cc:ef:d5:fd:98:ea:3c:54:
ac:ae:f6:74:7b:35:6b:e9:19:4d:3b:43:85:99:b9:dd:08:4e:
42:a9:13:39:b2:f3:c2:4a:75:5b:63:0b:68:9a:b2:89:7e:40:
e7:13:a3:53:b1:e6:1f:82:7c:b2:c2:b6:b7:b3:e8:24:db:29:
79:6d:0f:2b:28:7e:f3:7b:74:cd:2b:59:71:01:74:e3:3a:b4:
3c:8c:8f:38:53:08:43:82:2e:8b:1b:9a:a7:a9:8d:1d:33:d7:
e2:97:13:af:9a:bd:62:3d:d2:76:0e:d6:7a:29:5b:ca:55:aa:
e6:6d:41:5b:69:f6:bb:09:a8:f7:ab:56:48:7b:53:ea:d1:bc:
b7:58:77:67:7b:41:a2:8e:c1:57:96:5c:fe:d8:69:c1:b5:9e:
03:91:b7:00:56:ad:bb:35:89:1a:62:56:21:9a:e9:b5:6a:f5:
43:b6:9b:68:0d:ab:4e:b6:97:0e:49:65:70:a6:6e:dd:db:54:
1d:71:8e:94:8f:c3:d7:47:2a:3a:f0:5a:0b:a5:61:ea:b7:cf:
d3:1c:27:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvOYt7HLfoKmg3whnqpjhBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE0MTUxMTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjEzNjZmMGVmY2I4NmNjODUwMjNmMDJlZGRlY2I1NTkxNjQxMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRHWzzvj7h1TjlODtBhArRzs2aZv
7E6/AJSBzoqux+lbcoJNY8LFnMzl6FaFnqeQBbPv9HTIE1GrX0hLyY5Kmc8/3S5M
YC3XBJek3osLYuhSfCgNl+6fYQEFRsDY6L5Gl0ebxTKuuZuS8csrW7Zf9x/o25R1
vMJosyq7Hp7b0sqNu7T/q8DHdqDqQkdXYsUOm2/u9vetGmPfzv4KzLrvgjhcoWIZ
9jTtS2CBFhQR7xvQ3mi4PCW1y2u5ERzbISXLtCvNwCTPfgrkdb2o09eCh9zNRcXR
jX/uzSmMD6y00Mhpx4o8qLisb2C96uCGGSVdme+WyKYALaEi/qWFG6KbcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBITZvDvy4bMhQI/Au3ey1WRZBI1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRWhObThPX0xoc3lGQWo4QzdkN0xWWkZrRWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAfMA0G
CSqGSIb3DQEBCwUAA4IBAQAlCpbMqkRTr0Xz8GbIuwuFhHglpAwlY2TF1tmXGJ+e
aUsg9h8fmCf/LVyWXYfCzO/V/ZjqPFSsrvZ0ezVr6RlNO0OFmbndCE5CqRM5svPC
SnVbYwtomrKJfkDnE6NTseYfgnyywra3s+gk2yl5bQ8rKH7ze3TNK1lxAXTjOrQ8
jI84UwhDgi6LG5qnqY0dM9filxOvmr1iPdJ2DtZ6KVvKVarmbUFbafa7Caj3q1ZI
e1Pq0by3WHdne0GijsFXllz+2GnBtZ4DkbcAVq27NYkaYlYhmum1avVDtptoDatO
tpcOSWVwpm7d21QdcY6Uj8PXRyo68FoLpWHqt8/THCcI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org