Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PpRlOV-nMqk-48XBC6uosRwclQc.roa
File: PpRlOV-nMqk-48XBC6uosRwclQc.roa (raw, json)
Hash identifier: EoVdMOkQsokZnp6/mXGr/xxX6P4yzhABPWhztZSBkP8=
Subject key identifier: 3E:94:65:39:5F:A7:32:A9:3E:E3:C5:C1:0B:AB:A8:B1:1C:1C:95:07
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01878E558490E22ABCD67307A12B22276DC9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PpRlOV-nMqk-48XBC6uosRwclQc.roa
Signing time: Mon 17 Apr 2023 08:29:41 +0000
ROA not before: Mon 17 Apr 2023 08:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 194.87.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:55:84:90:e2:2a:bc:d6:73:07:a1:2b:22:27:6d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 17 08:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e9465395fa732a93ee3c5c10baba8b11c1c9507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:fb:70:ed:d3:91:50:4f:c6:e1:2f:35:56:
60:45:7e:b4:12:9a:7c:aa:b2:dc:55:99:99:56:c1:
c7:01:e4:e1:54:6d:7b:c4:16:4d:5d:a8:73:1a:d8:
97:aa:dd:f1:3a:ed:05:12:50:fe:79:cc:41:0d:e8:
29:6d:4b:9c:63:9c:2e:82:4d:af:32:70:02:4e:27:
20:1f:19:a8:f9:b8:89:a9:4a:db:dd:32:19:62:75:
3e:25:c5:e8:dc:bc:5d:1a:57:fb:90:01:3b:99:f7:
f1:03:61:80:27:9a:02:8e:b7:70:3f:c8:6c:d0:3c:
af:47:ea:ef:e3:e5:63:ad:4e:68:d4:28:99:4f:11:
c2:95:43:04:aa:ed:3c:92:ee:c2:d1:0a:cd:42:a6:
da:49:6d:35:fc:90:09:53:97:0a:a5:0f:ab:1f:b4:
35:14:70:aa:be:1f:82:d4:39:5e:04:0f:f5:7d:66:
13:84:05:af:af:e2:06:3f:af:ae:32:19:c2:1a:69:
32:75:c7:1d:f6:6a:fd:dc:bb:75:6e:0a:cf:ed:fb:
77:b4:47:70:ca:d7:03:40:81:49:ee:12:9c:02:af:
3d:3a:8f:91:1e:6e:75:71:57:4e:47:c5:3f:8f:1c:
fb:d4:03:64:60:d5:81:7e:a5:e7:ce:c6:e8:f3:43:
48:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:94:65:39:5F:A7:32:A9:3E:E3:C5:C1:0B:AB:A8:B1:1C:1C:95:07
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PpRlOV-nMqk-48XBC6uosRwclQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.4.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c6:72:a6:8a:bd:4b:36:68:31:7f:f4:e0:8a:bf:be:83:3a:
8f:fd:00:73:58:19:79:3a:52:e0:70:cd:5d:08:29:02:44:f6:
5c:5f:f0:af:7c:55:98:ed:17:54:86:fd:69:6a:c2:e9:5a:d5:
9a:1c:b4:73:eb:0a:cc:bc:88:56:65:81:04:ce:40:9b:aa:cd:
47:8d:e1:f2:11:34:9e:1d:25:a7:c6:ba:5e:f8:20:88:22:fc:
03:e4:df:40:26:bc:54:38:28:d4:9e:42:17:f6:9a:16:0a:67:
0a:1d:d9:e1:75:43:db:ca:99:fb:ef:d4:b3:b5:f9:e0:fe:c3:
2d:0d:88:6d:5d:cc:3f:05:6c:e4:32:73:8a:3f:04:14:d2:cf:
3b:ae:1a:86:d0:66:ea:73:bf:06:98:79:29:2c:5f:a5:4a:53:
61:03:31:f7:ae:a5:cf:44:86:7a:f3:0d:e1:42:3c:ad:d2:75:
ab:bb:60:bf:10:08:d8:0d:17:35:49:01:7f:cf:27:6a:b3:ee:
1e:4b:f0:82:5f:de:db:53:74:54:5d:10:fa:57:62:04:0e:9e:
48:62:7c:7d:42:9b:af:ef:ec:07:d3:c5:03:cc:d5:7f:48:0b:
69:54:0e:9e:03:1c:67:0c:43:a2:aa:61:17:9e:3b:29:2a:79:
d0:a5:c1:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeOVYSQ4iq81nMHoSsiJ23JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDE3MDgyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTk0NjUzOTVmYTczMmE5M2VlM2M1YzEwYmFiYThiMTFjMWM5NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+z7cO3TkVBPxuEvNVZgRX60Epp8
qrLcVZmZVsHHAeThVG17xBZNXahzGtiXqt3xOu0FElD+ecxBDegpbUucY5wugk2v
MnACTicgHxmo+biJqUrb3TIZYnU+JcXo3LxdGlf7kAE7mffxA2GAJ5oCjrdwP8hs
0DyvR+rv4+VjrU5o1CiZTxHClUMEqu08ku7C0QrNQqbaSW01/JAJU5cKpQ+rH7Q1
FHCqvh+C1DleBA/1fWYThAWvr+IGP6+uMhnCGmkydccd9mr93Lt1bgrP7ft3tEdw
ytcDQIFJ7hKcAq89Oo+RHm51cVdOR8U/jxz71ANkYNWBfqXnzsbo80NIuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6UZTlfpzKpPuPFwQurqLEcHJUHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUHBSbE9WLW5NcWstNDhYQkM2dW9zUndjbFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcEMA0G
CSqGSIb3DQEBCwUAA4IBAQCUxnKmir1LNmgxf/Tgir++gzqP/QBzWBl5OlLgcM1d
CCkCRPZcX/CvfFWY7RdUhv1pasLpWtWaHLRz6wrMvIhWZYEEzkCbqs1HjeHyETSe
HSWnxrpe+CCIIvwD5N9AJrxUOCjUnkIX9poWCmcKHdnhdUPbypn779Sztfng/sMt
DYhtXcw/BWzkMnOKPwQU0s87rhqG0Gbqc78GmHkpLF+lSlNhAzH3rqXPRIZ68w3h
Qjyt0nWru2C/EAjYDRc1SQF/zydqs+4eS/CCX97bU3RUXRD6V2IEDp5IYnx9Qpuv
7+wH08UDzNV/SAtpVA6eAxxnDEOiqmEXnjspKnnQpcEq
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org