Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnBHDbuzQWn8ld3r5EMwIXSsqko.roa
File: XnBHDbuzQWn8ld3r5EMwIXSsqko.roa (raw, json)
Hash identifier: xtCDMGo7cZH+IWnuHNVBByyDTy76gSrysqNpggGegio=
Subject key identifier: 5E:70:47:0D:BB:B3:41:69:FC:95:DD:EB:E4:43:30:21:74:AC:AA:4A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BD7BFEE05B673BF46649A3F129DFFF208
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnBHDbuzQWn8ld3r5EMwIXSsqko.roa
Signing time: Thu 16 Nov 2023 10:49:21 +0000
ROA not before: Thu 16 Nov 2023 10:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 194.87.73.0/24 maxlen: 24
2a00:1c8a::/32 maxlen: 32
2a00:1c8b::/32 maxlen: 32
2a00:1c89::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:bf:ee:05:b6:73:bf:46:64:9a:3f:12:9d:ff:f2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 16 10:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e70470dbbb34169fc95ddebe443302174acaa4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:5b:f3:24:06:66:9f:7c:96:24:76:23:e5:
66:4e:fd:f7:7a:25:56:34:ce:38:6f:43:38:e4:4d:
3a:2f:71:c2:3d:db:c9:55:14:6b:0e:e7:6a:ed:24:
01:94:1b:be:c0:fe:09:d3:f6:08:f8:e8:0e:81:f1:
0b:f7:66:dc:85:79:6f:28:e0:34:86:f6:96:0b:f8:
be:12:e4:20:31:4b:f9:83:e7:1f:a4:08:ad:52:62:
71:cd:38:81:f3:0b:5d:8f:33:56:b8:98:72:70:78:
08:dd:e4:46:8e:20:c9:d7:42:93:2a:c8:41:e1:63:
1a:de:1d:87:92:71:0e:45:bc:8c:78:fa:a0:6c:e8:
5d:8a:e5:d6:60:6a:8b:bb:6e:99:5d:8a:90:4d:48:
db:66:c5:69:f5:1b:9b:86:16:7f:50:52:b5:57:39:
f2:a3:30:53:ed:34:d9:03:6b:bd:57:b0:51:ed:ce:
12:2c:f3:76:b5:86:10:32:dc:0f:d0:f1:bf:74:e5:
48:ea:09:10:b9:9c:d2:91:45:ab:72:7f:d4:28:5e:
5e:a1:28:06:8c:04:28:cf:a1:b0:7a:bf:f5:42:3a:
bb:21:36:93:82:ab:a0:c6:46:8f:8a:46:19:fb:28:
fe:a9:4d:b3:9a:da:6d:11:c2:be:73:80:d6:81:e0:
7f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:70:47:0D:BB:B3:41:69:FC:95:DD:EB:E4:43:30:21:74:AC:AA:4A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XnBHDbuzQWn8ld3r5EMwIXSsqko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
IPv6:
2a00:1c89::-2a00:1c8b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:3f:13:4d:69:e0:2c:37:32:57:1d:f6:7e:f8:ee:97:fc:51:
25:da:3b:61:38:d2:f5:61:85:a1:db:b7:26:7e:55:2a:89:ff:
63:9a:82:3e:87:7f:1a:25:e9:f1:46:78:a9:4b:46:1c:69:d1:
fb:ef:3d:64:87:9d:ed:20:da:25:ef:13:bc:6d:5f:35:f1:3b:
dc:e3:9b:f2:80:35:07:3f:fa:68:cc:92:a9:6c:13:c5:2b:9e:
42:ce:4f:99:c1:ac:20:5e:fa:2c:c8:9a:e3:76:4e:4b:66:86:
4c:2b:92:64:d8:c4:1d:fe:cb:0d:aa:3b:6d:8e:fc:84:90:9a:
95:f1:b2:f8:4d:41:41:c0:6c:61:6b:42:4e:90:94:29:7d:b6:
77:3a:27:f0:10:41:b5:eb:fb:b5:f5:fd:ce:94:d7:9c:71:bb:
5d:ff:d1:5f:ae:de:50:06:80:97:a3:36:46:9b:8b:76:96:3b:
07:38:93:f8:cf:c2:e6:e5:12:12:42:31:a8:85:55:43:00:fd:
51:6c:88:c6:31:cf:69:5f:bb:2c:81:4e:de:9f:9b:f0:95:ac:
69:8a:55:51:f2:e9:62:0b:6a:d2:54:95:ad:21:3d:25:c0:ae:
aa:b4:2e:96:40:e4:50:d0:3e:4e:c6:1a:af:c6:d7:5d:97:04:
da:93:0c:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvXv+4FtnO/RmSaPxKd//IIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE2MTA0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcwNDcwZGJiYjM0MTY5ZmM5NWRkZWJlNDQzMzAyMTc0YWNhYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj9b8yQGZp98liR2I+VmTv33eiVW
NM44b0M45E06L3HCPdvJVRRrDudq7SQBlBu+wP4J0/YI+OgOgfEL92bchXlvKOA0
hvaWC/i+EuQgMUv5g+cfpAitUmJxzTiB8wtdjzNWuJhycHgI3eRGjiDJ10KTKshB
4WMa3h2HknEORbyMePqgbOhdiuXWYGqLu26ZXYqQTUjbZsVp9RubhhZ/UFK1Vzny
ozBT7TTZA2u9V7BR7c4SLPN2tYYQMtwP0PG/dOVI6gkQuZzSkUWrcn/UKF5eoSgG
jAQoz6Gwer/1Qjq7ITaTgqugxkaPikYZ+yj+qU2zmtptEcK+c4DWgeB/iQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF5wRw27s0Fp/JXd6+RDMCF0rKpKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWG5CSERidXpRV244bGQzcjVFTXdJWFNzcWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwldJMBYE
AgACMBAwDgMFACoAHIkDBQIqAByIMA0GCSqGSIb3DQEBCwUAA4IBAQAWPxNNaeAs
NzJXHfZ++O6X/FEl2jthONL1YYWh27cmflUqif9jmoI+h38aJenxRnipS0YcadH7
7z1kh53tINol7xO8bV818Tvc45vygDUHP/pozJKpbBPFK55Czk+ZwawgXvosyJrj
dk5LZoZMK5Jk2MQd/ssNqjttjvyEkJqV8bL4TUFBwGxha0JOkJQpfbZ3OifwEEG1
6/u19f3OlNeccbtd/9Ffrt5QBoCXozZGm4t2ljsHOJP4z8Lm5RISQjGohVVDAP1R
bIjGMc9pX7ssgU7en5vwlaxpilVR8uliC2rSVJWtIT0lwK6qtC6WQORQ0D5Oxhqv
xtddlwTakwxM
-----END CERTIFICATE-----
Generated at Fri Nov 17 05:04:59 2023 by rpki-client on console-ams.rpki-client.org