Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I8yc1901A7o6X-8RT9DPsN6z1Vo.roa
File: I8yc1901A7o6X-8RT9DPsN6z1Vo.roa (raw, json)
Hash identifier: 7xbV2g9/Ph+Wn54lYM+cMpCrHLlDX5lnDM3poF+GwkE=
Subject key identifier: 23:CC:9C:D7:DD:35:03:BA:3A:5F:EF:11:4F:D0:CF:B0:DE:B3:D5:5A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7862BC5149138C7D59495B0749F6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I8yc1901A7o6X-8RT9DPsN6z1Vo.roa
Signing time: Tue 02 Jan 2024 12:33:50 +0000
ROA not before: Tue 02 Jan 2024 12:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49127
IP address blocks: 194.58.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 09:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:78:62:bc:51:49:13:8c:7d:59:49:5b:07:49:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23cc9cd7dd3503ba3a5fef114fd0cfb0deb3d55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:61:a5:6f:8d:28:80:9f:00:df:7b:62:5e:
a5:9f:48:a7:8d:e8:ad:ff:f6:3d:8e:b1:71:2a:5a:
af:bb:b9:ea:ee:c4:e9:f9:e5:78:1a:d7:84:a6:e5:
54:fb:c7:ea:46:74:ed:be:5b:b4:2e:27:a7:89:75:
0a:52:11:ab:75:79:54:49:e1:66:cf:94:d1:2b:9a:
49:e9:d4:d6:f9:3f:ad:a0:08:3e:3f:db:6b:c0:db:
80:87:0a:42:3e:e7:21:b7:b5:3a:20:ab:a9:43:2c:
e0:6f:e0:87:e2:4d:b6:fd:b9:9c:fa:31:65:88:19:
a0:08:b9:4a:36:c2:47:fd:9c:8e:c3:58:e2:d5:06:
d2:6c:a4:04:5d:e9:ba:26:e7:83:17:92:52:6a:9d:
a8:6c:a1:42:60:17:1d:89:5f:b9:34:74:4e:77:86:
ec:91:9f:2e:e4:4b:ba:d2:9b:6e:26:62:21:a7:3d:
e5:1f:da:27:e6:50:e6:e8:8a:76:d9:44:de:24:50:
9e:09:2b:d0:9e:b1:3e:aa:bc:92:0e:08:df:e4:78:
25:97:93:a2:61:9f:22:70:7e:18:b2:3d:32:8b:39:
a9:8b:c6:41:e0:31:d0:14:f2:57:cc:62:54:2a:1f:
7a:61:07:55:82:7a:6e:ba:f0:ac:14:aa:cc:48:f8:
f9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CC:9C:D7:DD:35:03:BA:3A:5F:EF:11:4F:D0:CF:B0:DE:B3:D5:5A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I8yc1901A7o6X-8RT9DPsN6z1Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e9:d4:96:7b:e6:2b:d3:15:aa:e0:77:1b:b1:52:88:9c:43:
c0:c0:7c:88:11:f5:75:af:b9:b1:be:9a:5b:43:29:ab:b4:1e:
18:67:50:74:67:42:fb:ff:96:2a:c1:a3:f7:51:d2:71:6b:65:
69:9b:16:30:ca:bd:bd:1d:6d:58:c7:ac:be:d9:2f:af:3d:22:
be:54:ae:d7:9f:71:31:dc:b7:09:3b:03:e8:0c:ee:01:5d:d6:
8f:78:f7:ff:90:b0:4c:e7:d7:ca:e8:d0:71:1d:f1:4d:cf:df:
92:24:bf:82:60:3a:6d:08:20:4b:97:72:69:f3:60:e6:61:43:
c2:e4:12:ea:7a:bc:98:b0:8a:55:92:4d:ed:3a:e1:30:cc:14:
29:02:60:44:cd:ba:94:f7:da:1d:d8:01:ff:6c:e5:8d:8d:d0:
1b:95:99:92:4f:a2:c8:cc:97:12:4a:be:ac:dd:2a:89:23:db:
12:7e:c1:48:ef:9b:d7:05:f8:a8:e9:c5:07:56:4d:ea:e7:3f:
c3:4e:8b:b7:7c:85:d8:f3:9c:a6:5e:c7:62:e5:9d:19:17:29:
9b:86:bb:af:63:92:e1:32:d0:bb:ef:af:77:1c:66:16:cd:bc:
90:4f:56:3c:28:4e:42:4b:d4:0b:4c:e6:48:7a:58:6c:29:d7:
a0:bf:a9:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnhivFFJE4x9WUlbB0n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NjOWNkN2RkMzUwM2JhM2E1ZmVmMTE0ZmQwY2ZiMGRlYjNkNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobNhpW+NKICfAN97Yl6ln0injeit
//Y9jrFxKlqvu7nq7sTp+eV4GteEpuVU+8fqRnTtvlu0LieniXUKUhGrdXlUSeFm
z5TRK5pJ6dTW+T+toAg+P9trwNuAhwpCPucht7U6IKupQyzgb+CH4k22/bmc+jFl
iBmgCLlKNsJH/ZyOw1ji1QbSbKQEXem6JueDF5JSap2obKFCYBcdiV+5NHROd4bs
kZ8u5Eu60ptuJmIhpz3lH9on5lDm6Ip22UTeJFCeCSvQnrE+qrySDgjf5Hgll5Oi
YZ8icH4Ysj0yizmpi8ZB4DHQFPJXzGJUKh96YQdVgnpuuvCsFKrMSPj5xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPMnNfdNQO6Ol/vEU/Qz7Des9VaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSTh5YzE5MDFBN282WC04UlQ5RFBzTjZ6MVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjotMA0G
CSqGSIb3DQEBCwUAA4IBAQBO6dSWe+Yr0xWq4HcbsVKInEPAwHyIEfV1r7mxvppb
QymrtB4YZ1B0Z0L7/5YqwaP3UdJxa2VpmxYwyr29HW1Yx6y+2S+vPSK+VK7Xn3Ex
3LcJOwPoDO4BXdaPePf/kLBM59fK6NBxHfFNz9+SJL+CYDptCCBLl3Jp82DmYUPC
5BLqeryYsIpVkk3tOuEwzBQpAmBEzbqU99od2AH/bOWNjdAblZmST6LIzJcSSr6s
3SqJI9sSfsFI75vXBfio6cUHVk3q5z/DTou3fIXY85ymXsdi5Z0ZFymbhruvY5Lh
MtC77693HGYWzbyQT1Y8KE5CS9QLTOZIelhsKdegv6lU
-----END CERTIFICATE-----
Generated at Sat May 11 10:15:22 2024 by rpki-client on console-ams.rpki-client.org