Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TD0ti-DVKOdg-hcVpJbOTx8KcvM.roa
File: TD0ti-DVKOdg-hcVpJbOTx8KcvM.roa (raw, json)
Hash identifier: 3WJYmLQMcYhT/8dR1s9GyQUkDojlzXbrVadvuetUpTM=
Subject key identifier: 4C:3D:2D:8B:E0:D5:28:E7:60:FA:17:15:A4:96:CE:4F:1F:0A:72:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1EC78BDAB91387548F3B225B94717EBB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TD0ti-DVKOdg-hcVpJbOTx8KcvM.roa
Signing time: Wed 11 Oct 2023 12:47:55 +0000
ROA not before: Wed 11 Oct 2023 12:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:c7:8b:da:b9:13:87:54:8f:3b:22:5b:94:71:7e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 12:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c3d2d8be0d528e760fa1715a496ce4f1f0a72f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:05:41:15:e7:04:75:73:a0:88:b3:94:2d:b6:
5e:b9:a1:6b:0f:54:b0:49:5c:1e:14:be:d8:e2:a4:
cc:3b:d1:7b:df:1f:26:7a:84:8b:d3:d4:8b:04:f3:
55:9f:35:23:08:41:26:0c:e0:15:b9:11:3a:c9:b0:
71:27:04:09:16:f4:60:08:90:30:f4:89:75:8d:0d:
a8:79:be:64:ed:d1:11:bb:61:a4:16:96:9e:df:2f:
df:f3:df:b0:74:74:fd:64:e6:ea:d4:09:0c:d5:9b:
94:ad:d8:9c:0b:3f:a8:69:dc:3d:21:cb:0b:0b:65:
4c:b9:13:7f:b2:76:6f:cf:58:af:7b:5d:3f:c9:36:
86:3b:1d:aa:49:29:43:56:44:6a:27:63:c2:ea:7f:
fc:20:f9:44:c9:6d:20:06:c2:b3:64:01:f1:13:f0:
2e:0a:b9:21:e3:a1:97:b3:40:29:96:b6:9a:fb:1b:
14:76:ad:3f:90:be:45:57:55:da:57:d1:83:b7:b0:
ad:c3:4a:ad:91:45:cc:7d:d2:7f:a8:c6:61:1d:1b:
8b:3b:9b:56:f1:d6:9c:b8:68:12:80:25:f3:79:62:
94:ae:04:c0:4e:9f:52:29:16:e5:e5:c0:3e:31:0f:
6b:d2:b0:a7:fa:b0:07:c9:75:a0:a1:82:e9:6d:e8:
7d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3D:2D:8B:E0:D5:28:E7:60:FA:17:15:A4:96:CE:4F:1F:0A:72:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TD0ti-DVKOdg-hcVpJbOTx8KcvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.141.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:80:b0:e9:ac:7d:24:63:48:29:a3:33:9d:b2:b5:19:11:3b:
e6:6d:72:1e:e0:a0:33:6b:f8:b3:37:98:56:14:ea:3d:40:58:
7c:fa:73:d5:3d:29:16:1b:ab:a7:7a:59:56:28:ee:61:54:0c:
ea:da:ef:eb:04:3a:01:05:aa:13:86:70:52:21:2b:96:13:30:
58:c8:05:91:12:f8:fe:da:5c:36:9b:78:98:c0:0e:94:8e:39:
9e:9a:0c:89:41:46:a6:09:1c:6d:7d:34:5d:ac:51:bc:1e:13:
9d:51:ea:08:5c:37:01:ac:b4:ca:c2:ae:59:37:c2:35:54:d6:
f0:ef:5a:c5:c5:12:aa:5c:49:d5:5c:c4:d4:b3:fb:33:42:cf:
51:62:7a:00:4a:19:c0:bd:e4:09:bd:5a:90:84:90:63:fd:4d:
32:78:c1:f4:fb:47:df:63:b1:74:0e:d5:b2:64:00:55:5e:e6:
e6:f8:33:ad:02:9d:e1:a2:30:3f:14:9f:d3:91:44:52:e2:5f:
f0:77:dd:63:06:b2:84:64:57:3c:69:7f:74:24:d3:ca:22:5e:
80:f4:a5:3b:47:62:09:e9:3c:0a:02:f0:47:32:f7:49:60:96:
7f:3d:4f:81:9f:4d:b7:c2:e1:68:68:27:c0:c9:60:e3:0b:07:
b3:31:78:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsex4vauROHVI87IluUcX67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTI0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNkMmQ4YmUwZDUyOGU3NjBmYTE3MTVhNDk2Y2U0ZjFmMGE3MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwVBFecEdXOgiLOULbZeuaFrD1Sw
SVweFL7Y4qTMO9F73x8meoSL09SLBPNVnzUjCEEmDOAVuRE6ybBxJwQJFvRgCJAw
9Il1jQ2oeb5k7dERu2GkFpae3y/f89+wdHT9ZObq1AkM1ZuUrdicCz+oadw9IcsL
C2VMuRN/snZvz1ive10/yTaGOx2qSSlDVkRqJ2PC6n/8IPlEyW0gBsKzZAHxE/Au
Crkh46GXs0Aplraa+xsUdq0/kL5FV1XaV9GDt7Ctw0qtkUXMfdJ/qMZhHRuLO5tW
8dacuGgSgCXzeWKUrgTATp9SKRbl5cA+MQ9r0rCn+rAHyXWgoYLpbeh9sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEw9LYvg1SjnYPoXFaSWzk8fCnLzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVEQwdGktRFZLT2RnLWhjVnBKYk9UeDhLY3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleNMA0G
CSqGSIb3DQEBCwUAA4IBAQCLgLDprH0kY0gpozOdsrUZETvmbXIe4KAza/izN5hW
FOo9QFh8+nPVPSkWG6unellWKO5hVAzq2u/rBDoBBaoThnBSISuWEzBYyAWREvj+
2lw2m3iYwA6UjjmemgyJQUamCRxtfTRdrFG8HhOdUeoIXDcBrLTKwq5ZN8I1VNbw
71rFxRKqXEnVXMTUs/szQs9RYnoAShnAveQJvVqQhJBj/U0yeMH0+0ffY7F0DtWy
ZABVXubm+DOtAp3hojA/FJ/TkURS4l/wd91jBrKEZFc8aX90JNPKIl6A9KU7R2IJ
6TwKAvBHMvdJYJZ/PU+Bn023wuFoaCfAyWDjCwezMXgP
-----END CERTIFICATE-----
Generated at Tue Oct 24 08:34:49 2023 by rpki-client on console-ams.rpki-client.org