Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KLjbZ6N_xZPBSPVhzb_y7Rx2fOQ.roa
File: KLjbZ6N_xZPBSPVhzb_y7Rx2fOQ.roa (raw, json)
Hash identifier: B6OkfH/VUMQlmUGwzj7HMMRvIJGtINBM/gxXn9Ttnys=
Subject key identifier: 28:B8:DB:67:A3:7F:C5:93:C1:48:F5:61:CD:BF:F2:ED:1C:76:7C:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192FBF8D002CBBA5BD8E1F4F8A6A29B5264
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KLjbZ6N_xZPBSPVhzb_y7Rx2fOQ.roa
Signing time: Tue 05 Nov 2024 10:57:20 +0000
ROA not before: Tue 05 Nov 2024 10:57:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215238
IP address blocks: 194.87.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 10:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:f8:d0:02:cb:ba:5b:d8:e1:f4:f8:a6:a2:9b:52:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 5 10:57:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28b8db67a37fc593c148f561cdbff2ed1c767ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:f0:a4:28:27:7f:f7:13:ad:e7:ca:1d:9e:
22:3a:0d:7d:53:ac:f8:50:49:12:28:0b:fb:64:79:
45:e9:e3:ad:82:3d:06:5d:39:c5:f0:6b:ef:34:ce:
3d:e3:db:73:ca:63:49:4e:9c:0a:2a:8e:4e:9f:3f:
fe:43:43:00:22:f3:89:9b:75:91:ab:44:03:db:94:
d9:f8:31:14:2a:c8:b0:2d:e4:58:58:39:0b:42:ad:
8d:23:b6:3b:4d:be:79:47:15:f9:3d:1e:77:67:90:
3c:05:95:79:17:47:53:e3:ac:21:66:f9:0c:bb:18:
73:c2:7a:9d:bd:9d:83:d9:b5:d8:08:01:82:22:d8:
d9:d1:a8:10:86:14:0f:97:eb:79:11:e9:7b:a0:43:
9a:05:5b:f0:b9:18:c9:b1:f9:cb:f1:79:11:8f:fd:
cb:7c:93:e0:fc:16:a1:89:b7:f3:1e:c8:4c:da:d1:
cb:88:73:b4:96:be:9a:92:84:fa:7e:18:1a:38:52:
e9:91:3f:25:2e:c1:1d:ff:b4:5c:ff:d1:cd:12:3a:
18:c0:24:af:72:e9:47:af:25:be:2c:e2:aa:be:7b:
09:15:21:6e:ca:5d:18:53:19:f4:ad:7e:0c:63:a2:
1f:f4:d0:4c:be:c4:a7:02:95:62:a9:1e:15:a2:85:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B8:DB:67:A3:7F:C5:93:C1:48:F5:61:CD:BF:F2:ED:1C:76:7C:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KLjbZ6N_xZPBSPVhzb_y7Rx2fOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.23.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:44:60:79:5f:f9:27:b6:c5:b4:aa:9f:00:14:89:29:27:11:
e6:88:e6:22:1f:22:b4:14:5d:54:99:8f:17:0a:88:12:94:7e:
ea:b3:48:9f:2c:00:35:e2:35:42:ac:d3:26:bc:6d:63:8f:02:
82:d9:10:ba:c3:03:5f:15:ef:f2:bd:4d:bf:3d:05:94:09:88:
78:2d:f3:30:62:5b:2f:56:ce:e8:28:ce:e4:08:84:40:3c:7b:
72:0f:81:84:d1:3c:4b:bd:aa:61:20:f9:a2:f3:ef:2d:3f:76:
0f:0a:e5:12:95:10:c0:b9:5a:68:9b:84:0f:3d:ad:b1:ce:c5:
6a:0a:8f:a1:e8:89:36:69:2f:4e:11:8a:79:d6:31:83:e6:68:
d3:2d:a6:bc:33:8a:86:6b:2e:1c:46:4c:26:a3:9d:e9:20:04:
a0:52:2e:79:68:30:cc:ad:62:1e:e1:e7:4f:65:0c:f7:f6:e5:
be:18:2f:f2:9d:24:76:10:ca:e8:7b:1a:1c:9d:9e:bb:1c:24:
f0:d6:bd:d2:70:d9:19:7a:f6:52:68:80:cd:12:8d:a6:f1:b2:
a2:f5:9d:39:32:eb:a8:57:8e:aa:98:72:83:33:cb:b2:0a:78:
f5:b3:56:a2:af:dc:63:44:16:f0:7f:f4:fe:5b:ba:6c:c5:fb:
27:a8:cb:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL7+NACy7pb2OH0+Kaim1JkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA1MTA1NzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI4ZGI2N2EzN2ZjNTkzYzE0OGY1NjFjZGJmZjJlZDFjNzY3Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNPwpCgnf/cTrefKHZ4iOg19U6z4
UEkSKAv7ZHlF6eOtgj0GXTnF8GvvNM4949tzymNJTpwKKo5Onz/+Q0MAIvOJm3WR
q0QD25TZ+DEUKsiwLeRYWDkLQq2NI7Y7Tb55RxX5PR53Z5A8BZV5F0dT46whZvkM
uxhzwnqdvZ2D2bXYCAGCItjZ0agQhhQPl+t5Eel7oEOaBVvwuRjJsfnL8XkRj/3L
fJPg/BahibfzHshM2tHLiHO0lr6akoT6fhgaOFLpkT8lLsEd/7Rc/9HNEjoYwCSv
culHryW+LOKqvnsJFSFuyl0YUxn0rX4MY6If9NBMvsSnApViqR4VooVS9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCi422ejf8WTwUj1Yc2/8u0cdnzkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0xqYlo2Tl94WlBCU1BWaHpiX3k3UngyZk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcXMA0G
CSqGSIb3DQEBCwUAA4IBAQBaRGB5X/kntsW0qp8AFIkpJxHmiOYiHyK0FF1UmY8X
CogSlH7qs0ifLAA14jVCrNMmvG1jjwKC2RC6wwNfFe/yvU2/PQWUCYh4LfMwYlsv
Vs7oKM7kCIRAPHtyD4GE0TxLvaphIPmi8+8tP3YPCuUSlRDAuVpom4QPPa2xzsVq
Co+h6Ik2aS9OEYp51jGD5mjTLaa8M4qGay4cRkwmo53pIASgUi55aDDMrWIe4edP
ZQz39uW+GC/ynSR2EMroexocnZ67HCTw1r3ScNkZevZSaIDNEo2m8bKi9Z05Muuo
V46qmHKDM8uyCnj1s1air9xjRBbwf/T+W7psxfsnqMuG
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:12 2025 by rpki-client