Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XD4IlHRo_bUbeS_FppxviGc6s0c.roa
File: XD4IlHRo_bUbeS_FppxviGc6s0c.roa (raw, json)
Hash identifier: w1aQaSLcLYdcKr+KsgC5tWR1Jes4PE5uqDwHtcFVlsk=
Subject key identifier: 5C:3E:08:94:74:68:FD:B5:1B:79:2F:C5:A6:9C:6F:88:67:3A:B3:47
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8E0B6A7C86CEE82D3507DFCE2C39
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XD4IlHRo_bUbeS_FppxviGc6s0c.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210993
IP address blocks: 194.87.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 09:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8e:0b:6a:7c:86:ce:e8:2d:35:07:df:ce:2c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c3e08947468fdb51b792fc5a69c6f88673ab347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a1:7f:db:a9:cf:86:d7:7d:fa:64:fb:1a:05:
d2:91:01:5b:cc:52:cb:e0:5f:a2:b3:26:3e:88:41:
f9:dd:05:cd:31:54:ce:3e:3b:07:28:df:4d:a0:46:
1e:66:bb:7d:77:85:99:63:46:fa:87:49:ce:0a:50:
7e:06:60:2f:62:e9:18:c6:8d:82:09:a4:05:83:a4:
66:60:60:17:bc:e3:85:77:21:44:58:84:20:85:96:
03:80:90:2f:24:60:5f:70:15:c2:3d:1c:dc:ab:cc:
ca:f1:7e:f9:29:f3:df:20:0f:84:5e:ad:10:6e:ea:
e0:7a:df:b8:1d:58:76:8a:e2:2c:1b:0a:35:15:d6:
48:21:f6:a1:2c:22:54:70:4f:f0:93:45:9e:24:59:
4e:9d:03:f5:8c:1e:57:e1:cd:a0:41:4d:f0:ce:4a:
2b:b8:17:13:82:33:13:03:ae:9d:b2:30:13:ab:30:
28:2a:5c:fc:b9:a9:2c:ac:a5:b6:51:4e:d5:62:4d:
f6:37:7f:31:85:a8:1c:74:b5:8a:e4:39:e7:c8:cf:
4c:9c:19:f3:20:af:26:2b:74:37:23:99:80:b4:61:
2b:79:31:e5:0e:8f:59:cf:1c:23:58:5d:fe:69:01:
e0:1b:70:53:b8:fe:f8:1f:ce:87:10:ec:7b:1e:75:
e1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:08:94:74:68:FD:B5:1B:79:2F:C5:A6:9C:6F:88:67:3A:B3:47
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XD4IlHRo_bUbeS_FppxviGc6s0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c7:29:9b:6e:da:60:84:35:fa:41:fc:f8:15:75:41:6b:43:
58:1f:04:39:01:62:3a:05:bd:ce:9b:29:fc:d4:0d:a0:05:9a:
63:a9:e0:c1:0d:dd:37:07:a3:d7:ea:9d:41:b3:9e:3a:3d:e0:
d2:e1:ff:1f:cd:24:56:c9:19:06:fd:d5:e5:de:7a:1e:6a:01:
e6:d8:ed:09:5b:36:9f:3a:a2:94:cd:b7:cc:a9:7a:b6:79:da:
71:33:e0:83:4b:eb:39:99:7c:b3:58:a1:db:05:90:cb:fd:d4:
94:6a:a5:e7:f6:8b:54:77:24:b7:45:b0:8e:2a:b6:2d:f9:9e:
0b:03:94:08:dd:2b:90:71:51:c2:e8:f1:14:ae:a4:8f:f3:58:
10:0d:b6:18:6b:dc:42:69:3a:88:af:d8:e1:a8:d1:66:44:22:
b5:72:8d:42:8a:59:db:b6:1f:84:3f:ba:bc:d0:72:4f:d0:68:
2b:f6:db:02:c4:92:29:2c:30:62:c1:5e:50:28:db:08:84:60:
9f:b9:dd:48:86:79:8f:d9:1e:15:2e:6c:55:22:1a:3f:1c:ba:
45:9a:9c:4f:2b:2f:ab:92:ef:f0:a0:c3:58:32:6c:d8:c6:72:
90:da:87:86:77:73:06:2d:ac:1d:c9:e6:fe:a2:01:bf:6e:dc:
33:e9:e3:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKo4LanyGzugtNQffziw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNlMDg5NDc0NjhmZGI1MWI3OTJmYzVhNjljNmY4ODY3M2FiMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qF/26nPhtd9+mT7GgXSkQFbzFLL
4F+isyY+iEH53QXNMVTOPjsHKN9NoEYeZrt9d4WZY0b6h0nOClB+BmAvYukYxo2C
CaQFg6RmYGAXvOOFdyFEWIQghZYDgJAvJGBfcBXCPRzcq8zK8X75KfPfIA+EXq0Q
burget+4HVh2iuIsGwo1FdZIIfahLCJUcE/wk0WeJFlOnQP1jB5X4c2gQU3wzkor
uBcTgjMTA66dsjATqzAoKlz8uaksrKW2UU7VYk32N38xhagcdLWK5DnnyM9MnBnz
IK8mK3Q3I5mAtGEreTHlDo9ZzxwjWF3+aQHgG3BTuP74H86HEOx7HnXhJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFw+CJR0aP21G3kvxaacb4hnOrNHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWEQ0SWxIUm9fYlViZVNfRnBweHZpR2M2czBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfRMA0G
CSqGSIb3DQEBCwUAA4IBAQCNxymbbtpghDX6Qfz4FXVBa0NYHwQ5AWI6Bb3Omyn8
1A2gBZpjqeDBDd03B6PX6p1Bs546PeDS4f8fzSRWyRkG/dXl3noeagHm2O0JWzaf
OqKUzbfMqXq2edpxM+CDS+s5mXyzWKHbBZDL/dSUaqXn9otUdyS3RbCOKrYt+Z4L
A5QI3SuQcVHC6PEUrqSP81gQDbYYa9xCaTqIr9jhqNFmRCK1co1Cilnbth+EP7q8
0HJP0Ggr9tsCxJIpLDBiwV5QKNsIhGCfud1IhnmP2R4VLmxVIho/HLpFmpxPKy+r
ku/woMNYMmzYxnKQ2oeGd3MGLawdyeb+ogG/btwz6eP0
-----END CERTIFICATE-----
Generated at Mon Aug 26 12:49:06 2024 by rpki-client on console-fra.rpki-client.org