Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQ4o5ZaZ1FCOqBAThDFbZ7hlWk4.roa
File: YQ4o5ZaZ1FCOqBAThDFbZ7hlWk4.roa (raw, json)
Hash identifier: HlatwK5h6SSlYtxHkBx+dpl2568IU8vYQN1CCZXP98E=
Subject key identifier: 61:0E:28:E5:96:99:D4:50:8E:A8:10:13:84:31:5B:67:B8:65:5A:4E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187BE7A57B255E35680DC4C58FB15297C2A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQ4o5ZaZ1FCOqBAThDFbZ7hlWk4.roa
Signing time: Wed 26 Apr 2023 16:51:41 +0000
ROA not before: Wed 26 Apr 2023 16:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208046
IP address blocks: 194.87.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:7a:57:b2:55:e3:56:80:dc:4c:58:fb:15:29:7c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 26 16:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=610e28e59699d4508ea8101384315b67b8655a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8b:f6:36:e9:13:92:b1:eb:07:b2:10:61:bf:
55:e2:97:cb:90:4c:bf:c9:04:b9:1e:7a:50:3f:6f:
a3:28:76:62:2b:66:a2:29:9d:b3:99:4e:84:bd:91:
67:3d:b6:b1:83:50:de:70:b8:92:e4:73:40:5d:c5:
4c:09:db:e1:0d:79:4f:60:78:24:51:4e:16:6b:20:
3c:09:28:30:ea:30:18:d4:44:71:92:72:cf:4b:6b:
d0:18:b2:06:1d:54:09:c1:d0:b0:08:94:b9:6e:4f:
c6:13:5b:6a:18:fa:67:fc:74:7a:6e:c6:f4:79:71:
6f:07:68:30:4f:70:e0:c0:9a:44:55:9c:db:c9:fb:
3d:56:36:c4:f7:1c:8d:db:44:b4:35:26:94:df:78:
9a:b9:3b:3e:e9:bd:98:76:9e:b2:dc:21:03:c8:84:
5c:a2:c7:05:97:1c:25:01:a4:55:61:6f:57:f8:3a:
c7:a5:80:37:16:5f:48:b3:29:21:eb:51:04:d9:b2:
34:db:a3:3d:74:c9:d5:d5:5d:37:7e:12:50:8c:4b:
da:d6:0e:df:25:4f:fa:86:03:0e:ff:48:f8:ce:68:
82:48:82:92:77:0c:9e:6d:72:98:ba:3b:4a:eb:dc:
c2:30:09:e7:4d:79:b0:46:dd:0b:af:6a:3f:e5:ed:
40:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0E:28:E5:96:99:D4:50:8E:A8:10:13:84:31:5B:67:B8:65:5A:4E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YQ4o5ZaZ1FCOqBAThDFbZ7hlWk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.14.0/24
Signature Algorithm: sha256WithRSAEncryption
26:92:c0:eb:f5:b5:1a:79:23:56:32:0f:0a:c8:7a:5f:0d:45:
dc:93:90:ba:cd:b9:86:05:5c:87:72:ba:43:be:80:8b:2b:48:
b0:0f:8b:0f:9d:77:bb:7a:5b:5e:16:8c:b2:85:5d:be:c9:7a:
93:10:99:69:6e:46:cf:02:ee:d5:0e:62:c3:59:79:50:84:c7:
9a:5e:28:3e:26:3f:16:44:61:0f:56:64:9e:f2:8d:17:13:44:
eb:41:0e:74:c3:99:14:19:cf:1a:e9:11:43:1e:6e:c4:d9:d8:
a3:c5:ae:98:01:c9:8b:d6:b7:f8:70:e4:30:ca:90:2d:a2:2a:
31:cc:88:87:18:cc:ca:10:86:21:4e:04:8d:c7:68:c7:d5:76:
58:de:06:b4:20:31:ec:ac:0a:9d:3f:ca:e4:7e:51:02:c4:7e:
72:ff:e5:37:1a:93:9c:70:e9:27:ca:cc:b6:18:96:08:75:6e:
69:8c:15:bd:a7:23:d9:e7:5f:49:56:7a:7f:b7:12:bb:90:0f:
09:1b:f5:03:11:a6:ce:ff:91:3e:f5:73:48:a8:b4:d0:65:85:
0a:fe:5a:07:e6:a5:89:29:4c:99:b9:61:7b:86:79:54:14:41:
5a:9d:59:af:69:52:56:1c:49:fc:61:4f:14:8d:01:0e:90:f6:
b4:ae:a2:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe+eleyVeNWgNxMWPsVKXwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI2MTY1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBlMjhlNTk2OTlkNDUwOGVhODEwMTM4NDMxNWI2N2I4NjU1YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoov2NukTkrHrB7IQYb9V4pfLkEy/
yQS5HnpQP2+jKHZiK2aiKZ2zmU6EvZFnPbaxg1DecLiS5HNAXcVMCdvhDXlPYHgk
UU4WayA8CSgw6jAY1ERxknLPS2vQGLIGHVQJwdCwCJS5bk/GE1tqGPpn/HR6bsb0
eXFvB2gwT3DgwJpEVZzbyfs9VjbE9xyN20S0NSaU33iauTs+6b2Ydp6y3CEDyIRc
oscFlxwlAaRVYW9X+DrHpYA3Fl9Isykh61EE2bI026M9dMnV1V03fhJQjEva1g7f
JU/6hgMO/0j4zmiCSIKSdwyebXKYujtK69zCMAnnTXmwRt0Lr2o/5e1AyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEOKOWWmdRQjqgQE4QxW2e4ZVpOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVE0bzVaYVoxRkNPcUJBVGhERmJaN2hsV2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcOMA0G
CSqGSIb3DQEBCwUAA4IBAQAmksDr9bUaeSNWMg8KyHpfDUXck5C6zbmGBVyHcrpD
voCLK0iwD4sPnXe7elteFoyyhV2+yXqTEJlpbkbPAu7VDmLDWXlQhMeaXig+Jj8W
RGEPVmSe8o0XE0TrQQ50w5kUGc8a6RFDHm7E2dijxa6YAcmL1rf4cOQwypAtoiox
zIiHGMzKEIYhTgSNx2jH1XZY3ga0IDHsrAqdP8rkflECxH5y/+U3GpOccOknysy2
GJYIdW5pjBW9pyPZ519JVnp/txK7kA8JG/UDEabO/5E+9XNIqLTQZYUK/loH5qWJ
KUyZuWF7hnlUFEFanVmvaVJWHEn8YU8UjQEOkPa0rqK9
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org