Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I3MSlvO5dT_bbe6LAhvpUfhPigk.roa
File: I3MSlvO5dT_bbe6LAhvpUfhPigk.roa (raw, json)
Hash identifier: QofPF/sOHr/TxwCpOaLffBcqg6EOjHPaJ/RIVTUpGOk=
Subject key identifier: 23:73:12:96:F3:B9:75:3F:DB:6D:EE:8B:02:1B:E9:51:F8:4F:8A:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01887D922F06F0AFB09C9A082C27946D9200
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I3MSlvO5dT_bbe6LAhvpUfhPigk.roa
Signing time: Fri 02 Jun 2023 19:25:12 +0000
ROA not before: Fri 02 Jun 2023 19:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7411
IP address blocks: 194.58.155.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 16:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7d:92:2f:06:f0:af:b0:9c:9a:08:2c:27:94:6d:92:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 2 19:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23731296f3b9753fdb6dee8b021be951f84f8a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e5:f8:ca:f1:be:b6:58:ae:5e:96:d3:3d:8d:
42:a1:45:32:ed:fd:f5:3c:88:b7:c9:20:32:bf:13:
e9:49:d5:7b:e9:c4:53:82:36:e6:8e:3e:33:a8:40:
7c:fb:0a:35:6d:e9:df:12:f6:7a:c0:46:14:b4:c4:
2d:79:9b:6c:38:ed:58:70:dc:f4:41:4f:fd:a3:8a:
0b:d8:28:0c:5f:59:4f:29:c8:bc:74:dd:d4:a4:07:
c0:5a:52:e0:c7:d3:24:80:be:95:3f:5e:42:02:fc:
a1:13:62:95:3f:d3:17:21:64:63:24:37:39:84:6f:
ea:98:2e:59:c1:e0:65:73:6a:c0:82:26:41:ee:5f:
30:b7:9f:aa:c6:33:c3:4f:21:ce:8a:87:4f:f6:04:
d7:83:16:a0:ab:8c:c8:94:e0:3b:24:62:82:97:3b:
23:42:df:1b:05:1f:91:f6:3c:a1:55:7d:d5:3f:66:
20:a9:bc:06:53:8a:9d:f9:93:09:47:57:af:e6:4e:
17:2a:0d:47:45:36:d1:70:96:48:58:32:33:f4:45:
17:60:a8:bd:75:32:6e:d1:60:1d:dd:81:89:67:82:
58:b0:1f:bc:48:a8:3c:dd:a3:9b:30:fc:a4:0a:f4:
1a:2c:1b:db:7b:0d:aa:fb:01:20:c1:5f:eb:88:fa:
0c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:73:12:96:F3:B9:75:3F:DB:6D:EE:8B:02:1B:E9:51:F8:4F:8A:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I3MSlvO5dT_bbe6LAhvpUfhPigk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.155.0/24
194.87.63.0/24
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f5:d1:89:8a:3d:df:19:36:a7:b4:49:d6:79:df:49:91:00:
d2:8d:4b:89:28:fb:ec:99:25:6b:79:96:9d:ab:77:39:03:ad:
75:2e:79:ce:da:9b:f8:3b:d2:e4:d2:75:26:09:3e:4b:d1:24:
95:dd:be:ee:28:f3:83:47:af:05:dc:3f:9a:ad:56:73:12:f4:
80:c5:ee:01:1d:8a:9f:ef:e7:e5:2a:a3:2a:fc:54:5d:7d:72:
ea:b3:53:08:04:df:52:01:c6:05:22:ac:ff:b8:f2:c1:47:84:
58:42:ed:c7:e5:93:f5:5b:02:43:58:ae:14:fc:e2:4f:85:55:
01:8e:a8:06:db:7f:cd:3c:17:28:bf:0f:b7:30:66:aa:2e:81:
0a:13:7d:14:d7:2f:5c:30:1e:07:fb:da:2d:e9:15:ff:e6:f5:
04:32:7a:c1:2d:47:a4:09:87:27:81:7f:09:ed:01:29:78:ee:
c5:bb:53:f2:16:92:d2:21:f4:6a:51:4d:52:59:f6:9b:54:9d:
d9:e1:a7:29:df:47:40:47:4e:a9:a2:00:7c:10:cd:04:f8:7c:
39:71:fe:54:c6:96:21:b9:39:e6:af:d2:ec:70:f2:c8:a6:19:
01:27:50:2b:45:6c:15:39:d3:da:cb:2b:3b:4a:ae:b6:31:b8:
e4:83:f7:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh9ki8G8K+wnJoILCeUbZIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAyMTkyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzczMTI5NmYzYjk3NTNmZGI2ZGVlOGIwMjFiZTk1MWY4NGY4YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eX4yvG+tliuXpbTPY1CoUUy7f31
PIi3ySAyvxPpSdV76cRTgjbmjj4zqEB8+wo1benfEvZ6wEYUtMQteZtsOO1YcNz0
QU/9o4oL2CgMX1lPKci8dN3UpAfAWlLgx9MkgL6VP15CAvyhE2KVP9MXIWRjJDc5
hG/qmC5ZweBlc2rAgiZB7l8wt5+qxjPDTyHOiodP9gTXgxagq4zIlOA7JGKClzsj
Qt8bBR+R9jyhVX3VP2YgqbwGU4qd+ZMJR1ev5k4XKg1HRTbRcJZIWDIz9EUXYKi9
dTJu0WAd3YGJZ4JYsB+8SKg83aObMPykCvQaLBvbew2q+wEgwV/riPoM1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCNzEpbzuXU/223uiwIb6VH4T4oJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSTNNU2x2TzVkVF9iYmU2TEFodnBVZmhQaWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjqbAwQA
wlc/AwQAwzo6MA0GCSqGSIb3DQEBCwUAA4IBAQAc9dGJij3fGTantEnWed9JkQDS
jUuJKPvsmSVreZadq3c5A611LnnO2pv4O9Lk0nUmCT5L0SSV3b7uKPODR68F3D+a
rVZzEvSAxe4BHYqf7+flKqMq/FRdfXLqs1MIBN9SAcYFIqz/uPLBR4RYQu3H5ZP1
WwJDWK4U/OJPhVUBjqgG23/NPBcovw+3MGaqLoEKE30U1y9cMB4H+9ot6RX/5vUE
MnrBLUekCYcngX8J7QEpeO7Fu1PyFpLSIfRqUU1SWfabVJ3Z4acp30dAR06pogB8
EM0E+Hw5cf5UxpYhuTnmr9LscPLIphkBJ1ArRWwVOdPayys7Sq62Mbjkg/c6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org