Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9uQWJ3OWXM4rDbz4rj-3uOXfX8.roa
File: G9uQWJ3OWXM4rDbz4rj-3uOXfX8.roa (raw, json)
Hash identifier: bIgxzBukwuDQ3Lj6kzPoyuUW8bS4zwMsu7zHMn6vwAA=
Subject key identifier: 1B:DB:90:58:9D:CE:59:73:38:AC:36:F3:E2:B8:FE:DE:E3:97:7D:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8F32921EB57A2CB9D8789B9A91A1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9uQWJ3OWXM4rDbz4rj-3uOXfX8.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211256
IP address blocks: 194.58.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8f:32:92:1e:b5:7a:2c:b9:d8:78:9b:9a:91:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bdb90589dce597338ac36f3e2b8fedee3977d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:71:96:70:41:32:79:38:3b:46:f3:26:08:fe:
ad:35:40:ca:35:2f:98:00:87:93:e6:50:51:50:f9:
f1:60:c7:b3:44:43:af:d0:0e:49:cf:a6:30:29:8b:
94:01:8c:d2:f0:f5:99:db:d6:27:e9:50:93:21:ff:
66:60:5e:ac:0d:70:dd:a6:91:53:49:c4:f3:c1:b5:
96:4a:4c:d5:7b:6b:39:0b:99:a6:42:c8:12:83:78:
21:f2:58:09:42:fc:8a:fb:49:e8:23:8c:30:9f:ab:
8a:5a:4c:ce:ab:08:04:f0:8a:45:72:63:5f:aa:13:
07:52:4a:c7:3b:1e:38:a6:e5:c8:8a:19:3a:76:29:
d6:d5:7b:1c:52:9d:c5:1a:1a:e4:64:8e:4d:e6:0f:
99:2f:81:6e:88:e0:73:8e:93:74:63:04:94:8f:cc:
07:f6:27:0e:b8:f3:9f:83:2a:c3:ef:dd:7d:ea:5f:
b8:4e:47:13:6d:fa:0a:db:77:ff:09:30:a0:83:5c:
23:76:ef:a5:fb:76:56:aa:3e:97:9f:08:d9:06:ff:
15:41:61:3d:e0:05:18:df:df:7d:f6:a6:a9:5f:38:
1a:4f:36:28:f1:08:18:f2:e5:de:12:23:19:26:e6:
93:52:29:3c:31:92:c0:42:c7:4b:e1:85:95:0f:57:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DB:90:58:9D:CE:59:73:38:AC:36:F3:E2:B8:FE:DE:E3:97:7D:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G9uQWJ3OWXM4rDbz4rj-3uOXfX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ad:f3:92:40:3a:c9:6a:87:b3:2b:60:f9:da:51:ce:e4:0b:
d9:f8:34:6c:a6:60:91:de:58:53:09:a4:f2:5e:cc:55:b5:68:
54:a0:41:9b:2b:24:75:2f:45:f3:e8:72:49:ca:ca:f0:65:41:
01:34:00:f5:2b:c6:69:9a:09:d6:0a:39:94:0a:c0:4f:95:31:
d8:f7:b8:81:c4:05:19:f1:27:ee:3e:cc:89:9d:98:ba:99:fe:
c6:09:c7:48:df:6e:b2:38:15:31:cb:01:78:e2:af:4e:d2:14:
d0:70:2c:a8:82:90:0a:c6:68:1f:a8:cc:c8:41:6b:79:03:99:
9e:e9:87:5e:2c:ee:cc:d5:c1:bc:02:cc:7a:6f:ad:c7:88:6e:
4e:68:53:94:d6:09:d7:90:aa:70:3b:b4:ad:2a:a8:51:66:27:
1b:a2:5a:e7:e6:77:df:64:94:40:a2:67:d3:28:ed:e2:6b:de:
1d:1f:38:22:a2:59:a1:72:f1:3a:00:01:d9:8d:e4:fc:fd:80:
78:3f:1e:4b:2c:4d:69:b1:3d:58:a2:73:94:cd:c0:c9:a2:af:
c9:fd:f9:21:7d:46:7d:5c:93:78:37:d6:e9:dc:01:16:bc:b8:
94:4c:16:27:d7:29:34:2e:07:6a:bf:e6:10:72:4d:ef:b9:31:
97:46:27:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKo8ykh61eiy52HibmpGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRiOTA1ODlkY2U1OTczMzhhYzM2ZjNlMmI4ZmVkZWUzOTc3ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnGWcEEyeTg7RvMmCP6tNUDKNS+Y
AIeT5lBRUPnxYMezREOv0A5Jz6YwKYuUAYzS8PWZ29Yn6VCTIf9mYF6sDXDdppFT
ScTzwbWWSkzVe2s5C5mmQsgSg3gh8lgJQvyK+0noI4wwn6uKWkzOqwgE8IpFcmNf
qhMHUkrHOx44puXIihk6dinW1XscUp3FGhrkZI5N5g+ZL4FuiOBzjpN0YwSUj8wH
9icOuPOfgyrD79196l+4TkcTbfoK23f/CTCgg1wjdu+l+3ZWqj6XnwjZBv8VQWE9
4AUY39999qapXzgaTzYo8QgY8uXeEiMZJuaTUik8MZLAQsdL4YWVD1f3OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvbkFidzllzOKw28+K4/t7jl31/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzl1UVdKM09XWE00ckRiejRyai0zdU9YZlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjosMA0G
CSqGSIb3DQEBCwUAA4IBAQABrfOSQDrJaoezK2D52lHO5AvZ+DRspmCR3lhTCaTy
XsxVtWhUoEGbKyR1L0Xz6HJJysrwZUEBNAD1K8ZpmgnWCjmUCsBPlTHY97iBxAUZ
8SfuPsyJnZi6mf7GCcdI326yOBUxywF44q9O0hTQcCyogpAKxmgfqMzIQWt5A5me
6YdeLO7M1cG8Asx6b63HiG5OaFOU1gnXkKpwO7StKqhRZicbolrn5nffZJRAomfT
KO3ia94dHzgiolmhcvE6AAHZjeT8/YB4Px5LLE1psT1YonOUzcDJoq/J/fkhfUZ9
XJN4N9bp3AEWvLiUTBYn1yk0Lgdqv+YQck3vuTGXRico
-----END CERTIFICATE-----
Generated at Fri Feb 2 12:05:17 2024 by rpki-client on console-ams.rpki-client.org