Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xx29M0Y8i-3qltY8xQ2-X7wp4DE.roa
File: Xx29M0Y8i-3qltY8xQ2-X7wp4DE.roa (raw, json)
Hash identifier: l5PaFq3ySgmHjHPo/67h6mSSeY8OtE16YcVTXTAYsVc=
Subject key identifier: 5F:1D:BD:33:46:3C:8B:ED:EA:96:D6:3C:C5:0D:BE:5F:BC:29:E0:31
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A4F5106E86715A12C9245B7D32591E58E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xx29M0Y8i-3qltY8xQ2-X7wp4DE.roa
Signing time: Fri 01 Sep 2023 05:57:04 +0000
ROA not before: Fri 01 Sep 2023 05:57:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 194.87.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 06:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:51:06:e8:67:15:a1:2c:92:45:b7:d3:25:91:e5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 1 05:57:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f1dbd33463c8bedea96d63cc50dbe5fbc29e031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:43:83:31:c7:d7:fd:62:d9:b2:9d:1f:3a:
f4:b7:06:77:29:54:0a:5c:2a:ae:65:db:e7:34:d8:
3d:38:c4:28:1f:70:33:3e:3f:28:ca:75:36:cd:9d:
1a:b1:3a:54:be:5e:71:0c:ad:d8:17:ef:10:e5:c7:
89:5f:c8:91:f3:1d:2e:a8:9d:ae:73:fa:f5:21:27:
ed:5c:f5:15:1c:b0:f5:b2:7d:62:80:e8:06:91:60:
56:6f:a2:cd:21:e8:b4:f6:e8:40:de:9d:29:fc:84:
03:6d:0d:67:98:1d:5a:2a:e8:34:86:73:a6:20:35:
aa:a8:44:87:71:c5:7c:36:a9:02:8e:43:f0:20:81:
68:61:97:12:e3:2d:9b:11:07:e4:ea:c4:97:4b:49:
5e:a8:a2:ca:57:33:76:ab:f9:91:77:c0:3c:7c:9e:
d7:06:1c:a8:4e:a5:ed:c6:f5:99:35:8f:57:1a:5a:
5c:60:39:6f:08:99:44:df:4c:f0:9a:e0:76:44:e3:
bf:09:ce:7b:1d:40:6a:c2:00:81:69:99:d0:4d:be:
ca:a1:21:78:45:c2:59:af:0f:aa:fe:7e:09:45:b2:
f4:f7:45:cf:b5:7b:31:78:ad:fb:b3:74:69:82:bb:
39:dd:04:6f:ab:99:8c:71:3c:d4:40:00:ee:38:e5:
28:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1D:BD:33:46:3C:8B:ED:EA:96:D6:3C:C5:0D:BE:5F:BC:29:E0:31
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xx29M0Y8i-3qltY8xQ2-X7wp4DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.233.0/24
Signature Algorithm: sha256WithRSAEncryption
29:10:eb:53:40:5d:5e:58:6e:94:04:9c:5f:fe:c2:1b:45:85:
3a:ae:cb:bd:d7:41:63:27:ad:f7:86:fd:c2:fa:37:96:e0:f5:
5c:44:82:be:98:d9:45:54:e8:c0:43:6d:5b:72:c6:87:3d:c5:
c2:db:c5:f2:d7:e2:49:26:19:4e:ad:cc:39:13:82:1a:26:09:
06:3b:06:7f:8f:fd:de:d0:2c:14:7c:84:b8:f0:6a:3d:0a:d6:
3f:9b:8b:af:cf:04:0d:db:4b:ed:ee:23:61:8f:61:ff:04:80:
5f:26:5c:c4:9f:0a:43:d8:64:18:78:51:22:8e:60:c8:cf:4e:
96:0f:16:3e:80:a8:de:de:d5:3c:c4:6b:97:c3:6b:c2:c2:bb:
74:96:5d:ed:d8:e9:b1:db:86:8b:f7:f3:42:87:61:eb:24:93:
a2:62:be:32:18:19:68:fd:55:89:66:65:c0:58:f4:64:c4:a7:
60:2a:27:a1:7b:6f:d5:d4:34:36:37:b3:42:d6:8e:85:d7:c9:
a5:16:1a:3a:f1:c5:5c:7b:75:47:66:b0:64:9c:1a:d6:8c:c0:
c4:20:58:fe:9a:8e:fc:07:a8:19:02:86:d0:e5:48:23:20:6e:
23:b2:22:40:35:ac:2b:29:c4:97:90:a2:7e:a2:12:73:e5:6e:
09:67:ac:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpPUQboZxWhLJJFt9MlkeWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTAxMDU1NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFkYmQzMzQ2M2M4YmVkZWE5NmQ2M2NjNTBkYmU1ZmJjMjllMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiudDgzHH1/1i2bKdHzr0twZ3KVQK
XCquZdvnNNg9OMQoH3AzPj8oynU2zZ0asTpUvl5xDK3YF+8Q5ceJX8iR8x0uqJ2u
c/r1ISftXPUVHLD1sn1igOgGkWBWb6LNIei09uhA3p0p/IQDbQ1nmB1aKug0hnOm
IDWqqESHccV8NqkCjkPwIIFoYZcS4y2bEQfk6sSXS0leqKLKVzN2q/mRd8A8fJ7X
BhyoTqXtxvWZNY9XGlpcYDlvCJlE30zwmuB2ROO/Cc57HUBqwgCBaZnQTb7KoSF4
RcJZrw+q/n4JRbL090XPtXsxeK37s3Rpgrs53QRvq5mMcTzUQADuOOUoPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8dvTNGPIvt6pbWPMUNvl+8KeAxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWHgyOU0wWThpLTNxbHRZOHhRMi1YN3dwNERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfpMA0G
CSqGSIb3DQEBCwUAA4IBAQApEOtTQF1eWG6UBJxf/sIbRYU6rsu910FjJ633hv3C
+jeW4PVcRIK+mNlFVOjAQ21bcsaHPcXC28Xy1+JJJhlOrcw5E4IaJgkGOwZ/j/3e
0CwUfIS48Go9CtY/m4uvzwQN20vt7iNhj2H/BIBfJlzEnwpD2GQYeFEijmDIz06W
DxY+gKje3tU8xGuXw2vCwrt0ll3t2Omx24aL9/NCh2HrJJOiYr4yGBlo/VWJZmXA
WPRkxKdgKiehe2/V1DQ2N7NC1o6F18mlFho68cVce3VHZrBknBrWjMDEIFj+mo78
B6gZAobQ5UgjIG4jsiJANawrKcSXkKJ+ohJz5W4JZ6zW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org