Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V0H6R5kzMok-S0jRENjHq85gyKM.roa
File: V0H6R5kzMok-S0jRENjHq85gyKM.roa (raw, json)
Hash identifier: 5OklVTQmXjRdS8pC11jWjXfW1YJmU4OStgg8m4HbMm4=
Subject key identifier: 57:41:FA:47:99:33:32:89:3E:4B:48:D1:10:D8:C7:AB:CE:60:C8:A3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018607FCCC5DA244EDDDECF931049EC8D9AE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V0H6R5kzMok-S0jRENjHq85gyKM.roa
Signing time: Tue 31 Jan 2023 13:20:53 +0000
ROA not before: Tue 31 Jan 2023 13:20:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.17.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 10:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:fc:cc:5d:a2:44:ed:dd:ec:f9:31:04:9e:c8:d9:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 31 13:20:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5741fa47993332893e4b48d110d8c7abce60c8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:66:82:35:a8:c7:11:ce:ee:15:20:bf:84:1f:
f8:68:2b:ea:7f:99:6f:0b:a1:eb:40:5b:8b:3c:ca:
1c:ad:ef:f3:84:a1:e3:3f:d5:3d:0c:63:d7:b3:56:
97:c8:2b:03:5e:7c:52:13:8b:8e:d8:35:94:18:ac:
85:36:ef:dc:b4:64:7b:23:e8:83:e8:c6:68:06:7d:
9e:e5:2c:17:de:ab:46:5e:68:cb:40:bc:fc:7c:a0:
1e:09:a9:f1:cf:e0:bc:3c:2f:ae:7d:b9:16:29:7a:
a8:85:54:37:8d:ab:9c:9d:eb:14:aa:b8:8f:15:55:
b0:39:c9:29:bf:39:4a:c9:b8:aa:4a:11:e2:8f:e4:
57:44:78:e3:ef:44:12:c4:07:60:ae:64:27:11:ad:
88:49:b3:67:dc:ba:9f:fd:a8:4d:46:56:47:df:c8:
82:57:4b:1d:af:d1:2b:cf:ad:6b:b9:cb:8b:15:f2:
38:cf:19:d6:88:e4:0d:c2:5e:28:87:be:54:92:74:
ba:bc:56:f4:b5:da:6d:15:f5:0c:53:97:94:2a:ee:
c4:6e:1e:7f:b6:a8:7a:9d:1f:d7:85:aa:2f:fe:34:
d4:87:56:b0:ce:8b:5e:ca:50:ab:5c:d8:11:db:88:
71:0d:3c:47:0e:16:a3:26:4e:45:5f:c5:e4:79:12:
8c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:41:FA:47:99:33:32:89:3E:4B:48:D1:10:D8:C7:AB:CE:60:C8:A3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V0H6R5kzMok-S0jRENjHq85gyKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.17.0/24
194.87.91.0/24
194.87.188.0/24
Signature Algorithm: sha256WithRSAEncryption
15:0f:e9:90:ca:c7:f2:d3:bc:fc:5b:f6:25:af:b3:b1:80:7f:
dd:4d:a8:28:2a:56:46:47:13:2b:24:06:23:7b:79:18:be:82:
79:22:03:71:ea:9a:d5:0f:56:78:45:a3:fd:3b:ab:67:ef:aa:
4d:ea:9f:5a:df:86:01:8b:e3:89:d3:3e:d3:b6:de:0e:fd:2e:
4c:e4:9c:fe:51:68:7b:f7:67:84:d2:00:8c:fb:c6:c2:42:e7:
74:19:33:17:d1:65:8c:b1:73:7b:20:f3:97:bd:ca:b5:c7:c7:
87:b8:9e:f8:31:64:c1:f1:c4:0d:97:96:0b:b0:14:14:36:d8:
08:d3:ad:a2:b8:36:87:56:af:5d:15:64:a2:eb:ef:ce:6b:04:
d7:2d:09:0c:77:e8:31:b4:15:92:cb:83:9e:0d:b7:a3:e4:69:
a4:f1:5f:b0:66:a9:9e:c7:96:46:7c:11:10:8c:e4:aa:0f:3b:
c6:4b:ea:56:d7:f2:a6:7f:99:47:43:75:21:44:ac:a6:91:ec:
ab:eb:1e:7f:ed:33:9f:7a:ed:3b:c8:81:ab:04:fe:75:9e:f9:
de:50:c0:d7:5a:14:ed:2c:59:59:0f:9e:e1:d6:95:15:4e:cb:
5b:40:b1:30:a7:f1:39:71:27:8c:1d:44:a5:00:2e:63:5b:ad:
8c:03:ed:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYH/MxdokTt3ez5MQSeyNmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMxMTMyMDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQxZmE0Nzk5MzMzMjg5M2U0YjQ4ZDExMGQ4YzdhYmNlNjBjOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmaCNajHEc7uFSC/hB/4aCvqf5lv
C6HrQFuLPMocre/zhKHjP9U9DGPXs1aXyCsDXnxSE4uO2DWUGKyFNu/ctGR7I+iD
6MZoBn2e5SwX3qtGXmjLQLz8fKAeCanxz+C8PC+ufbkWKXqohVQ3jaucnesUqriP
FVWwOckpvzlKybiqShHij+RXRHjj70QSxAdgrmQnEa2ISbNn3Lqf/ahNRlZH38iC
V0sdr9Erz61rucuLFfI4zxnWiOQNwl4oh75UknS6vFb0tdptFfUMU5eUKu7Ebh5/
tqh6nR/Xhaov/jTUh1awzoteylCrXNgR24hxDTxHDhajJk5FX8XkeRKMfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFdB+keZMzKJPktI0RDYx6vOYMijMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVjBINlI1a3pNb2stUzBqUkVOakhxODVneUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcRAwQA
wldbAwQAwle8MA0GCSqGSIb3DQEBCwUAA4IBAQAVD+mQysfy07z8W/Ylr7OxgH/d
TagoKlZGRxMrJAYje3kYvoJ5IgNx6prVD1Z4RaP9O6tn76pN6p9a34YBi+OJ0z7T
tt4O/S5M5Jz+UWh792eE0gCM+8bCQud0GTMX0WWMsXN7IPOXvcq1x8eHuJ74MWTB
8cQNl5YLsBQUNtgI062iuDaHVq9dFWSi6+/OawTXLQkMd+gxtBWSy4OeDbej5Gmk
8V+wZqmex5ZGfBEQjOSqDzvGS+pW1/Kmf5lHQ3UhRKymkeyr6x5/7TOfeu07yIGr
BP51nvneUMDXWhTtLFlZD57h1pUVTstbQLEwp/E5cSeMHUSlAC5jW62MA+3B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org