Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hj648A-9DJvnTqN--hyNoTFvNAk.roa
File: Hj648A-9DJvnTqN--hyNoTFvNAk.roa (raw, json)
Hash identifier: HzgCDDP6/E0bUo1iZliHruP1sAg6IfuoPFlXUJpuZas=
Subject key identifier: 1E:3E:B8:F0:0F:BD:0C:9B:E7:4E:A3:7E:FA:1C:8D:A1:31:6F:34:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A8017B7FD31D78A22BEF279AC192416AA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hj648A-9DJvnTqN--hyNoTFvNAk.roa
Signing time: Sun 10 Sep 2023 17:15:52 +0000
ROA not before: Sun 10 Sep 2023 17:15:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.170.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:17:b7:fd:31:d7:8a:22:be:f2:79:ac:19:24:16:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 10 17:15:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e3eb8f00fbd0c9be74ea37efa1c8da1316f3409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:f2:c8:85:b8:4c:6a:74:f5:93:52:92:5a:
ed:a5:74:18:31:4a:d2:fa:91:b5:24:23:9d:57:90:
13:07:41:00:f1:82:4c:df:98:72:ed:4b:06:d3:f0:
bd:28:13:b5:14:ea:73:79:c8:51:25:fa:36:75:65:
f2:00:b0:b9:d0:25:28:42:58:af:1e:de:21:af:53:
b7:54:57:37:3b:10:6d:5e:24:22:89:bb:e1:92:4c:
42:f3:54:0d:6d:f5:74:71:ba:fc:36:a8:10:21:f2:
a4:4e:44:9d:b1:66:17:46:ae:32:72:6c:7a:55:e4:
5a:b2:17:8b:48:f7:db:9e:cd:7d:a5:9e:91:2f:98:
db:46:17:03:f7:27:6c:6a:38:94:7b:62:c3:f8:50:
c4:26:39:6e:7c:b1:cb:9c:1c:06:ee:46:3f:54:e0:
30:94:28:89:56:b1:ae:ee:5d:bc:17:f4:68:67:43:
9f:07:b6:e2:16:f7:ca:99:a4:89:90:92:98:61:3e:
57:5e:15:ed:0b:e4:ff:46:64:d5:ae:19:7d:44:7b:
f0:9d:17:2e:bf:0d:77:74:ee:0a:51:c3:58:56:4f:
49:4e:50:e9:66:36:75:ed:89:d6:a6:83:de:61:f0:
6b:9c:75:10:06:8e:15:6f:93:f7:fb:82:f4:e1:52:
cd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3E:B8:F0:0F:BD:0C:9B:E7:4E:A3:7E:FA:1C:8D:A1:31:6F:34:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hj648A-9DJvnTqN--hyNoTFvNAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.170.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c4:99:0b:8c:e1:d6:7d:b8:f1:2e:db:a5:e7:e0:42:f2:6b:
a9:5d:b4:13:6e:67:67:20:76:86:f9:52:7d:b1:01:c2:a7:32:
18:36:b2:74:3f:1c:5c:a7:19:76:f2:ac:54:f9:d5:76:ac:a0:
26:dd:60:c1:11:b8:bf:b5:c4:4e:c8:92:7c:c9:fa:e8:ef:0b:
3d:23:d5:4f:d1:e1:a9:81:3b:ca:cb:3b:b9:df:61:a0:93:42:
6f:97:b8:56:43:db:6a:2e:36:8f:cd:15:de:da:81:10:c3:3b:
1f:a4:3d:91:91:fe:8e:11:13:ad:f0:61:88:48:38:ee:94:2b:
55:db:1e:01:fd:08:17:52:89:6c:e1:6e:52:53:84:8b:49:a3:
e4:46:d3:cc:7a:a8:26:c5:71:a7:06:1b:e8:b6:de:21:74:e6:
b4:eb:86:af:5b:ed:5c:8d:d3:b4:1b:18:68:68:b2:7d:08:dc:
f4:a7:07:e8:53:c1:9c:ff:ab:43:57:9f:28:33:11:e4:ce:80:
88:42:1f:8e:ac:d4:30:ae:b2:33:2e:e7:e6:14:67:d0:59:f6:
18:b3:f4:5e:0d:69:fe:bd:d5:05:de:06:3e:64:24:9b:f4:e8:
a4:3e:21:e8:d9:33:8b:e5:d1:bf:79:0d:f4:6f:9c:01:67:5d:
d3:6a:20:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqAF7f9MdeKIr7yeawZJBaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTEwMTcxNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNlYjhmMDBmYmQwYzliZTc0ZWEzN2VmYTFjOGRhMTMxNmYzNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsifyyIW4TGp09ZNSklrtpXQYMUrS
+pG1JCOdV5ATB0EA8YJM35hy7UsG0/C9KBO1FOpzechRJfo2dWXyALC50CUoQliv
Ht4hr1O3VFc3OxBtXiQiibvhkkxC81QNbfV0cbr8NqgQIfKkTkSdsWYXRq4ycmx6
VeRasheLSPfbns19pZ6RL5jbRhcD9ydsajiUe2LD+FDEJjlufLHLnBwG7kY/VOAw
lCiJVrGu7l28F/RoZ0OfB7biFvfKmaSJkJKYYT5XXhXtC+T/RmTVrhl9RHvwnRcu
vw13dO4KUcNYVk9JTlDpZjZ17YnWpoPeYfBrnHUQBo4Vb5P3+4L04VLNtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4+uPAPvQyb506jfvocjaExbzQJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSGo2NDhBLTlESnZuVHFOLS1oeU5vVEZ2TkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXxfAwQA
wleqMA0GCSqGSIb3DQEBCwUAA4IBAQB4xJkLjOHWfbjxLtul5+BC8mupXbQTbmdn
IHaG+VJ9sQHCpzIYNrJ0Pxxcpxl28qxU+dV2rKAm3WDBEbi/tcROyJJ8yfro7ws9
I9VP0eGpgTvKyzu532Ggk0Jvl7hWQ9tqLjaPzRXe2oEQwzsfpD2Rkf6OEROt8GGI
SDjulCtV2x4B/QgXUols4W5SU4SLSaPkRtPMeqgmxXGnBhvott4hdOa064avW+1c
jdO0GxhoaLJ9CNz0pwfoU8Gc/6tDV58oMxHkzoCIQh+OrNQwrrIzLufmFGfQWfYY
s/ReDWn+vdUF3gY+ZCSb9OikPiHo2TOL5dG/eQ30b5wBZ13TaiBj
-----END CERTIFICATE-----
Generated at Fri Sep 22 11:33:12 2023 by rpki-client on console-ams.rpki-client.org