Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GEfSB0kec_uTPzxi--2Z5iOY7J0.roa
File: GEfSB0kec_uTPzxi--2Z5iOY7J0.roa (raw, json)
Hash identifier: YP5ODl59XWHKFAAjHN8cnU0hZqT/vnI5rNrEX5mRGNM=
Subject key identifier: 18:47:D2:07:49:1E:73:FB:93:3F:3C:62:FB:ED:99:E6:23:98:EC:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192D2938A617977C2266E613A695FEA1B26
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GEfSB0kec_uTPzxi--2Z5iOY7J0.roa
Signing time: Mon 28 Oct 2024 10:02:17 +0000
ROA not before: Mon 28 Oct 2024 10:02:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203172
IP address blocks: 194.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 16:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:93:8a:61:79:77:c2:26:6e:61:3a:69:5f:ea:1b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 28 10:02:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1847d207491e73fb933f3c62fbed99e62398ec9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:70:a8:e8:7c:2f:8d:8a:5e:29:e9:ed:bd:
dc:1d:26:80:aa:73:5f:12:a6:22:35:99:48:7b:d7:
f1:19:56:da:6c:26:c3:75:26:be:67:d6:7a:2f:55:
95:6d:68:f2:25:cb:5a:22:e3:f1:09:76:71:ad:8d:
c1:0d:8c:46:05:5e:17:04:7b:d8:04:0c:8f:af:45:
bc:dd:15:de:84:d4:af:71:58:86:87:de:ac:ce:50:
ec:84:bb:bf:4d:57:34:e5:1c:46:05:7c:d4:bf:b6:
b0:73:31:cc:82:3a:15:ea:57:bf:26:f4:75:3d:be:
5b:aa:32:de:47:fc:93:72:f0:9b:04:82:c0:2a:be:
35:f2:73:6c:68:02:d4:bf:f2:62:9d:99:e5:fb:0f:
ca:c6:ab:ad:59:32:63:ac:36:79:b3:bb:b9:ec:23:
ca:96:59:65:53:b4:5f:c2:f4:76:31:80:7d:88:78:
1f:ee:02:82:af:01:a1:5a:a4:19:e6:f0:db:c1:b4:
71:34:5c:d2:6c:1f:4c:6d:0d:c8:32:3d:dd:c7:d0:
a8:bd:fe:1d:44:5c:5f:cf:ce:24:41:62:1a:aa:19:
28:9e:3b:1d:06:7d:d3:63:34:6e:d7:90:c8:1f:ed:
89:0e:2c:ab:d9:6d:9e:3c:cf:9f:ed:c7:98:2b:70:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:47:D2:07:49:1E:73:FB:93:3F:3C:62:FB:ED:99:E6:23:98:EC:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GEfSB0kec_uTPzxi--2Z5iOY7J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:05:7d:24:ea:48:ac:7a:c3:d5:ad:88:a1:fd:92:f1:cf:e2:
d2:b2:1f:ba:70:92:69:76:f8:f5:a9:a7:b2:8c:e5:9e:74:af:
cb:f6:1b:6a:7a:0c:ec:c6:81:92:c0:ec:ef:59:be:dd:9a:90:
02:c6:6d:9d:e2:ec:38:36:f1:d9:a7:33:17:6e:3b:43:74:86:
55:ed:f2:50:2e:b1:b5:22:ef:b2:7e:2c:ea:c7:f4:53:36:af:
56:f2:84:18:fb:75:c3:51:28:11:a7:06:30:3f:67:8c:cb:fd:
dd:de:59:5c:35:c1:d5:f2:63:c0:09:ce:e7:ab:00:af:be:37:
80:17:42:ca:72:e9:93:00:4b:c9:a6:e7:ad:57:07:03:e5:f5:
72:70:0d:71:06:a0:e5:d8:ca:88:d1:13:e8:09:7a:c6:7e:61:
f6:e7:aa:9c:82:c4:0f:07:34:5f:29:0b:a9:96:1a:9e:51:14:
98:48:7b:27:75:ed:63:62:d1:9c:23:fb:d7:d4:3a:53:19:15:
4f:9b:a2:fd:8f:e0:53:97:6f:8a:6e:3f:d9:cc:7e:a8:50:f7:
b0:72:69:7a:de:d6:30:c5:0d:fa:d6:fb:f2:7d:cc:44:67:9e:
c9:8c:c3:e2:cb:49:b1:b6:cf:d2:b6:e5:33:14:a6:69:e7:e0:
d4:7c:cb:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLSk4pheXfCJm5hOmlf6hsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDI4MTAwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQ3ZDIwNzQ5MWU3M2ZiOTMzZjNjNjJmYmVkOTllNjIzOThlYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsONwqOh8L42KXinp7b3cHSaAqnNf
EqYiNZlIe9fxGVbabCbDdSa+Z9Z6L1WVbWjyJctaIuPxCXZxrY3BDYxGBV4XBHvY
BAyPr0W83RXehNSvcViGh96szlDshLu/TVc05RxGBXzUv7awczHMgjoV6le/JvR1
Pb5bqjLeR/yTcvCbBILAKr418nNsaALUv/JinZnl+w/KxqutWTJjrDZ5s7u57CPK
llllU7RfwvR2MYB9iHgf7gKCrwGhWqQZ5vDbwbRxNFzSbB9MbQ3IMj3dx9Covf4d
RFxfz84kQWIaqhkonjsdBn3TYzRu15DIH+2JDiyr2W2ePM+f7ceYK3C33wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhH0gdJHnP7kz88YvvtmeYjmOydMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR0VmU0Iwa2VjX3VUUHp4aS0tMlo1aU9ZN0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlffMA0G
CSqGSIb3DQEBCwUAA4IBAQBfBX0k6kisesPVrYih/ZLxz+LSsh+6cJJpdvj1qaey
jOWedK/L9htqegzsxoGSwOzvWb7dmpACxm2d4uw4NvHZpzMXbjtDdIZV7fJQLrG1
Iu+yfizqx/RTNq9W8oQY+3XDUSgRpwYwP2eMy/3d3llcNcHV8mPACc7nqwCvvjeA
F0LKcumTAEvJpuetVwcD5fVycA1xBqDl2MqI0RPoCXrGfmH256qcgsQPBzRfKQup
lhqeURSYSHsnde1jYtGcI/vX1DpTGRVPm6L9j+BTl2+Kbj/ZzH6oUPewcml63tYw
xQ361vvyfcxEZ57JjMPiy0mxts/StuUzFKZp5+DUfMt2
-----END CERTIFICATE-----
Generated at Tue Oct 29 19:20:08 2024 by rpki-client on console-fra.rpki-client.org