Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YqegUHJh4SoJXioeHVS_2qkZZgc.roa
File: YqegUHJh4SoJXioeHVS_2qkZZgc.roa (raw, json)
Hash identifier: ZR0iIMU+EC3b/EjTbPAHA/FL3BstiPxFFxwXGVLldic=
Subject key identifier: 62:A7:A0:50:72:61:E1:2A:09:5E:2A:1E:1D:54:BF:DA:A9:19:66:07
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018774B3BDAC0247AD43B03BA9818393A4FA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YqegUHJh4SoJXioeHVS_2qkZZgc.roa
Signing time: Wed 12 Apr 2023 09:02:28 +0000
ROA not before: Wed 12 Apr 2023 09:02:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 194.87.4.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 08:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:b3:bd:ac:02:47:ad:43:b0:3b:a9:81:83:93:a4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 12 09:02:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62a7a0507261e12a095e2a1e1d54bfdaa9196607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:38:9d:51:a7:eb:d7:02:0b:f4:e9:79:9a:80:
3e:08:d1:d7:6d:82:0c:29:98:be:10:34:80:5e:62:
11:b2:45:ac:1b:88:b5:b0:b0:4d:72:e6:95:30:34:
94:be:a5:b7:23:5a:5b:c5:4a:53:4c:05:12:cb:b7:
2a:c8:5b:5e:6b:5d:27:9b:db:f5:99:55:13:f0:ff:
0a:67:3f:88:fa:14:2d:f1:8f:f6:de:c9:6d:82:4b:
56:a0:5b:5e:5e:bd:a2:d3:12:05:ad:e3:43:17:d3:
2f:f2:56:21:f4:00:08:eb:4d:cd:d1:52:0e:e9:ad:
b1:53:0b:91:c2:8f:79:75:6c:7e:5f:db:c5:49:59:
1c:bc:0c:25:9e:14:fb:5c:c7:b1:31:ba:51:7d:0a:
cc:df:de:ca:8b:e8:27:80:a8:4c:d3:52:2f:92:f3:
42:d6:2d:3b:91:d0:9e:d2:91:47:1a:0a:44:59:24:
11:84:e1:78:24:15:ec:da:cc:fd:49:b1:52:b9:1f:
41:8d:2d:17:f9:0c:1e:8e:d9:47:1c:96:99:f2:7b:
49:08:cd:7f:05:bb:20:e9:14:dc:b4:83:b1:93:ad:
88:7c:e5:8a:1a:50:3d:14:ed:24:73:d4:bc:26:dd:
98:0c:62:a6:f6:0d:39:7f:7e:88:22:17:4f:18:71:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A7:A0:50:72:61:E1:2A:09:5E:2A:1E:1D:54:BF:DA:A9:19:66:07
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YqegUHJh4SoJXioeHVS_2qkZZgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
192.124.183.0/24
194.87.4.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ae:b5:16:77:af:c2:d2:db:9f:82:71:a3:f6:49:f5:12:8e:
45:0d:c6:18:38:50:53:39:b7:fc:a5:3a:39:8f:84:2d:5e:6e:
b5:9c:48:1a:d0:35:30:a2:a8:66:a6:1a:a0:55:92:a0:ad:73:
3a:93:6c:b9:6e:54:34:eb:bd:ac:7c:05:7f:0a:04:92:ee:da:
71:9a:de:8a:47:32:d3:22:51:9f:b9:76:e0:80:c7:94:bc:43:
d4:4d:d3:07:78:90:5f:e9:09:4e:de:49:6e:10:97:4b:bb:be:
ee:c4:dc:ca:99:36:a1:93:00:91:b2:5a:38:73:6d:bb:06:5b:
33:e0:57:e0:b7:c7:2e:dc:9c:7d:37:72:cc:4e:eb:4d:75:20:
71:6a:88:f4:8a:49:02:f0:d3:74:bf:2f:b6:46:8d:67:e2:4e:
5e:72:8a:d6:62:e1:38:1b:68:92:41:36:74:e5:38:e0:cf:a9:
bd:3e:8b:96:b1:04:d5:c5:ce:cc:74:f8:45:02:c3:09:7a:c4:
fb:2c:09:60:dc:06:bc:b7:51:98:b8:79:ef:30:e2:b1:11:e9:
06:9c:b7:4a:f2:10:e1:1d:5a:38:3e:bf:d3:b0:94:a5:c1:3a:
0d:29:6f:2b:a4:41:3c:5b:29:4b:c5:b1:64:63:1b:7a:c9:e7:
32:11:35:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd0s72sAketQ7A7qYGDk6T6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDEyMDkwMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE3YTA1MDcyNjFlMTJhMDk1ZTJhMWUxZDU0YmZkYWE5MTk2NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizidUafr1wIL9Ol5moA+CNHXbYIM
KZi+EDSAXmIRskWsG4i1sLBNcuaVMDSUvqW3I1pbxUpTTAUSy7cqyFtea10nm9v1
mVUT8P8KZz+I+hQt8Y/23sltgktWoFteXr2i0xIFreNDF9Mv8lYh9AAI603N0VIO
6a2xUwuRwo95dWx+X9vFSVkcvAwlnhT7XMexMbpRfQrM397Ki+gngKhM01IvkvNC
1i07kdCe0pFHGgpEWSQRhOF4JBXs2sz9SbFSuR9BjS0X+QwejtlHHJaZ8ntJCM1/
Bbsg6RTctIOxk62IfOWKGlA9FO0kc9S8Jt2YDGKm9g05f36IIhdPGHFfQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGKnoFByYeEqCV4qHh1Uv9qpGWYHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWXFlZ1VISmg0U29KWGlvZUhWU18ycWtaWmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHysAwQA
wHy3AwQAwlcEMA0GCSqGSIb3DQEBCwUAA4IBAQByrrUWd6/C0tufgnGj9kn1Eo5F
DcYYOFBTObf8pTo5j4QtXm61nEga0DUwoqhmphqgVZKgrXM6k2y5blQ0672sfAV/
CgSS7tpxmt6KRzLTIlGfuXbggMeUvEPUTdMHeJBf6QlO3kluEJdLu77uxNzKmTah
kwCRslo4c227Blsz4Ffgt8cu3Jx9N3LMTutNdSBxaoj0ikkC8NN0vy+2Ro1n4k5e
corWYuE4G2iSQTZ05Tjgz6m9PouWsQTVxc7MdPhFAsMJesT7LAlg3Aa8t1GYuHnv
MOKxEekGnLdK8hDhHVo4Pr/TsJSlwToNKW8rpEE8WylLxbFkYxt6yecyETW/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org