Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UbLQYvpUPgaryjjISPUu1okxG-M.roa
File: UbLQYvpUPgaryjjISPUu1okxG-M.roa (raw, json)
Hash identifier: 3g5cXcUF0vu1rizDBdHuQXQv9t2dwHh6q3LyhA1f5/E=
Subject key identifier: 51:B2:D0:62:FA:54:3E:06:AB:CA:38:C8:48:F5:2E:D6:89:31:1B:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B23BAA5E5BC3DB587123544D49B6068BC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UbLQYvpUPgaryjjISPUu1okxG-M.roa
Signing time: Thu 12 Oct 2023 11:51:56 +0000
ROA not before: Thu 12 Oct 2023 11:51:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216394
IP address blocks: 194.87.130.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 05:09:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:ba:a5:e5:bc:3d:b5:87:12:35:44:d4:9b:60:68:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 12 11:51:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51b2d062fa543e06abca38c848f52ed689311be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:24:cd:5f:d7:8a:1c:67:fc:3b:44:bd:4b:
cf:64:c7:46:4a:60:fc:85:1d:92:ad:7f:d8:83:6a:
f4:3e:cc:0d:81:dd:bb:93:fe:9e:7d:07:d7:a4:0e:
a6:f1:b0:30:88:3a:55:cc:f9:09:76:1e:58:e8:4c:
0d:c8:6b:d2:e3:9e:a4:90:56:aa:0f:e0:9c:71:cd:
ee:9f:a7:4c:63:bf:8d:76:d9:f9:19:4e:e2:3e:58:
7c:b5:36:d0:de:4b:5d:61:50:33:61:9d:0a:b2:bc:
8f:11:cb:e1:79:dd:1f:e7:fb:5c:41:9b:49:2a:02:
f5:20:e5:c7:d2:9d:34:af:43:bb:de:d5:79:d2:ac:
61:0a:eb:77:48:03:2c:e3:88:8d:07:a4:a2:d9:e4:
1a:58:ec:ea:af:b1:fc:17:19:b3:55:f6:d1:65:40:
08:ec:00:1d:b5:8e:ee:6d:71:46:14:2f:3a:16:dc:
81:5a:40:72:95:a8:21:ca:18:f6:55:74:7e:29:2e:
71:46:c9:2a:c7:02:ae:f2:12:b1:4c:9f:ff:db:0d:
a8:da:89:a2:81:39:62:fa:91:ac:c5:39:33:7c:1d:
81:9c:71:48:1c:b1:35:fa:85:1c:8f:2c:cd:45:88:
03:d3:9a:98:2f:d0:cf:ba:ec:f0:22:b3:bb:22:d8:
f1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B2:D0:62:FA:54:3E:06:AB:CA:38:C8:48:F5:2E:D6:89:31:1B:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UbLQYvpUPgaryjjISPUu1okxG-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.27.0/24
194.87.130.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4f:f3:f0:6a:d2:b0:f8:9e:02:0d:a6:ab:58:63:ba:c3:e4:
35:21:07:40:79:f2:fd:6b:29:b5:d2:e2:66:07:fb:52:c7:01:
cb:66:32:16:5a:58:f1:e4:50:85:e5:a9:82:3b:15:79:10:b7:
4f:a1:9d:0d:47:4f:0e:4d:f2:39:90:da:ba:7e:34:85:fe:d0:
e2:fb:21:8c:41:5a:d3:50:63:6c:dc:49:a0:b6:fc:63:51:6b:
c4:b4:d0:42:4f:61:7f:06:8d:fa:23:ed:62:ab:10:2e:39:67:
02:f5:fc:bc:37:95:b5:a9:63:9e:b8:f1:58:5d:96:4b:45:3f:
8d:a1:f9:c9:8b:a6:d2:4d:4b:1b:5f:88:79:2b:e8:a9:a3:6d:
5f:bc:5b:3c:8e:e7:4b:39:fe:ec:6c:21:20:a0:d3:1b:c2:69:
20:5b:2b:9c:bd:39:b7:2f:75:fb:f6:87:e1:50:82:5f:01:68:
ad:dd:32:96:e7:6e:ed:ba:0d:e0:4c:58:46:e8:3a:8d:42:63:
2c:c4:68:47:30:e5:03:71:c9:75:d3:ab:c8:a4:e5:1b:a8:66:
3d:c9:27:c8:36:96:1f:40:87:e8:a0:ec:89:64:59:eb:6b:26:
fa:1d:2a:9e:26:a0:2f:76:42:e1:69:2b:9a:cb:ce:e7:e9:d9:
a8:c8:f3:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsjuqXlvD21hxI1RNSbYGi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEyMTE1MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIyZDA2MmZhNTQzZTA2YWJjYTM4Yzg0OGY1MmVkNjg5MzExYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGUkzV/Xihxn/DtEvUvPZMdGSmD8
hR2SrX/Yg2r0PswNgd27k/6efQfXpA6m8bAwiDpVzPkJdh5Y6EwNyGvS456kkFaq
D+Cccc3un6dMY7+Ndtn5GU7iPlh8tTbQ3ktdYVAzYZ0KsryPEcvhed0f5/tcQZtJ
KgL1IOXH0p00r0O73tV50qxhCut3SAMs44iNB6Si2eQaWOzqr7H8FxmzVfbRZUAI
7AAdtY7ubXFGFC86FtyBWkBylaghyhj2VXR+KS5xRskqxwKu8hKxTJ//2w2o2omi
gTli+pGsxTkzfB2BnHFIHLE1+oUcjyzNRYgD05qYL9DPuuzwIrO7ItjxKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFGy0GL6VD4Gq8o4yEj1LtaJMRvjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWJMUVl2cFVQZ2FyeWpqSVNQVXUxb2t4Ry1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlcbAwQA
wleCMA0GCSqGSIb3DQEBCwUAA4IBAQAMT/PwatKw+J4CDaarWGO6w+Q1IQdAefL9
aym10uJmB/tSxwHLZjIWWljx5FCF5amCOxV5ELdPoZ0NR08OTfI5kNq6fjSF/tDi
+yGMQVrTUGNs3EmgtvxjUWvEtNBCT2F/Bo36I+1iqxAuOWcC9fy8N5W1qWOeuPFY
XZZLRT+NofnJi6bSTUsbX4h5K+ipo21fvFs8judLOf7sbCEgoNMbwmkgWyucvTm3
L3X79ofhUIJfAWit3TKW527tug3gTFhG6DqNQmMsxGhHMOUDccl106vIpOUbqGY9
ySfINpYfQIfooOyJZFnrayb6HSqeJqAvdkLhaSuay87n6dmoyPPA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org