Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KHazXAwZFNmIZfTFbf4PUsTJy7M.roa
File: KHazXAwZFNmIZfTFbf4PUsTJy7M.roa (raw, json)
Hash identifier: SZYxd5aD+Y5mOXibS144rKqfmz/jgNE/Hj5Q5oW0sKg=
Subject key identifier: 28:76:B3:5C:0C:19:14:D9:88:65:F4:C5:6D:FE:0F:52:C4:C9:CB:B3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67106794798E3835C2F43498B82A25
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KHazXAwZFNmIZfTFbf4PUsTJy7M.roa
Signing time: Sun 01 Jan 2023 22:15:03 +0000
ROA not before: Sun 01 Jan 2023 22:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210839
IP address blocks: 194.87.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Sep 2023 07:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:10:67:94:79:8e:38:35:c2:f4:34:98:b8:2a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2876b35c0c1914d98865f4c56dfe0f52c4c9cbb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4a:8b:29:ad:8b:a3:dc:59:96:3d:21:ab:e8:
ee:b7:e3:be:50:28:a6:48:cd:1c:08:ce:2f:76:ec:
a4:ff:99:09:e7:07:22:58:66:5c:4a:96:bc:db:21:
26:e2:4c:7f:53:1c:5d:c8:52:6c:9f:8e:72:8f:03:
c3:f6:58:26:4c:5c:9d:fe:4a:a2:85:00:ff:03:f3:
24:08:ca:15:5f:22:de:e0:c8:84:e4:48:55:35:cd:
a2:3b:14:cc:28:68:57:c5:bb:7a:33:63:e2:af:17:
00:59:bd:c2:06:8b:c5:77:8d:a4:2a:13:eb:27:29:
6a:79:48:92:ce:1b:33:8c:79:15:47:70:d2:ab:2d:
b4:8c:fb:43:d1:ec:73:d8:42:a2:19:bc:82:63:97:
df:ac:a9:21:5b:99:78:8a:1b:86:42:70:87:2a:5c:
93:c7:a1:81:83:b6:70:14:52:56:af:43:57:09:cf:
5c:3a:d5:b1:e5:13:06:dd:92:e5:52:23:64:67:77:
3c:a0:81:da:ed:15:74:40:fe:cc:57:49:eb:1d:db:
92:09:2b:d9:d1:b0:84:cd:e7:ad:27:8b:03:af:97:
4d:d4:af:88:53:a4:f0:fb:1b:b4:8a:b8:2d:a2:98:
55:4b:cf:88:1d:74:a4:7c:d1:5d:6c:94:f3:27:b6:
0d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:76:B3:5C:0C:19:14:D9:88:65:F4:C5:6D:FE:0F:52:C4:C9:CB:B3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KHazXAwZFNmIZfTFbf4PUsTJy7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.150.0/24
Signature Algorithm: sha256WithRSAEncryption
67:4c:c3:0f:02:2e:61:37:ea:42:80:d0:77:98:9c:35:34:79:
cd:8c:97:3a:7d:31:19:7e:a5:ee:c7:27:7a:f4:ec:67:00:04:
d7:c1:7a:44:1f:d1:43:8a:04:c0:91:58:80:df:37:39:05:c4:
41:20:45:fd:3a:87:bd:2e:30:6b:f1:42:05:7d:a3:e5:a3:a4:
14:08:67:86:fc:40:8b:33:b5:ba:e3:2b:bf:6d:48:62:05:a7:
0a:5e:61:fe:90:53:29:c2:e8:d3:d9:75:f8:b4:d2:c3:53:65:
42:ff:c7:14:31:de:9c:37:0d:90:93:f4:87:7c:38:8f:7e:e1:
92:6d:da:dd:ce:b5:c7:e5:ec:de:d9:f2:08:8a:67:0c:0f:40:
ed:3e:61:82:65:00:ba:35:5b:95:1f:88:e7:5f:69:3f:b3:b0:
2e:6b:cd:9e:a2:f9:81:ad:df:ce:d3:75:1d:22:71:15:e5:e4:
08:e4:d5:c5:68:76:b0:13:0a:49:b8:9d:d2:90:bc:c7:72:01:
1f:2c:ca:47:5a:0c:01:48:90:2d:17:88:49:95:ac:47:23:f5:
18:e9:a1:d5:8a:f7:62:c6:3c:4f:c6:30:db:db:9e:5f:86:c2:
ec:78:02:67:1e:a6:9d:ef:fb:26:e0:f2:93:97:de:3d:bd:b4:
c5:f7:e2:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZxBnlHmOODXC9DSYuColMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc2YjM1YzBjMTkxNGQ5ODg2NWY0YzU2ZGZlMGY1MmM0YzljYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0qLKa2Lo9xZlj0hq+jut+O+UCim
SM0cCM4vduyk/5kJ5wciWGZcSpa82yEm4kx/UxxdyFJsn45yjwPD9lgmTFyd/kqi
hQD/A/MkCMoVXyLe4MiE5EhVNc2iOxTMKGhXxbt6M2PirxcAWb3CBovFd42kKhPr
JylqeUiSzhszjHkVR3DSqy20jPtD0exz2EKiGbyCY5ffrKkhW5l4ihuGQnCHKlyT
x6GBg7ZwFFJWr0NXCc9cOtWx5RMG3ZLlUiNkZ3c8oIHa7RV0QP7MV0nrHduSCSvZ
0bCEzeetJ4sDr5dN1K+IU6Tw+xu0irgtophVS8+IHXSkfNFdbJTzJ7YNDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh2s1wMGRTZiGX0xW3+D1LEycuzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0hhelhBd1pGTm1JWmZURmJmNFBVc1RKeTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleWMA0G
CSqGSIb3DQEBCwUAA4IBAQBnTMMPAi5hN+pCgNB3mJw1NHnNjJc6fTEZfqXuxyd6
9OxnAATXwXpEH9FDigTAkViA3zc5BcRBIEX9Ooe9LjBr8UIFfaPlo6QUCGeG/ECL
M7W64yu/bUhiBacKXmH+kFMpwujT2XX4tNLDU2VC/8cUMd6cNw2Qk/SHfDiPfuGS
bdrdzrXH5eze2fIIimcMD0DtPmGCZQC6NVuVH4jnX2k/s7Aua82eovmBrd/O03Ud
InEV5eQI5NXFaHawEwpJuJ3SkLzHcgEfLMpHWgwBSJAtF4hJlaxHI/UY6aHVivdi
xjxPxjDb255fhsLseAJnHqad7/sm4PKTl949vbTF9+Ly
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org