Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4mToZFeIc3K9SL56m0nlqRA-Ko.roa
File: G4mToZFeIc3K9SL56m0nlqRA-Ko.roa (raw, json)
Hash identifier: GFfkR4IGstXFInJLyCbOXltMb0vdsegI+khSC0ffkcc=
Subject key identifier: 1B:89:93:A1:91:5E:21:CD:CA:F5:22:F9:EA:6D:27:96:A4:40:F8:AA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A843B1C1862C0DB5A954B75C11EAC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4mToZFeIc3K9SL56m0nlqRA-Ko.roa
Signing time: Tue 02 Jan 2024 12:33:53 +0000
ROA not before: Tue 02 Jan 2024 12:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203172
IP address blocks: 194.87.223.0/24 maxlen: 24
194.87.20.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 19 May 2024 17:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:84:3b:1c:18:62:c0:db:5a:95:4b:75:c1:1e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b8993a1915e21cdcaf522f9ea6d2796a440f8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:22:42:6b:57:5d:3d:a2:1d:f2:83:7f:dc:68:
34:ea:0f:db:bd:94:74:b1:9f:8a:a6:b1:83:f7:d4:
cb:12:5a:1d:aa:02:22:85:59:03:c4:1e:64:f9:45:
de:c1:26:d5:db:ab:31:12:fd:f1:65:d6:74:a5:dd:
7a:47:8c:41:c7:3d:76:33:7e:1c:c5:df:8e:71:e1:
6f:10:e8:d6:0f:55:53:12:1a:cd:df:11:dd:c2:be:
51:82:18:69:4c:da:d8:20:78:08:ae:b7:d0:fd:19:
55:83:47:31:fc:61:fa:e6:4d:e3:9e:1f:72:7e:2c:
99:b1:db:27:9a:cc:b9:df:72:00:b0:8d:32:88:9c:
df:f2:11:95:ca:0f:6c:7e:d8:a1:23:c8:f1:76:03:
cd:d2:b6:02:aa:e6:be:dd:d3:65:2b:09:fb:9c:0d:
7c:0b:95:2c:35:62:6a:f7:50:4c:19:6a:c3:ab:1f:
e4:d9:de:d5:b9:03:77:89:a9:8f:d5:6a:ee:66:9b:
08:c5:48:37:cf:c6:41:c5:e6:c3:e8:21:16:5f:1c:
7e:ee:d8:8f:1e:7f:64:23:d3:da:2d:3b:52:51:9a:
f5:73:6e:c4:7c:97:53:80:55:a2:7b:0e:e0:40:5e:
7b:9d:a4:f6:db:7a:cb:4b:99:a7:75:05:d9:ca:a9:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:89:93:A1:91:5E:21:CD:CA:F5:22:F9:EA:6D:27:96:A4:40:F8:AA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4mToZFeIc3K9SL56m0nlqRA-Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.20.0/23
194.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6e:93:00:ab:ff:a4:1d:59:cd:54:86:36:59:92:e5:8a:fc:
d5:b5:17:1b:df:b1:03:fd:85:89:d8:86:bb:47:fb:51:ae:7a:
0c:5a:61:5d:2f:3f:8c:dd:9a:26:2d:d5:d0:d7:5c:eb:44:67:
28:f1:58:87:47:e3:5a:86:34:a8:2c:c8:d5:52:b3:06:7e:2d:
16:7e:be:5f:bd:a8:ab:fc:38:29:c0:fe:bf:2f:a7:53:f4:6d:
d9:c4:9b:44:92:a4:f1:ca:79:a1:90:18:ff:4b:ba:dc:cf:26:
b6:01:aa:29:9e:8f:7e:7d:59:eb:dc:a5:ba:2a:9a:d1:c9:57:
e0:7e:a1:3d:ba:99:55:1a:9c:1e:2f:eb:95:b1:c5:64:da:9d:
42:13:e1:e4:74:55:d4:53:e8:93:85:22:26:09:ce:38:bb:53:
e5:9d:3f:a3:d5:4f:78:9a:43:1e:0a:5e:cf:39:a1:17:11:3a:
4c:97:b1:ab:72:28:bd:70:8b:8e:40:b3:45:8e:c1:1d:fc:cc:
3d:3e:9a:70:d3:3f:3a:cf:39:ff:e7:d3:71:61:ec:c9:28:ee:
54:54:27:1f:e0:ce:58:c6:e0:f1:61:40:0d:c6:b1:0a:13:0e:
c8:52:44:63:8a:c0:54:18:7b:29:37:17:e1:23:19:0e:c2:ae:
da:6a:eb:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKoQ7HBhiwNtalUt1wR6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg5OTNhMTkxNWUyMWNkY2FmNTIyZjllYTZkMjc5NmE0NDBmOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyJCa1ddPaId8oN/3Gg06g/bvZR0
sZ+KprGD99TLElodqgIihVkDxB5k+UXewSbV26sxEv3xZdZ0pd16R4xBxz12M34c
xd+OceFvEOjWD1VTEhrN3xHdwr5RghhpTNrYIHgIrrfQ/RlVg0cx/GH65k3jnh9y
fiyZsdsnmsy533IAsI0yiJzf8hGVyg9sftihI8jxdgPN0rYCqua+3dNlKwn7nA18
C5UsNWJq91BMGWrDqx/k2d7VuQN3iamP1WruZpsIxUg3z8ZBxebD6CEWXxx+7tiP
Hn9kI9PaLTtSUZr1c27EfJdTgFWiew7gQF57naT223rLS5mndQXZyqn8VwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBuJk6GRXiHNyvUi+eptJ5akQPiqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzRtVG9aRmVJYzNLOVNMNTZtMG5scVJBLUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwlcUAwQA
wlffMA0GCSqGSIb3DQEBCwUAA4IBAQBEbpMAq/+kHVnNVIY2WZLlivzVtRcb37ED
/YWJ2Ia7R/tRrnoMWmFdLz+M3ZomLdXQ11zrRGco8ViHR+NahjSoLMjVUrMGfi0W
fr5fvair/DgpwP6/L6dT9G3ZxJtEkqTxynmhkBj/S7rczya2Aaopno9+fVnr3KW6
KprRyVfgfqE9uplVGpweL+uVscVk2p1CE+HkdFXUU+iThSImCc44u1PlnT+j1U94
mkMeCl7POaEXETpMl7Grcii9cIuOQLNFjsEd/Mw9Pppw0z86zzn/59NxYezJKO5U
VCcf4M5YxuDxYUANxrEKEw7IUkRjisBUGHspNxfhIxkOwq7aausN
-----END CERTIFICATE-----
Generated at Sun May 19 18:41:33 2024 by rpki-client on console-ams.rpki-client.org