Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5_J24i-xyvyxumMQixI2ysSRdE.roa
File: a5_J24i-xyvyxumMQixI2ysSRdE.roa (raw, json)
Hash identifier: EeIujT6tBQ4B7fW9g8oGlOtHQXV28jXpKvDEIHYJBt0=
Subject key identifier: 6B:9F:C9:DB:88:BE:C7:2B:F2:C6:E9:8C:42:2C:48:DB:2B:12:45:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187E17FD35D09950BB034FC92AA5C31DF47
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5_J24i-xyvyxumMQixI2ysSRdE.roa
Signing time: Wed 03 May 2023 12:04:23 +0000
ROA not before: Wed 03 May 2023 12:04:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41082
IP address blocks: 194.87.100.0/24 maxlen: 24
194.87.15.0/24 maxlen: 24
194.87.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 09:36:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:7f:d3:5d:09:95:0b:b0:34:fc:92:aa:5c:31:df:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 3 12:04:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9fc9db88bec72bf2c6e98c422c48db2b1245d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:98:be:85:7e:c1:e8:b4:90:ad:11:6e:16:e7:
1b:d5:b7:90:6c:00:41:4a:bd:e5:54:34:64:49:ec:
c4:08:77:4e:97:33:52:a1:40:07:fa:65:e6:94:d9:
9f:5e:08:62:e3:0d:60:bf:e8:53:f9:c2:43:26:39:
4d:37:68:08:1c:2d:4b:4c:d8:77:24:8a:28:82:76:
6d:07:ee:0a:00:06:f2:0c:59:fc:a9:c9:4e:dc:d9:
5c:5f:0f:f2:8d:bd:3f:42:79:e7:f5:df:5e:ee:cb:
54:0b:97:9e:80:7d:aa:3d:d2:ab:bf:ae:d3:b6:42:
4e:64:20:8b:6a:be:a9:5c:cb:eb:71:06:dd:5a:c1:
81:f3:b0:dc:2e:b5:0c:d2:b0:06:da:9c:c8:17:2d:
87:f7:e5:c7:af:38:9b:2a:c0:f8:f9:3c:49:79:01:
20:16:ae:b1:47:9a:8c:c1:73:58:f6:83:24:5d:5a:
20:4c:47:86:0b:b6:8e:6b:21:06:86:dd:39:ca:f9:
14:d7:77:6f:c7:bd:0b:ef:b8:72:61:f9:e6:d8:4a:
3a:36:f4:42:9e:bd:c3:55:a5:4c:09:eb:b0:8f:d8:
82:fe:f3:44:fd:0f:88:2a:ae:13:a1:59:0b:9f:52:
6e:38:bf:33:68:66:cd:1e:bc:66:fe:66:6a:69:64:
8d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9F:C9:DB:88:BE:C7:2B:F2:C6:E9:8C:42:2C:48:DB:2B:12:45:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5_J24i-xyvyxumMQixI2ysSRdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.15.0/24
194.87.100.0/24
194.87.173.0/24
Signature Algorithm: sha256WithRSAEncryption
77:c5:f0:a7:d7:29:8c:7a:8b:e4:22:a7:de:e8:23:3e:b8:c2:
26:82:1b:71:b6:30:0a:42:58:42:4f:1c:3c:67:dc:0a:c1:cb:
e5:ae:6e:d1:67:f8:ec:5e:57:aa:e6:89:c5:4a:b8:a6:70:78:
a3:59:f6:5d:28:f8:49:72:69:a1:af:82:ab:31:ad:43:c2:f3:
75:1b:25:22:ae:b3:66:cd:80:49:65:d6:e4:42:de:e4:8e:2b:
75:2e:f6:b3:1a:ba:87:7b:92:6a:14:82:10:e0:bc:a2:c4:11:
94:c4:c1:23:46:42:ec:36:0f:af:62:fd:b1:6a:7c:a4:a9:09:
ce:36:5b:3b:da:73:50:96:83:3d:5f:03:8f:ee:df:df:31:63:
1d:f5:87:4f:3f:6f:bf:c9:42:98:79:5f:2c:5d:57:57:9e:52:
3b:2e:91:e2:36:99:1b:3e:8e:fe:e0:23:1e:d3:08:f4:d4:45:
e4:21:4b:c4:f3:7d:86:e6:05:ce:ac:ca:54:29:b4:43:c8:fc:
c7:62:a6:ef:ae:94:0b:de:26:24:e8:2f:14:32:b0:8f:03:cb:
19:ec:32:83:7e:91:e3:33:62:05:42:ff:1b:ce:26:e5:7d:d6:
fa:b8:89:fb:5c:2b:ad:40:a1:e3:92:a7:b1:56:9c:fb:96:95:
68:d6:cf:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfhf9NdCZULsDT8kqpcMd9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTAzMTIwNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjlmYzlkYjg4YmVjNzJiZjJjNmU5OGM0MjJjNDhkYjJiMTI0NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpi+hX7B6LSQrRFuFucb1beQbABB
Sr3lVDRkSezECHdOlzNSoUAH+mXmlNmfXghi4w1gv+hT+cJDJjlNN2gIHC1LTNh3
JIoognZtB+4KAAbyDFn8qclO3NlcXw/yjb0/Qnnn9d9e7stUC5eegH2qPdKrv67T
tkJOZCCLar6pXMvrcQbdWsGB87DcLrUM0rAG2pzIFy2H9+XHrzibKsD4+TxJeQEg
Fq6xR5qMwXNY9oMkXVogTEeGC7aOayEGht05yvkU13dvx70L77hyYfnm2Eo6NvRC
nr3DVaVMCeuwj9iC/vNE/Q+IKq4ToVkLn1JuOL8zaGbNHrxm/mZqaWSNYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGufyduIvscr8sbpjEIsSNsrEkXRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYTVfSjI0aS14eXZ5eHVtTVFpeEkyeXNTUmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcPAwQA
wldkAwQAwletMA0GCSqGSIb3DQEBCwUAA4IBAQB3xfCn1ymMeovkIqfe6CM+uMIm
ghtxtjAKQlhCTxw8Z9wKwcvlrm7RZ/jsXleq5onFSrimcHijWfZdKPhJcmmhr4Kr
Ma1DwvN1GyUirrNmzYBJZdbkQt7kjit1LvazGrqHe5JqFIIQ4LyixBGUxMEjRkLs
Ng+vYv2xanykqQnONls72nNQloM9XwOP7t/fMWMd9YdPP2+/yUKYeV8sXVdXnlI7
LpHiNpkbPo7+4CMe0wj01EXkIUvE832G5gXOrMpUKbRDyPzHYqbvrpQL3iYk6C8U
MrCPA8sZ7DKDfpHjM2IFQv8bziblfdb6uIn7XCutQKHjkqexVpz7lpVo1s/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org