Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IYZ0S6sb8PcjAeYp75u1_xuq9sw.roa
File: IYZ0S6sb8PcjAeYp75u1_xuq9sw.roa (raw, json)
Hash identifier: lSSIA9DX6c/GzRA+D2eue7G09A/1uypRcsi7iIqa6Q0=
Subject key identifier: 21:86:74:4B:AB:1B:F0:F7:23:01:E6:29:EF:9B:B5:FF:1B:AA:F6:CC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CB6115508915071FC63EF91AD21CDAF2E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IYZ0S6sb8PcjAeYp75u1_xuq9sw.roa
Signing time: Fri 29 Dec 2023 14:53:58 +0000
ROA not before: Fri 29 Dec 2023 14:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49418
IP address blocks: 194.87.228.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:11:55:08:91:50:71:fc:63:ef:91:ad:21:cd:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 29 14:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2186744bab1bf0f72301e629ef9bb5ff1baaf6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:77:ca:a9:6e:6f:81:2a:a0:57:f0:00:5b:61:
d3:48:de:1c:9e:64:21:d9:80:ec:ec:7c:a9:07:e8:
76:5d:e0:94:11:86:1d:04:13:18:20:20:a6:29:f1:
fa:f9:86:ed:d6:f6:8a:3a:36:1c:6e:e9:e9:e4:bd:
92:57:37:87:14:f1:db:69:df:17:9d:22:39:a0:30:
e8:00:6b:aa:f8:08:9e:5f:69:15:9e:57:0d:dc:97:
86:f7:d7:91:f5:88:17:72:50:4f:81:c2:46:b9:71:
70:82:4f:ef:92:1c:17:46:65:fe:e2:58:fd:3e:21:
7d:3a:40:04:ed:63:c4:f1:f5:08:99:6a:23:7e:91:
46:54:53:5f:5c:68:17:d5:42:61:b9:40:3f:4e:04:
36:77:29:06:d9:ee:c8:87:36:d0:9b:36:92:34:5c:
7d:46:96:ac:ad:16:31:f5:d7:2a:87:33:8c:a3:4b:
21:49:de:2d:36:63:da:51:62:4e:eb:22:58:bc:45:
4c:27:21:16:f5:7a:b2:53:3e:91:35:a5:50:6b:7d:
da:b5:eb:bb:02:8e:94:88:14:4d:6a:50:c3:99:79:
b7:39:5e:7d:f5:21:2d:a1:51:c8:1b:13:84:52:eb:
34:20:f7:d3:5a:3a:54:8b:0a:14:00:f2:74:c4:4a:
ef:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:86:74:4B:AB:1B:F0:F7:23:01:E6:29:EF:9B:B5:FF:1B:AA:F6:CC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IYZ0S6sb8PcjAeYp75u1_xuq9sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.228.0/24
212.192.250.0/24
212.192.255.0/24
Signature Algorithm: sha256WithRSAEncryption
90:5d:17:5c:8d:a7:4b:aa:f6:fc:94:fd:7d:fa:55:d3:a0:5b:
a5:cf:d1:10:fc:6c:3f:73:54:1c:ed:23:88:7c:d7:32:b3:ba:
08:e5:fe:bc:87:0d:78:92:25:c9:43:6a:a4:47:0d:ac:cd:bc:
2d:00:ee:e9:9f:44:06:c1:3e:42:56:cc:8e:dc:9e:27:d0:9a:
36:ab:45:ae:04:a1:b3:ae:f4:26:50:10:d3:88:4c:d7:e6:40:
c6:90:7d:63:81:7f:09:99:ad:a5:4c:ce:de:1a:1b:5c:d2:79:
cf:b9:01:8f:2c:b8:f2:78:04:41:3c:19:95:95:66:a6:c3:4e:
00:29:9e:3f:b3:5b:ba:45:d9:ec:00:00:de:c9:70:3e:6b:d9:
85:a5:e6:a2:c9:26:e7:87:1f:74:62:ba:43:a4:b2:be:17:bd:
f6:34:ed:f2:97:82:d6:4e:e0:a0:9e:32:ed:f3:a5:f2:44:85:
ff:63:f3:ad:2e:5f:91:84:87:f0:92:89:b6:a5:e6:e4:04:fd:
7a:87:b3:9c:f0:11:54:e8:4a:28:e9:ef:20:62:dd:bd:a9:81:
14:bf:29:db:79:15:38:51:20:fc:d3:a4:bf:74:78:45:6f:a8:
17:0c:3d:08:02:2a:6b:26:78:87:19:15:5e:78:f8:b5:59:93:
a1:72:15:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYy2EVUIkVBx/GPvka0hza8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI5MTQ1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg2NzQ0YmFiMWJmMGY3MjMwMWU2MjllZjliYjVmZjFiYWFmNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3fKqW5vgSqgV/AAW2HTSN4cnmQh
2YDs7HypB+h2XeCUEYYdBBMYICCmKfH6+Ybt1vaKOjYcbunp5L2SVzeHFPHbad8X
nSI5oDDoAGuq+AieX2kVnlcN3JeG99eR9YgXclBPgcJGuXFwgk/vkhwXRmX+4lj9
PiF9OkAE7WPE8fUImWojfpFGVFNfXGgX1UJhuUA/TgQ2dykG2e7IhzbQmzaSNFx9
RpasrRYx9dcqhzOMo0shSd4tNmPaUWJO6yJYvEVMJyEW9XqyUz6RNaVQa33ateu7
Ao6UiBRNalDDmXm3OV599SEtoVHIGxOEUus0IPfTWjpUiwoUAPJ0xErv5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCGGdEurG/D3IwHmKe+btf8bqvbMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSVlaMFM2c2I4UGNqQWVZcDc1dTFfeHVxOXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlfkAwQA
1MD6AwQA1MD/MA0GCSqGSIb3DQEBCwUAA4IBAQCQXRdcjadLqvb8lP19+lXToFul
z9EQ/Gw/c1Qc7SOIfNcys7oI5f68hw14kiXJQ2qkRw2szbwtAO7pn0QGwT5CVsyO
3J4n0Jo2q0WuBKGzrvQmUBDTiEzX5kDGkH1jgX8Jma2lTM7eGhtc0nnPuQGPLLjy
eARBPBmVlWamw04AKZ4/s1u6RdnsAADeyXA+a9mFpeaiySbnhx90YrpDpLK+F732
NO3yl4LWTuCgnjLt86XyRIX/Y/OtLl+RhIfwkom2pebkBP16h7Oc8BFU6Eoo6e8g
Yt29qYEUvynbeRU4USD806S/dHhFb6gXDD0IAiprJniHGRVeePi1WZOhchXR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org