Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TzfNuQmGor3uZUbcycMkGk8QrpQ.roa
File: TzfNuQmGor3uZUbcycMkGk8QrpQ.roa (raw, json)
Hash identifier: MQaliUsEHPhzEMeNYKNDewAdLhHg9XTJK+1GhwU0XRs=
Subject key identifier: 4F:37:CD:B9:09:86:A2:BD:EE:65:46:DC:C9:C3:24:1A:4F:10:AE:94
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187B420D04BB056243BD216CA4F768C4946
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TzfNuQmGor3uZUbcycMkGk8QrpQ.roa
Signing time: Mon 24 Apr 2023 16:37:41 +0000
ROA not before: Mon 24 Apr 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198749
IP address blocks: 194.87.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:20:d0:4b:b0:56:24:3b:d2:16:ca:4f:76:8c:49:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 24 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f37cdb90986a2bdee6546dcc9c3241a4f10ae94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4d:10:fb:00:88:32:e0:0d:73:e0:09:e6:b6:
7b:8a:fa:5d:dc:61:6a:58:86:3b:e8:fe:60:b8:3a:
7f:9b:1f:7c:70:38:eb:ee:e7:46:90:a2:c9:d2:11:
62:34:b3:cc:68:ae:35:8a:50:63:53:54:28:7e:7b:
da:e0:bf:6d:e3:4c:f4:e3:53:72:c0:bf:25:10:46:
ab:a2:d6:66:43:f3:5f:c9:80:51:cc:e9:bd:8c:d2:
1e:80:8e:38:b8:58:73:4f:24:65:d1:77:17:a3:a1:
d4:9b:b2:e6:ff:ce:e0:20:4c:dd:fa:1e:ee:73:db:
9a:c1:3e:90:ed:0c:0f:b5:df:31:e6:a1:4b:cc:f2:
76:29:f1:dd:15:93:e9:a1:60:c1:40:30:df:ca:c5:
65:1e:56:79:98:e4:64:34:56:47:ad:a7:df:ac:e7:
7e:f4:6d:10:58:d7:40:46:2a:6c:c4:75:63:bb:99:
81:1c:80:c2:68:14:a9:4a:ed:7f:91:8a:ef:ac:c4:
b0:11:fc:8b:07:74:d1:d4:82:48:29:4c:e2:b3:53:
88:cf:55:8a:6c:36:ad:d0:14:91:be:54:53:e8:58:
a0:b8:53:ed:a1:52:99:38:28:bb:f3:05:8c:7d:f2:
85:a2:38:06:d1:5f:9c:5c:6f:d6:f9:68:05:28:60:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:37:CD:B9:09:86:A2:BD:EE:65:46:DC:C9:C3:24:1A:4F:10:AE:94
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TzfNuQmGor3uZUbcycMkGk8QrpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.233.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4d:9a:b9:3a:f0:98:2c:88:4e:b0:55:eb:3b:a6:17:6d:ed:
a0:ee:0a:4b:99:ca:d0:57:d6:96:2d:5f:8e:b7:57:78:51:0b:
80:fd:ff:17:42:e2:2b:f4:8b:bc:49:68:cc:0b:c4:c4:4f:11:
a1:95:88:41:5d:b1:5f:96:fd:52:30:8d:59:4c:22:cb:26:3d:
1c:db:29:33:c4:50:0e:53:2b:e5:11:1c:88:79:ae:ff:72:4a:
3e:bd:63:81:ab:2c:ac:58:f7:46:ef:78:31:ff:7c:d1:f0:f9:
52:9b:7b:63:30:1c:f5:85:36:8f:c0:3d:42:36:3c:b0:66:81:
7c:05:fe:a4:5f:ef:f5:c0:cc:75:30:c4:e7:2a:f9:d9:b6:9d:
e4:14:f2:ee:6a:07:0a:4b:6e:46:0a:f3:6f:53:41:79:f5:4e:
71:bc:f3:c3:87:31:3d:f3:3d:2e:09:ad:16:c2:fd:41:50:29:
4e:58:35:38:b7:07:ed:eb:cd:1b:bc:3d:3d:07:fa:34:d9:c8:
f7:f1:a1:1c:fb:71:1f:77:22:f2:73:e9:4c:6d:e7:d1:3f:f9:
0d:02:6f:e6:17:ed:2d:24:c0:a1:10:00:25:b0:a5:07:db:d2:
df:c5:5f:c8:3b:18:83:53:9e:d4:c5:3f:26:e1:53:ba:4b:e3:
88:27:9e:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe0INBLsFYkO9IWyk92jElGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI0MTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM3Y2RiOTA5ODZhMmJkZWU2NTQ2ZGNjOWMzMjQxYTRmMTBhZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk0Q+wCIMuANc+AJ5rZ7ivpd3GFq
WIY76P5guDp/mx98cDjr7udGkKLJ0hFiNLPMaK41ilBjU1Qofnva4L9t40z041Ny
wL8lEEarotZmQ/NfyYBRzOm9jNIegI44uFhzTyRl0XcXo6HUm7Lm/87gIEzd+h7u
c9uawT6Q7QwPtd8x5qFLzPJ2KfHdFZPpoWDBQDDfysVlHlZ5mORkNFZHraffrOd+
9G0QWNdARipsxHVju5mBHIDCaBSpSu1/kYrvrMSwEfyLB3TR1IJIKUzis1OIz1WK
bDat0BSRvlRT6FiguFPtoVKZOCi78wWMffKFojgG0V+cXG/W+WgFKGCSIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE83zbkJhqK97mVG3MnDJBpPEK6UMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVHpmTnVRbUdvcjN1WlViY3ljTWtHazhRcnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfpMA0G
CSqGSIb3DQEBCwUAA4IBAQCKTZq5OvCYLIhOsFXrO6YXbe2g7gpLmcrQV9aWLV+O
t1d4UQuA/f8XQuIr9Iu8SWjMC8TETxGhlYhBXbFflv1SMI1ZTCLLJj0c2ykzxFAO
UyvlERyIea7/cko+vWOBqyysWPdG73gx/3zR8PlSm3tjMBz1hTaPwD1CNjywZoF8
Bf6kX+/1wMx1MMTnKvnZtp3kFPLuagcKS25GCvNvU0F59U5xvPPDhzE98z0uCa0W
wv1BUClOWDU4twft680bvD09B/o02cj38aEc+3EfdyLyc+lMbefRP/kNAm/mF+0t
JMChEAAlsKUH29LfxV/IOxiDU57UxT8m4VO6S+OIJ573
-----END CERTIFICATE-----
Generated at Thu Aug 24 09:41:01 2023 by rpki-client on console-fra.rpki-client.org