Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XhcXJRPMJCqSv_yxV-t9rjVnG2s.roa
File: XhcXJRPMJCqSv_yxV-t9rjVnG2s.roa (raw, json)
Hash identifier: DlT/qJ/dm2mXXLMihoYboLnTmqoMv2OgiUFln4nAqYs=
Subject key identifier: 5E:17:17:25:13:CC:24:2A:92:BF:FC:B1:57:EB:7D:AE:35:67:1B:6B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B36C4E7AFA30CAA53EE586AB7AC287FDE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XhcXJRPMJCqSv_yxV-t9rjVnG2s.roa
Signing time: Mon 16 Oct 2023 04:35:55 +0000
ROA not before: Mon 16 Oct 2023 04:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:c4:e7:af:a3:0c:aa:53:ee:58:6a:b7:ac:28:7f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 16 04:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e17172513cc242a92bffcb157eb7dae35671b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:cc:3a:3a:95:8d:40:09:fb:9c:b7:ca:39:
89:08:23:b5:61:a6:e9:1a:55:66:85:7b:a3:41:29:
3d:49:76:64:66:9b:7d:05:78:b8:65:42:e8:9c:44:
4b:7b:a0:36:7f:b7:67:07:00:9e:2b:9b:13:07:72:
00:d2:ea:7d:21:0d:e2:92:48:49:2f:d2:7f:60:47:
e7:d1:26:a2:b0:3a:80:14:e8:b3:a5:fc:3f:f1:a8:
cc:ab:0e:d3:a3:f1:5c:93:de:d3:3f:56:43:d3:d8:
43:94:c0:49:27:22:3d:69:8b:d0:cc:7f:ef:d7:55:
03:9a:85:0e:03:92:82:a0:da:93:a7:67:bc:3a:dd:
5f:33:48:86:49:8f:bd:ab:95:34:43:3d:e5:c0:e2:
94:21:56:74:b7:85:6b:a9:b7:66:61:b9:db:91:09:
88:c2:f8:38:b4:4c:a5:e2:22:05:14:8f:35:83:52:
99:43:1e:3a:f3:35:83:40:0e:14:42:c7:8b:33:96:
25:b4:f9:3c:55:ad:88:32:8e:cf:05:9c:17:bf:a2:
c7:98:5a:3d:68:17:12:7e:68:5c:42:27:65:49:44:
3a:5a:b6:77:d6:a2:d2:a3:23:82:c0:38:cb:0f:4b:
ae:da:9e:1f:1a:ac:5d:3e:89:b0:4e:b8:0e:52:59:
da:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:17:17:25:13:CC:24:2A:92:BF:FC:B1:57:EB:7D:AE:35:67:1B:6B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XhcXJRPMJCqSv_yxV-t9rjVnG2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.149.0/24
Signature Algorithm: sha256WithRSAEncryption
64:31:ee:c1:c8:72:c0:67:79:4b:b1:d7:b7:4c:d5:3d:4d:d4:
cc:97:95:f3:ba:0c:d3:78:ff:ba:3a:0b:4b:3f:1c:bd:7f:bb:
0a:b4:ac:6d:2f:48:d5:0b:56:4a:1d:1a:78:05:b3:ce:03:ce:
9b:e1:3c:14:eb:f1:c5:11:a6:d2:33:70:d6:ab:c2:11:ec:28:
38:38:a0:85:77:2f:db:cc:2f:32:50:66:95:9d:96:ba:b9:f5:
c7:7d:1c:3e:b6:d5:61:d3:ed:39:62:25:94:88:f5:97:83:74:
db:55:7a:15:43:01:56:a1:bc:6b:06:fd:9c:e5:62:c4:4a:a3:
d7:52:12:58:03:0f:c9:43:0d:e3:75:de:0b:25:65:b8:cb:17:
16:ec:c7:7d:ae:a3:ab:e0:69:3e:09:82:68:7c:78:c6:89:d6:
2a:ba:c3:44:b3:8a:ee:e9:b2:83:d7:61:78:a2:78:69:48:74:
7f:9d:14:9a:41:c6:2d:81:8e:a3:ad:10:d6:34:fd:4b:26:a2:
27:c0:ff:e6:3e:3b:1f:83:11:0c:84:f1:11:a7:e7:97:98:16:
ba:e3:a4:50:07:0b:1d:0a:3a:5c:70:2a:ce:bd:b5:22:79:0b:
22:43:71:ae:19:aa:4c:13:71:19:7f:a9:8d:2b:ad:59:c8:68:
99:d0:57:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs2xOevowyqU+5YaresKH/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE2MDQzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE3MTcyNTEzY2MyNDJhOTJiZmZjYjE1N2ViN2RhZTM1NjcxYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrjMOjqVjUAJ+5y3yjmJCCO1Yabp
GlVmhXujQSk9SXZkZpt9BXi4ZULonERLe6A2f7dnBwCeK5sTB3IA0up9IQ3ikkhJ
L9J/YEfn0SaisDqAFOizpfw/8ajMqw7To/Fck97TP1ZD09hDlMBJJyI9aYvQzH/v
11UDmoUOA5KCoNqTp2e8Ot1fM0iGSY+9q5U0Qz3lwOKUIVZ0t4VrqbdmYbnbkQmI
wvg4tEyl4iIFFI81g1KZQx468zWDQA4UQseLM5YltPk8Va2IMo7PBZwXv6LHmFo9
aBcSfmhcQidlSUQ6WrZ31qLSoyOCwDjLD0uu2p4fGqxdPomwTrgOUlnaWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4XFyUTzCQqkr/8sVfrfa41ZxtrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWGhjWEpSUE1KQ3FTdl95eFYtdDlyalZuRzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleVMA0G
CSqGSIb3DQEBCwUAA4IBAQBkMe7ByHLAZ3lLsde3TNU9TdTMl5XzugzTeP+6OgtL
Pxy9f7sKtKxtL0jVC1ZKHRp4BbPOA86b4TwU6/HFEabSM3DWq8IR7Cg4OKCFdy/b
zC8yUGaVnZa6ufXHfRw+ttVh0+05YiWUiPWXg3TbVXoVQwFWobxrBv2c5WLESqPX
UhJYAw/JQw3jdd4LJWW4yxcW7Md9rqOr4Gk+CYJofHjGidYqusNEs4ru6bKD12F4
onhpSHR/nRSaQcYtgY6jrRDWNP1LJqInwP/mPjsfgxEMhPERp+eXmBa646RQBwsd
CjpccCrOvbUieQsiQ3GuGapME3EZf6mNK61ZyGiZ0FcQ
-----END CERTIFICATE-----
Generated at Sun Dec 24 13:01:53 2023 by rpki-client on console-ams.rpki-client.org