Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XNgOK6ehr_2JGUoKNJ1fmdeHf7U.roa
File: XNgOK6ehr_2JGUoKNJ1fmdeHf7U.roa (raw, json)
Hash identifier: Br0294PpQ+NXv77wdAnbgjRNeuY3iJdFIyR+BbsZ3L0=
Subject key identifier: 5C:D8:0E:2B:A7:A1:AF:FD:89:19:4A:0A:34:9D:5F:99:D7:87:7F:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A0D08BF08BC00049E674F28FC8AF621D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XNgOK6ehr_2JGUoKNJ1fmdeHf7U.roa
Signing time: Wed 11 Jan 2023 12:31:39 +0000
ROA not before: Wed 11 Jan 2023 12:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 194.87.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:d0:8b:f0:8b:c0:00:49:e6:74:f2:8f:c8:af:62:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 11 12:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd80e2ba7a1affd89194a0a349d5f99d7877fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:76:24:21:13:25:56:ec:8f:31:ab:d2:5d:eb:
ee:9d:29:de:69:b6:d6:1b:f8:81:d3:38:e2:29:ae:
9b:e2:14:fb:5b:07:cf:c0:65:89:d0:9e:ab:ab:e9:
28:5f:1d:51:33:03:41:82:73:75:4c:c9:a1:41:e1:
2d:21:89:4b:e5:6d:ae:74:03:a4:5b:18:73:9e:73:
9c:36:2e:46:24:2f:7f:8b:6f:52:5f:f0:46:83:89:
c3:3f:9a:ba:da:74:dc:77:1f:18:3f:74:75:d3:7e:
74:c4:ab:7e:e6:c4:7e:ca:7c:06:dc:5a:8e:30:c4:
d8:4b:c7:20:e8:f4:82:d8:84:e6:d2:67:c2:c7:08:
b1:7a:4a:24:ad:8e:e8:a5:53:fe:c6:35:7c:35:2c:
97:c8:dd:26:69:41:3b:98:63:4c:3e:cd:28:b5:de:
63:a6:25:5f:0c:4b:4c:68:63:3b:df:b7:b8:27:29:
a3:34:53:b5:86:fd:17:4f:f4:6b:f7:cf:38:cf:80:
6c:cc:91:6e:3b:92:4a:c7:05:8e:b0:23:54:e9:f6:
ef:8e:b6:fb:19:d0:44:96:55:71:2d:ab:24:6a:e0:
d5:cf:c2:dc:80:d1:22:4d:67:cd:37:5d:92:4b:bb:
b7:36:9d:7c:a4:0c:be:0a:eb:04:14:15:e7:1a:aa:
ee:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D8:0E:2B:A7:A1:AF:FD:89:19:4A:0A:34:9D:5F:99:D7:87:7F:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XNgOK6ehr_2JGUoKNJ1fmdeHf7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.11.0/24
Signature Algorithm: sha256WithRSAEncryption
53:94:45:1f:8f:9d:26:2f:75:19:00:3a:8d:e0:12:83:34:b6:
01:35:93:27:33:3b:c8:0b:19:2f:f6:00:e8:94:df:3b:e8:8d:
56:50:cb:fd:3e:56:b1:7e:93:bb:1e:a3:2e:cb:bd:6e:28:50:
76:77:a0:6a:f6:60:c6:a3:ae:85:80:f8:8c:ec:74:fd:f8:5c:
b6:27:4b:55:b1:f1:55:05:ba:78:4c:8f:c9:8e:7f:a0:5c:0d:
60:b2:a9:17:20:b1:8b:8a:f3:41:0b:8f:7d:ae:d5:2b:41:7c:
97:01:55:ea:2f:94:44:a2:7b:b3:e7:e3:e4:87:ff:58:8f:07:
4f:f1:6d:77:65:0e:83:9b:d5:c0:f0:2f:8b:71:c6:ad:dd:c8:
80:5e:7c:41:d8:aa:10:eb:c2:df:42:ec:e7:c6:fb:43:74:d6:
4f:8f:4c:70:d8:98:67:50:99:64:1b:18:86:4e:57:67:da:52:
90:19:d4:b4:16:a8:16:4a:35:d2:82:0e:a7:f3:04:25:31:b0:
66:75:0f:66:31:c5:b0:79:db:61:7a:d0:24:95:0e:bf:ea:99:
f8:cf:15:b1:13:41:d6:5e:07:03:95:9d:a4:6e:de:a0:41:61:
d9:f7:bc:c9:9b:fd:9d:c2:56:c0:0b:a8:54:7b:cc:92:a7:e5:
6a:b9:2d:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWg0Ivwi8AASeZ08o/Ir2IdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTExMTIzMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q4MGUyYmE3YTFhZmZkODkxOTRhMGEzNDlkNWY5OWQ3ODc3ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XYkIRMlVuyPMavSXevunSneabbW
G/iB0zjiKa6b4hT7WwfPwGWJ0J6rq+koXx1RMwNBgnN1TMmhQeEtIYlL5W2udAOk
WxhznnOcNi5GJC9/i29SX/BGg4nDP5q62nTcdx8YP3R10350xKt+5sR+ynwG3FqO
MMTYS8cg6PSC2ITm0mfCxwixekokrY7opVP+xjV8NSyXyN0maUE7mGNMPs0otd5j
piVfDEtMaGM737e4JymjNFO1hv0XT/Rr9884z4BszJFuO5JKxwWOsCNU6fbvjrb7
GdBEllVxLaskauDVz8LcgNEiTWfNN12SS7u3Np18pAy+CusEFBXnGqruVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzYDiunoa/9iRlKCjSdX5nXh3+1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWE5nT0s2ZWhyXzJKR1VvS05KMWZtZGVIZjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcLMA0G
CSqGSIb3DQEBCwUAA4IBAQBTlEUfj50mL3UZADqN4BKDNLYBNZMnMzvICxkv9gDo
lN876I1WUMv9PlaxfpO7HqMuy71uKFB2d6Bq9mDGo66FgPiM7HT9+Fy2J0tVsfFV
Bbp4TI/Jjn+gXA1gsqkXILGLivNBC499rtUrQXyXAVXqL5REonuz5+Pkh/9YjwdP
8W13ZQ6Dm9XA8C+Lccat3ciAXnxB2KoQ68LfQuznxvtDdNZPj0xw2JhnUJlkGxiG
Tldn2lKQGdS0FqgWSjXSgg6n8wQlMbBmdQ9mMcWwedthetAklQ6/6pn4zxWxE0HW
XgcDlZ2kbt6gQWHZ97zJm/2dwlbAC6hUe8ySp+VquS0E
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:05 2023 by rpki-client on console-fra.rpki-client.org