Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Go6G9KfqR6tRbgWYNvbPWJOxt1I.roa
File: Go6G9KfqR6tRbgWYNvbPWJOxt1I.roa (raw, json)
Hash identifier: 84J1XM5kKppdT649RReXP3tnxfMPzAUpiHGdoQ59tWI=
Subject key identifier: 1A:8E:86:F4:A7:EA:47:AB:51:6E:05:98:36:F6:CF:58:93:B1:B7:52
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A1CA4D8CC4066347CA5D030ECFF9FA21C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Go6G9KfqR6tRbgWYNvbPWJOxt1I.roa
Signing time: Tue 22 Aug 2023 09:48:00 +0000
ROA not before: Tue 22 Aug 2023 09:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.18.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Aug 2023 17:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:a4:d8:cc:40:66:34:7c:a5:d0:30:ec:ff:9f:a2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 22 09:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a8e86f4a7ea47ab516e059836f6cf5893b1b752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:1e:4b:4d:a1:f2:38:ff:28:36:dd:d1:e3:
86:4c:24:9e:83:f9:ee:de:07:3f:8e:de:6d:5a:70:
a1:49:f7:32:ee:4c:56:d8:b1:10:c2:3c:32:94:30:
20:0e:42:25:15:f8:30:19:34:37:30:7e:ef:65:9b:
ba:ca:9a:ea:16:d1:fa:a9:e2:fd:50:5b:bb:12:07:
7f:e9:dc:ad:1a:50:18:c8:dd:ce:41:14:a4:b8:cb:
d9:4e:ee:49:7c:e8:54:be:da:75:3b:00:92:f9:c4:
aa:ae:00:6e:07:be:70:64:fd:54:1a:4c:24:58:69:
8d:fb:99:41:4b:da:e5:bc:7d:e3:21:86:7f:6b:3a:
f8:c8:e0:2b:b8:8e:16:8a:7d:a5:2f:6d:df:11:5f:
37:2f:4a:e4:82:ac:91:37:3a:5f:35:f1:6e:49:b4:
5a:0d:e4:ec:ba:73:6c:b0:7c:7a:5e:4d:e3:54:c4:
95:a6:7f:4c:b2:f4:2b:b2:0a:e5:65:5d:d4:d0:78:
df:4f:86:04:4e:2c:ca:b8:80:69:13:19:46:87:67:
bd:9e:6f:f5:18:2b:95:29:e5:1b:bf:f0:2f:9f:e5:
d9:96:cb:d8:c9:09:e3:00:df:15:f0:e3:28:55:db:
65:5c:a6:ac:44:62:a2:62:14:00:25:83:d5:34:f4:
bc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8E:86:F4:A7:EA:47:AB:51:6E:05:98:36:F6:CF:58:93:B1:B7:52
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Go6G9KfqR6tRbgWYNvbPWJOxt1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.87.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:00:d5:af:be:dc:6f:c1:3a:b8:f5:98:df:bb:df:c7:a8:8c:
44:c2:68:ff:2a:f7:c2:91:5d:3a:0e:a5:53:c8:2e:ae:83:55:
7e:cc:a7:4c:83:b2:81:52:e4:d7:70:34:55:f8:7b:8a:c4:03:
25:66:8c:54:5b:d9:e8:6d:85:07:69:c1:1e:93:9b:1e:80:e5:
79:92:1f:2f:b0:e5:dc:a6:64:4d:a6:08:16:f2:2d:a3:af:19:
5e:a4:ca:e6:b9:af:be:bb:36:05:e9:b3:bc:a8:82:93:17:d3:
e0:de:9c:74:0c:32:d5:d1:b6:15:d3:b5:51:ea:f2:7d:e0:ec:
e2:a5:2a:4d:b1:7a:d8:58:95:c7:60:3a:93:13:df:2b:55:9f:
e2:a3:22:0c:42:88:78:35:0f:d7:3c:97:fe:c5:94:20:1f:60:
52:08:7e:a0:a8:e2:0c:5d:60:eb:0e:1e:8b:59:b8:31:d8:34:
09:40:8e:2e:5f:54:62:14:52:21:bb:a0:cf:dc:df:84:af:5d:
9c:a7:0b:bc:1c:10:7f:95:56:29:21:fc:22:1f:67:a5:02:de:
fb:80:49:8a:9d:20:35:33:4e:4f:92:4f:98:0c:ff:2c:76:57:
59:bc:5d:9d:82:e4:be:9f:93:f7:73:6d:5b:55:39:8e:52:25:
7e:42:f5:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYocpNjMQGY0fKXQMOz/n6IcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODIyMDk0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYThlODZmNGE3ZWE0N2FiNTE2ZTA1OTgzNmY2Y2Y1ODkzYjFiNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ0eS02h8jj/KDbd0eOGTCSeg/nu
3gc/jt5tWnChSfcy7kxW2LEQwjwylDAgDkIlFfgwGTQ3MH7vZZu6yprqFtH6qeL9
UFu7Egd/6dytGlAYyN3OQRSkuMvZTu5JfOhUvtp1OwCS+cSqrgBuB75wZP1UGkwk
WGmN+5lBS9rlvH3jIYZ/azr4yOAruI4Win2lL23fEV83L0rkgqyRNzpfNfFuSbRa
DeTsunNssHx6Xk3jVMSVpn9MsvQrsgrlZV3U0HjfT4YETizKuIBpExlGh2e9nm/1
GCuVKeUbv/Avn+XZlsvYyQnjAN8V8OMoVdtlXKasRGKiYhQAJYPVNPS8fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBqOhvSn6kerUW4FmDb2z1iTsbdSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR282RzlLZnFSNnRSYmdXWU52YlBXSk94dDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzNAwQA
wlcSMA0GCSqGSIb3DQEBCwUAA4IBAQAbANWvvtxvwTq49Zjfu9/HqIxEwmj/KvfC
kV06DqVTyC6ug1V+zKdMg7KBUuTXcDRV+HuKxAMlZoxUW9nobYUHacEek5segOV5
kh8vsOXcpmRNpggW8i2jrxlepMrmua++uzYF6bO8qIKTF9Pg3px0DDLV0bYV07VR
6vJ94OzipSpNsXrYWJXHYDqTE98rVZ/ioyIMQoh4NQ/XPJf+xZQgH2BSCH6gqOIM
XWDrDh6LWbgx2DQJQI4uX1RiFFIhu6DP3N+Er12cpwu8HBB/lVYpIfwiH2elAt77
gEmKnSA1M05Pkk+YDP8sdldZvF2dguS+n5P3c21bVTmOUiV+QvVm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:11 2024 by rpki-client on console-fra.rpki-client.org