Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GtdhHE8CDR9nfKFnkvawWWBrITo.roa
File: GtdhHE8CDR9nfKFnkvawWWBrITo.roa (raw, json)
Hash identifier: HvYEuycPRTNHehJkVpQUPG9pBOPBjm+ObVCfJpA+Vpc=
Subject key identifier: 1A:D7:61:1C:4F:02:0D:1F:67:7C:A1:67:92:F6:B0:59:60:6B:21:3A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B339F3E2F66533ADB3EB9DA05BE6A9E13
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GtdhHE8CDR9nfKFnkvawWWBrITo.roa
Signing time: Sun 15 Oct 2023 13:55:56 +0000
ROA not before: Sun 15 Oct 2023 13:55:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211014
IP address blocks: 194.87.74.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:33:9f:3e:2f:66:53:3a:db:3e:b9:da:05:be:6a:9e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 15 13:55:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ad7611c4f020d1f677ca16792f6b059606b213a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a9:c0:bc:b0:2c:bc:41:a6:28:ef:26:1e:17:
fd:50:e1:09:0f:f4:fa:bb:df:05:d0:13:6c:4b:1f:
cc:b9:72:cf:3e:75:d0:86:7c:91:54:77:2a:ce:93:
36:cc:50:96:2d:8a:a3:95:a7:f6:54:0a:3f:d1:dc:
8d:bc:f8:0f:fb:4f:58:6e:7a:df:5d:08:22:f3:a4:
47:0f:da:45:40:17:6a:50:56:45:0a:db:13:79:dd:
6a:ac:94:b2:3c:e7:67:18:e5:5b:3d:25:31:c0:cc:
9c:04:78:8e:68:87:7f:b6:e3:d3:52:d0:d7:2e:91:
d8:6e:30:15:bc:b1:b3:39:fc:ec:34:27:ac:f1:c6:
de:bc:86:23:32:f8:11:e4:be:96:ce:cc:02:63:78:
fc:37:90:3b:15:3f:4a:e5:03:c8:0f:67:e1:24:05:
21:3f:ec:d8:1f:c0:e2:6c:ac:83:a0:2a:57:04:c7:
9b:3f:90:ca:77:64:8c:10:ce:ac:d5:ad:c3:ad:54:
ff:87:23:01:ca:39:e3:85:41:7a:de:6f:10:24:32:
3e:aa:b4:fa:3a:a5:1e:9d:f1:32:b2:38:3e:1b:01:
ce:2d:16:6e:d6:04:76:e4:38:e3:70:09:1a:2f:11:
c1:19:d7:ba:05:a7:bf:dd:80:31:5d:67:50:a2:71:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D7:61:1C:4F:02:0D:1F:67:7C:A1:67:92:F6:B0:59:60:6B:21:3A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GtdhHE8CDR9nfKFnkvawWWBrITo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.74.0/24
Signature Algorithm: sha256WithRSAEncryption
62:ab:0c:10:00:c4:c3:4e:3d:cb:c8:da:03:67:89:0f:a6:53:
ef:5e:c4:0c:b4:d9:8b:59:be:84:d2:b2:3f:e3:0e:53:ba:c1:
72:60:b1:3d:64:23:1c:bd:dd:c8:1c:d6:63:53:d1:61:5c:f6:
6c:39:3c:0a:e6:03:d5:60:8f:af:da:23:11:b2:31:24:33:6a:
f0:7c:f9:27:e4:42:db:01:a0:29:dd:b4:1c:e0:f6:d6:e1:df:
c9:7c:83:15:63:ab:d2:ba:79:f2:a3:f6:05:c7:70:68:02:91:
d6:ba:d3:f8:6b:0e:8e:26:24:23:ed:e1:c3:f9:dc:54:b9:65:
64:a1:80:65:75:78:52:c2:35:ce:3e:4a:ba:f9:07:33:61:f8:
2e:8f:e7:cb:59:e3:fd:10:7f:db:e3:da:c5:a6:88:fa:3a:6f:
50:d4:23:f8:3b:1b:7c:28:df:21:10:a9:81:0a:cb:35:9b:4c:
8e:ad:be:6b:8a:24:2b:91:a2:8e:5b:e3:98:ad:82:1f:19:bb:
7b:cd:44:d4:0a:3a:f5:a7:52:b5:03:fe:c1:61:eb:d0:b9:2f:
55:89:f7:1f:d7:01:b2:39:01:78:89:fd:32:31:87:1d:16:67:
03:39:c4:e0:a3:13:73:7b:2f:c6:8b:04:1d:02:96:d8:99:a1:
35:45:df:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsznz4vZlM62z652gW+ap4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE1MTM1NTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ3NjExYzRmMDIwZDFmNjc3Y2ExNjc5MmY2YjA1OTYwNmIyMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6nAvLAsvEGmKO8mHhf9UOEJD/T6
u98F0BNsSx/MuXLPPnXQhnyRVHcqzpM2zFCWLYqjlaf2VAo/0dyNvPgP+09Ybnrf
XQgi86RHD9pFQBdqUFZFCtsTed1qrJSyPOdnGOVbPSUxwMycBHiOaId/tuPTUtDX
LpHYbjAVvLGzOfzsNCes8cbevIYjMvgR5L6WzswCY3j8N5A7FT9K5QPID2fhJAUh
P+zYH8DibKyDoCpXBMebP5DKd2SMEM6s1a3DrVT/hyMByjnjhUF63m8QJDI+qrT6
OqUenfEysjg+GwHOLRZu1gR25DjjcAkaLxHBGde6Bae/3YAxXWdQonHTtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrXYRxPAg0fZ3yhZ5L2sFlgayE6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR3RkaEhFOENEUjluZktGbmt2YXdXV0JySVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldKMA0G
CSqGSIb3DQEBCwUAA4IBAQBiqwwQAMTDTj3LyNoDZ4kPplPvXsQMtNmLWb6E0rI/
4w5TusFyYLE9ZCMcvd3IHNZjU9FhXPZsOTwK5gPVYI+v2iMRsjEkM2rwfPkn5ELb
AaAp3bQc4PbW4d/JfIMVY6vSunnyo/YFx3BoApHWutP4aw6OJiQj7eHD+dxUuWVk
oYBldXhSwjXOPkq6+QczYfguj+fLWeP9EH/b49rFpoj6Om9Q1CP4Oxt8KN8hEKmB
Css1m0yOrb5riiQrkaKOW+OYrYIfGbt7zUTUCjr1p1K1A/7BYevQuS9Vifcf1wGy
OQF4if0yMYcdFmcDOcTgoxNzey/GiwQdApbYmaE1Rd9r
-----END CERTIFICATE-----
Generated at Sat Dec 16 14:31:31 2023 by rpki-client on console-ams.rpki-client.org