Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HEJO8OWHq35mwecGZnoVDVtcpDM.roa
File: HEJO8OWHq35mwecGZnoVDVtcpDM.roa (raw, json)
Hash identifier: 4zWpTMouBOF2gy6TnDDnk+ttNTRlwXqEvMMaZ+2Dvtc=
Subject key identifier: 1C:42:4E:F0:E5:87:AB:7E:66:C1:E7:06:66:7A:15:0D:5B:5C:A4:33
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F566912A73FF51E1B1D11EF470C6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HEJO8OWHq35mwecGZnoVDVtcpDM.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f5:66:91:2a:73:ff:51:e1:b1:d1:1e:f4:70:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c424ef0e587ab7e66c1e706667a150d5b5ca433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:91:d0:37:56:b4:f9:f4:8e:f8:e5:b6:88:08:
83:48:db:ef:ef:62:d2:ca:7f:92:9f:04:94:54:50:
97:9f:27:d6:68:84:9a:b3:2f:24:f7:6d:62:fa:d2:
e0:78:2d:3b:16:14:59:a1:ca:2c:7b:27:34:02:d0:
41:58:df:61:07:c4:98:0a:2e:9d:ad:84:cb:a8:30:
48:46:95:5a:7b:64:0c:1d:2e:8c:58:1b:63:4c:04:
dd:42:0e:0c:00:83:0d:57:6e:ba:84:55:9a:78:50:
97:ae:13:08:d6:c5:9e:9d:57:52:53:7e:ad:b0:9d:
fb:6d:16:a7:c7:68:9d:a7:a3:c7:81:07:76:b1:a4:
2e:45:75:00:5c:88:ed:d6:cc:0a:d5:f2:34:37:fb:
de:87:39:13:d0:da:2d:33:42:66:56:91:44:d5:d6:
31:ed:ae:f2:fd:25:50:b6:35:c4:b4:42:03:3e:05:
0e:83:0c:0f:90:84:e2:7f:69:7f:8b:53:2e:01:6e:
69:36:21:0c:75:8f:ee:55:86:af:e7:aa:e8:f1:53:
be:1c:42:6e:40:1d:88:4c:ff:59:5d:23:13:dc:23:
4d:3a:5d:44:86:2b:49:fb:15:2f:42:6c:31:50:86:
ac:a0:84:d3:b1:63:4f:3b:ee:a0:16:a4:b1:6d:50:
47:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:42:4E:F0:E5:87:AB:7E:66:C1:E7:06:66:7A:15:0D:5B:5C:A4:33
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HEJO8OWHq35mwecGZnoVDVtcpDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.52.0/24
194.87.54.0/24
Signature Algorithm: sha256WithRSAEncryption
28:67:45:08:c0:49:0d:ca:13:67:42:ab:63:aa:bc:dc:67:b4:
a8:29:5d:e4:85:12:b9:56:70:21:a9:0c:1d:fc:d7:e9:45:92:
79:50:a9:94:2e:79:09:60:8f:cc:b6:ef:22:ee:8d:69:f2:85:
c3:1c:e1:8a:0a:18:67:3f:e3:fb:d5:57:26:7e:6c:d4:6e:87:
68:f8:94:9d:16:14:df:80:65:1e:b9:47:cc:3e:87:a4:c5:b4:
75:cc:8d:20:3e:94:79:03:24:0c:81:60:95:c1:80:09:f1:5c:
a9:a5:c9:a1:7b:00:ba:e7:d1:28:26:24:6b:e7:47:08:b0:ec:
8f:6f:ea:d6:73:f6:3d:41:72:81:36:01:2f:ad:4a:26:5c:ef:
fa:f5:54:4e:7c:4b:97:59:c8:82:38:19:53:4c:ea:28:c3:91:
f4:c1:2e:cb:36:98:6b:a4:af:62:7d:37:b2:3a:e0:28:ad:8b:
8e:97:b7:6b:6d:91:7e:82:94:84:b0:63:af:37:c2:48:8a:8b:
d3:51:64:61:df:28:d1:8e:15:e2:ce:9e:bb:8d:27:f4:e2:bc:
a2:65:0d:54:7b:7a:b3:d7:51:98:ca:03:64:f6:4c:c2:04:7a:
ea:63:ce:60:df:73:69:9f:19:da:88:79:c6:3c:1d:cc:02:22:
64:fb:4e:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvVmkSpz/1HhsdEe9HDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQyNGVmMGU1ODdhYjdlNjZjMWU3MDY2NjdhMTUwZDViNWNhNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZHQN1a0+fSO+OW2iAiDSNvv72LS
yn+SnwSUVFCXnyfWaISasy8k921i+tLgeC07FhRZocoseyc0AtBBWN9hB8SYCi6d
rYTLqDBIRpVae2QMHS6MWBtjTATdQg4MAIMNV266hFWaeFCXrhMI1sWenVdSU36t
sJ37bRanx2idp6PHgQd2saQuRXUAXIjt1swK1fI0N/vehzkT0NotM0JmVpFE1dYx
7a7y/SVQtjXEtEIDPgUOgwwPkITif2l/i1MuAW5pNiEMdY/uVYav56ro8VO+HEJu
QB2ITP9ZXSMT3CNNOl1EhitJ+xUvQmwxUIasoITTsWNPO+6gFqSxbVBHTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBxCTvDlh6t+ZsHnBmZ6FQ1bXKQzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSEVKTzhPV0hxMzVtd2VjR1pub1ZEVnRjcERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlc0AwQA
wlc2MA0GCSqGSIb3DQEBCwUAA4IBAQAoZ0UIwEkNyhNnQqtjqrzcZ7SoKV3khRK5
VnAhqQwd/NfpRZJ5UKmULnkJYI/Mtu8i7o1p8oXDHOGKChhnP+P71VcmfmzUbodo
+JSdFhTfgGUeuUfMPoekxbR1zI0gPpR5AyQMgWCVwYAJ8VyppcmhewC659EoJiRr
50cIsOyPb+rWc/Y9QXKBNgEvrUomXO/69VROfEuXWciCOBlTTOoow5H0wS7LNphr
pK9ifTeyOuAorYuOl7drbZF+gpSEsGOvN8JIiovTUWRh3yjRjhXizp67jSf04ryi
ZQ1Ue3qz11GYygNk9kzCBHrqY85g33NpnxnaiHnGPB3MAiJk+07a
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org