Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qcj8zyudKvAWGSdZkx_eEKjjRco.roa
File: Qcj8zyudKvAWGSdZkx_eEKjjRco.roa (raw, json)
Hash identifier: YfLptmemuDOufwo+HWHy//3bOzmxYahJC9PTRGyzSF0=
Subject key identifier: 41:C8:FC:CF:2B:9D:2A:F0:16:19:27:59:93:1F:DE:10:A8:E3:45:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186BA4D1BECC75F78AB6A84F682964F2A23
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qcj8zyudKvAWGSdZkx_eEKjjRco.roa
Signing time: Tue 07 Mar 2023 04:21:00 +0000
ROA not before: Tue 07 Mar 2023 04:21:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 194.87.127.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ba:4d:1b:ec:c7:5f:78:ab:6a:84:f6:82:96:4f:2a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 04:21:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41c8fccf2b9d2af016192759931fde10a8e345ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9b:1a:99:88:f8:c7:81:42:37:32:12:81:9e:
08:35:3f:95:66:92:a9:53:d9:2c:9d:cb:6a:e9:2b:
73:8d:a6:6f:41:28:46:19:cd:4c:25:49:8a:9f:29:
b3:d3:81:4e:74:7c:b6:5b:c7:8d:20:9e:dd:99:19:
85:ec:36:82:33:6c:9b:97:4d:1c:80:60:d3:bf:f4:
d9:97:78:d6:d2:d8:fa:b8:07:e6:39:c6:ed:a7:75:
a3:37:fb:7a:17:5b:9b:76:46:e5:b9:93:44:20:49:
a7:86:32:d6:aa:41:ad:27:e6:c1:90:16:53:8b:c7:
b6:57:25:94:c5:55:4d:c7:07:c1:b7:0d:87:28:fe:
32:4d:5d:f4:ec:79:a6:de:f2:49:e5:e4:07:3e:e2:
c3:98:1f:00:96:22:8c:a6:4d:6d:b3:53:8e:6e:c4:
4d:32:b0:bf:2b:75:5c:82:de:9f:b0:03:d0:b4:16:
a5:44:61:9d:fb:fb:a4:80:c3:39:fa:cb:8a:7d:62:
54:64:84:29:3b:f5:ea:6a:98:37:c8:75:91:37:39:
9d:2a:53:46:7e:e4:77:92:10:6c:e9:fa:5c:57:08:
ec:40:ac:a2:84:5d:24:a6:a7:63:b0:1d:e2:36:6d:
4c:8e:69:9f:e5:71:3b:cc:51:96:d3:7d:95:5c:74:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C8:FC:CF:2B:9D:2A:F0:16:19:27:59:93:1F:DE:10:A8:E3:45:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qcj8zyudKvAWGSdZkx_eEKjjRco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.38.0/24
194.87.72.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d9:87:87:e2:59:c5:7a:e6:44:23:79:1c:f4:8b:be:3a:79:
67:c3:b5:ba:70:b9:55:97:39:d2:d8:9b:18:61:80:d0:5e:4d:
0b:04:60:85:b7:f2:30:0c:5e:e8:b0:3e:17:52:9f:3f:b2:56:
2a:93:1e:63:25:55:35:8d:ef:2c:93:98:c3:c5:d2:9b:ef:9f:
ec:79:df:5d:1f:90:10:45:b9:98:f5:b4:d7:16:d1:1a:b9:d3:
13:3f:f4:17:7e:88:e7:14:08:ec:df:5d:88:24:ea:fd:d2:4b:
ff:d8:9e:74:c5:cb:d4:71:f1:54:53:eb:aa:0f:95:f6:8f:70:
02:71:11:6b:4c:f5:b2:34:99:34:04:3b:9d:53:2c:83:fc:03:
9d:e0:15:7a:62:84:34:6e:b5:0f:25:7a:45:02:a4:a4:e2:26:
b5:f8:ee:00:90:38:3a:0c:c9:a6:00:4d:11:28:96:03:e0:51:
8e:77:e4:40:f3:00:13:a8:15:09:8a:43:6d:ca:d6:0f:f4:d0:
09:7f:c1:81:c7:56:a3:af:02:64:d8:e1:17:fc:ed:34:e0:9f:
df:a2:53:47:14:2b:9d:11:0d:c3:62:8a:fb:67:14:d9:d6:11:
86:b4:cb:48:59:77:d4:22:2a:21:60:09:6c:91:db:f1:68:b3:
de:c2:e4:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa6TRvsx194q2qE9oKWTyojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA3MDQyMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM4ZmNjZjJiOWQyYWYwMTYxOTI3NTk5MzFmZGUxMGE4ZTM0NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5samYj4x4FCNzISgZ4INT+VZpKp
U9ksnctq6StzjaZvQShGGc1MJUmKnymz04FOdHy2W8eNIJ7dmRmF7DaCM2ybl00c
gGDTv/TZl3jW0tj6uAfmOcbtp3WjN/t6F1ubdkbluZNEIEmnhjLWqkGtJ+bBkBZT
i8e2VyWUxVVNxwfBtw2HKP4yTV307Hmm3vJJ5eQHPuLDmB8AliKMpk1ts1OObsRN
MrC/K3Vcgt6fsAPQtBalRGGd+/ukgMM5+suKfWJUZIQpO/Xqapg3yHWRNzmdKlNG
fuR3khBs6fpcVwjsQKyihF0kpqdjsB3iNm1Mjmmf5XE7zFGW032VXHQYFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEHI/M8rnSrwFhknWZMf3hCo40XKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUWNqOHp5dWRLdkFXR1NkWmt4X2VFS2pqUmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcmAwQA
wldIAwQAwld/MA0GCSqGSIb3DQEBCwUAA4IBAQBU2YeH4lnFeuZEI3kc9Iu+Onln
w7W6cLlVlznS2JsYYYDQXk0LBGCFt/IwDF7osD4XUp8/slYqkx5jJVU1je8sk5jD
xdKb75/sed9dH5AQRbmY9bTXFtEaudMTP/QXfojnFAjs312IJOr90kv/2J50xcvU
cfFUU+uqD5X2j3ACcRFrTPWyNJk0BDudUyyD/AOd4BV6YoQ0brUPJXpFAqSk4ia1
+O4AkDg6DMmmAE0RKJYD4FGOd+RA8wATqBUJikNtytYP9NAJf8GBx1ajrwJk2OEX
/O004J/folNHFCudEQ3DYor7ZxTZ1hGGtMtIWXfUIiohYAlskdvxaLPewuTL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org