Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TJHjON7vgBJkS0O4h0AHS7NEV9A.roa
File: TJHjON7vgBJkS0O4h0AHS7NEV9A.roa (raw, json)
Hash identifier: vGhWV0PzBFyYIr9uesKlH84ifauijMv96DQVqhEwxoA=
Subject key identifier: 4C:91:E3:38:DE:EF:80:12:64:4B:43:B8:87:40:07:4B:B3:44:57:D0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67030C6767594E13F0730D626CC32C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TJHjON7vgBJkS0O4h0AHS7NEV9A.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203172
IP address blocks: 194.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:03:0c:67:67:59:4e:13:f0:73:0d:62:6c:c3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c91e338deef8012644b43b88740074bb34457d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ca:43:f9:bf:fb:cb:6b:4c:3a:7e:bc:80:b1:
36:d4:f8:46:a2:f8:fa:6e:00:04:24:c1:ad:b6:94:
1f:c9:5c:dd:36:7a:89:e7:e4:03:24:ca:47:38:fe:
be:91:9c:fe:c4:ec:c5:5a:6d:dd:a8:8a:0e:fb:68:
4b:51:9b:85:6d:32:21:71:9c:88:3b:82:fc:bb:e8:
10:af:66:18:5d:a1:5c:9a:40:78:48:ee:b9:05:cb:
3b:88:14:46:15:81:d0:1e:bf:97:1b:2d:f1:77:90:
f9:e8:2a:19:4c:c9:fa:9a:2e:c3:87:d1:7a:22:44:
b0:c4:b2:13:32:6b:ce:16:20:03:78:d3:2b:f3:91:
1d:1b:ff:60:06:98:bc:16:a6:83:d6:77:fe:00:60:
48:68:37:aa:90:dd:70:b9:5f:7c:05:ee:64:e2:d9:
65:ee:39:3e:6a:e1:f5:07:00:c2:ca:4e:1c:e4:ac:
0e:c1:e0:d5:fb:cd:60:be:88:99:8e:9a:74:02:19:
3e:3f:03:c1:32:c6:5e:b5:b0:38:3d:6b:9c:44:7e:
49:a4:3d:28:46:09:37:c3:8b:b4:d6:55:a7:2a:d0:
66:b4:df:7b:57:f0:1e:ed:25:2f:c2:b4:aa:b4:58:
60:8a:c3:0a:1b:49:d9:b9:20:25:a3:62:33:16:fa:
2b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:91:E3:38:DE:EF:80:12:64:4B:43:B8:87:40:07:4B:B3:44:57:D0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TJHjON7vgBJkS0O4h0AHS7NEV9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ec:a7:2b:b5:69:12:af:58:81:ae:ce:59:1e:2c:2b:bf:92:
3e:67:34:0c:06:83:38:e9:ec:e8:7c:1e:98:37:29:b2:db:a1:
10:87:d6:f6:04:ba:d9:15:59:af:04:a5:f0:d1:e1:2e:0f:84:
ce:6b:3a:22:d6:42:d2:3a:97:e6:81:3f:32:12:38:cb:22:1a:
06:e6:1b:da:b6:ae:e4:56:1b:2f:cd:9b:37:3d:5a:1a:82:bf:
2d:5e:51:ae:f6:e1:b3:c7:1b:c2:56:99:27:fb:4d:50:9d:d0:
c2:4e:df:8b:52:a1:78:86:a3:da:4f:21:6e:14:5a:bb:55:1b:
d7:8a:ef:95:43:e4:c3:1b:ed:af:55:13:36:15:f3:29:99:b5:
e7:82:10:5c:da:43:df:48:48:1e:c7:d0:be:2b:25:bc:d2:cf:
33:b4:5a:00:d7:8b:e1:aa:54:98:58:36:7a:a3:d3:49:09:6b:
3f:b2:16:36:ef:d4:06:32:9b:65:b6:b4:9d:9c:37:e1:d8:6b:
18:ea:c1:6c:59:95:26:39:ff:37:92:81:12:66:32:60:a4:d6:
7d:d2:5a:06:84:df:87:15:cf:96:08:29:4e:87:6e:f1:ea:16:
f7:07:23:75:bd:cf:48:f0:1d:8a:3d:37:b2:7b:65:28:a5:32:
b6:95:97:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZwMMZ2dZThPwcw1ibMMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkxZTMzOGRlZWY4MDEyNjQ0YjQzYjg4NzQwMDc0YmIzNDQ1N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcpD+b/7y2tMOn68gLE21PhGovj6
bgAEJMGttpQfyVzdNnqJ5+QDJMpHOP6+kZz+xOzFWm3dqIoO+2hLUZuFbTIhcZyI
O4L8u+gQr2YYXaFcmkB4SO65Bcs7iBRGFYHQHr+XGy3xd5D56CoZTMn6mi7Dh9F6
IkSwxLITMmvOFiADeNMr85EdG/9gBpi8FqaD1nf+AGBIaDeqkN1wuV98Be5k4tll
7jk+auH1BwDCyk4c5KwOweDV+81gvoiZjpp0Ahk+PwPBMsZetbA4PWucRH5JpD0o
Rgk3w4u01lWnKtBmtN97V/Ae7SUvwrSqtFhgisMKG0nZuSAlo2IzFvorGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyR4zje74ASZEtDuIdAB0uzRFfQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVEpIak9ON3ZnQkprUzBPNGgwQUhTN05FVjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlffMA0G
CSqGSIb3DQEBCwUAA4IBAQAG7KcrtWkSr1iBrs5ZHiwrv5I+ZzQMBoM46ezofB6Y
Nymy26EQh9b2BLrZFVmvBKXw0eEuD4TOazoi1kLSOpfmgT8yEjjLIhoG5hvatq7k
VhsvzZs3PVoagr8tXlGu9uGzxxvCVpkn+01QndDCTt+LUqF4hqPaTyFuFFq7VRvX
iu+VQ+TDG+2vVRM2FfMpmbXnghBc2kPfSEgex9C+KyW80s8ztFoA14vhqlSYWDZ6
o9NJCWs/shY279QGMptltrSdnDfh2GsY6sFsWZUmOf83koESZjJgpNZ90loGhN+H
Fc+WCClOh27x6hb3ByN1vc9I8B2KPTeye2UopTK2lZcF
-----END CERTIFICATE-----
Generated at Sun Oct 1 19:21:52 2023 by rpki-client on console-fra.rpki-client.org