Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JajHrVBPlkCZ4BjD50lz7stTbMs.roa
File: JajHrVBPlkCZ4BjD50lz7stTbMs.roa (raw, json)
Hash identifier: jqCURrxfoDUCjZHYzKXCZ9RthMs9abLeSeZsMaFI+hw=
Subject key identifier: 25:A8:C7:AD:50:4F:96:40:99:E0:18:C3:E7:49:73:EE:CB:53:6C:CB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC6D25E8D84F88949F1C69A0AB94D7704
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JajHrVBPlkCZ4BjD50lz7stTbMs.roa
Signing time: Mon 13 Nov 2023 03:55:57 +0000
ROA not before: Mon 13 Nov 2023 03:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400899
IP address blocks: 194.87.128.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 03:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c6:d2:5e:8d:84:f8:89:49:f1:c6:9a:0a:b9:4d:77:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 03:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a8c7ad504f964099e018c3e74973eecb536ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:03:6b:a7:79:55:70:7f:77:fb:6f:7a:c6:76:
29:7a:80:61:7f:9b:4a:42:40:57:9d:6d:65:b4:e5:
84:0f:42:e1:ef:bf:14:67:0b:d3:18:7c:b8:04:78:
57:ab:b8:b2:bc:79:e7:11:2a:10:4c:92:d8:cc:12:
a3:39:3c:93:09:c3:21:f7:41:e8:c1:6c:9e:ca:34:
b7:4e:fc:3e:68:2f:c7:e5:f7:1f:07:da:f2:c0:58:
38:f2:68:c9:96:04:2a:57:93:e6:c4:c2:f2:c3:c1:
db:22:73:ee:e6:11:4e:c5:66:98:2c:2e:03:c7:b2:
9b:32:6a:51:24:6d:f5:02:ad:32:f2:f8:69:56:ca:
10:d3:4d:df:13:79:bf:e8:ed:c2:46:34:8d:e2:48:
d3:e7:8e:40:dc:5f:7b:3e:2c:23:c4:ac:c4:cf:f0:
53:04:fe:9a:83:ba:23:cc:56:39:8f:4a:7f:54:93:
79:32:ed:19:72:4a:2e:9a:58:0c:9e:17:87:67:98:
46:ce:ae:83:d7:b9:10:70:0b:a5:42:7b:a7:c7:6e:
f0:23:5a:f5:ba:f9:3e:a9:00:90:66:69:09:5c:f2:
3f:32:48:3e:ba:83:ad:91:a9:d3:a9:47:ef:08:f0:
65:6f:d5:22:1d:85:04:51:34:b3:2d:86:b5:93:f1:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A8:C7:AD:50:4F:96:40:99:E0:18:C3:E7:49:73:EE:CB:53:6C:CB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JajHrVBPlkCZ4BjD50lz7stTbMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.128.0/24
195.58.60.0/24
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:80:c8:53:4b:41:3d:a3:a7:c7:3a:fc:8e:2b:70:b4:59:21:
30:ff:a3:ca:59:20:47:e3:24:f2:d4:89:f4:54:ad:ea:0f:37:
f9:93:a4:33:4b:0a:25:54:99:41:18:33:db:cd:a9:3e:4a:94:
1d:90:ab:c8:88:45:64:a8:5e:e1:cd:8e:0c:48:4d:21:2e:aa:
81:09:62:54:dc:38:72:cc:e8:a2:f3:b1:c2:1f:9f:be:54:21:
2e:e2:7b:a1:dc:ea:77:9a:53:8d:7a:02:63:87:36:09:27:a5:
f8:8d:9e:ea:a4:72:ff:6d:a2:95:95:10:1d:d1:30:cc:ab:56:
f8:69:1f:1b:0f:df:43:6d:b1:2f:11:bc:0c:bd:0e:88:34:80:
3b:3d:be:12:b6:75:83:0a:43:93:32:5a:60:d6:a5:f9:07:53:
0c:cc:79:ee:5e:a4:da:8a:34:42:fa:3e:0f:15:8e:96:9c:f7:
d9:fc:d8:87:ce:ca:7b:96:9b:11:f4:c1:d9:d9:04:73:84:08:
42:65:3c:09:ff:7f:6c:e5:b6:84:aa:ae:b0:df:70:78:da:f3:
91:7c:98:16:aa:87:54:b3:20:e9:37:40:32:cc:e5:64:af:ec:
7c:af:b6:9a:10:b1:3b:0d:31:fe:a2:ba:fa:42:83:75:6d:6f:
59:f9:8a:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvG0l6NhPiJSfHGmgq5TXcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMDM1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE4YzdhZDUwNGY5NjQwOTllMDE4YzNlNzQ5NzNlZWNiNTM2Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QNrp3lVcH93+296xnYpeoBhf5tK
QkBXnW1ltOWED0Lh778UZwvTGHy4BHhXq7iyvHnnESoQTJLYzBKjOTyTCcMh90Ho
wWyeyjS3Tvw+aC/H5fcfB9rywFg48mjJlgQqV5PmxMLyw8HbInPu5hFOxWaYLC4D
x7KbMmpRJG31Aq0y8vhpVsoQ003fE3m/6O3CRjSN4kjT545A3F97PiwjxKzEz/BT
BP6ag7ojzFY5j0p/VJN5Mu0ZckoumlgMnheHZ5hGzq6D17kQcAulQnunx27wI1r1
uvk+qQCQZmkJXPI/Mkg+uoOtkanTqUfvCPBlb9UiHYUEUTSzLYa1k/HmcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCWox61QT5ZAmeAYw+dJc+7LU2zLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSmFqSHJWQlBsa0NaNEJqRDUwbHo3c3RUYk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwleAAwQA
wzo8AwQAw4UYMA0GCSqGSIb3DQEBCwUAA4IBAQBugMhTS0E9o6fHOvyOK3C0WSEw
/6PKWSBH4yTy1In0VK3qDzf5k6QzSwolVJlBGDPbzak+SpQdkKvIiEVkqF7hzY4M
SE0hLqqBCWJU3DhyzOii87HCH5++VCEu4nuh3Op3mlONegJjhzYJJ6X4jZ7qpHL/
baKVlRAd0TDMq1b4aR8bD99DbbEvEbwMvQ6INIA7Pb4StnWDCkOTMlpg1qX5B1MM
zHnuXqTaijRC+j4PFY6WnPfZ/NiHzsp7lpsR9MHZ2QRzhAhCZTwJ/39s5baEqq6w
33B42vORfJgWqodUsyDpN0AyzOVkr+x8r7aaELE7DTH+orr6QoN1bW9Z+Yol
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org