Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a8TgsAcQJYoVRMpsW5mlcTwrg0Y.roa
File: a8TgsAcQJYoVRMpsW5mlcTwrg0Y.roa (raw, json)
Hash identifier: EMKtUhcQam5gQsaXROJI3iOniBE+nLGaBCzdcz/cX5k=
Subject key identifier: 6B:C4:E0:B0:07:10:25:8A:15:44:CA:6C:5B:99:A5:71:3C:2B:83:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01901C76EF05A12F3B744031D546AF339403
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a8TgsAcQJYoVRMpsW5mlcTwrg0Y.roa
Signing time: Sat 15 Jun 2024 15:14:34 +0000
ROA not before: Sat 15 Jun 2024 15:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 194.87.201.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 12:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:76:ef:05:a1:2f:3b:74:40:31:d5:46:af:33:94:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 15 15:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bc4e0b00710258a1544ca6c5b99a5713c2b8346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ca:28:fa:88:8c:14:2b:f2:8b:14:1d:e8:6b:
74:02:7d:f0:0c:3d:61:82:b5:f0:ca:41:d1:92:ad:
68:98:ee:87:66:54:32:e0:93:5a:e6:3d:4f:5f:d3:
aa:5d:e2:c6:43:04:39:ec:0c:8a:15:e5:35:07:b8:
cc:50:b0:3f:47:fb:68:3d:7b:c9:e6:47:26:7b:1b:
e5:d3:2e:6e:74:cb:1e:33:01:08:cd:a6:f9:d4:89:
ac:66:93:60:e9:91:5e:c8:ee:bf:6a:9f:0e:0e:ee:
0f:fd:f5:ac:8c:04:bb:e4:6f:57:59:e3:17:08:07:
a6:4b:7b:cf:6c:fa:53:68:01:66:dc:ec:28:97:42:
1a:ea:3d:66:c6:7f:e6:02:a5:d3:68:8f:cb:64:d2:
ba:e3:9a:7e:a4:4e:02:ba:49:5d:22:1d:b2:0b:bf:
12:8a:81:0d:0c:28:de:bd:6c:34:f9:d8:11:df:a2:
0f:3f:cd:f7:af:f3:e4:64:ae:06:7a:57:b0:80:13:
93:29:d6:4a:85:bd:e9:c3:b9:29:b4:36:18:16:44:
b9:08:c9:2b:5e:9d:b1:fe:af:2f:85:84:b9:98:0e:
ec:c7:d1:1e:f0:95:e9:cf:61:39:80:94:a0:f0:43:
77:5a:48:13:df:f3:bc:ad:ed:06:7f:7b:6b:2b:4b:
80:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C4:E0:B0:07:10:25:8A:15:44:CA:6C:5B:99:A5:71:3C:2B:83:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a8TgsAcQJYoVRMpsW5mlcTwrg0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.201.0/24
195.133.17.0/24
Signature Algorithm: sha256WithRSAEncryption
15:f0:c4:3b:66:d4:66:23:d6:52:c3:0b:85:a9:4b:d7:a9:6c:
7e:6e:d6:17:09:c9:02:9a:b1:2e:87:5f:ae:2d:ad:af:5b:b7:
e4:99:42:6c:51:37:95:67:9b:28:69:fe:36:7e:2c:65:60:ed:
3a:78:71:4c:8a:27:72:1e:7b:36:d1:16:13:cb:63:58:8e:08:
7d:df:88:57:a5:67:11:e4:c0:ce:99:d7:0f:ad:16:5c:b6:18:
5e:d3:4a:27:8b:f6:a5:57:b3:57:c5:c5:c5:5e:39:40:e5:8f:
43:0f:34:fa:01:74:43:34:9a:a6:f1:03:a3:30:ef:c7:a3:24:
df:c8:2b:fa:d8:76:b5:df:a2:aa:05:56:69:6d:07:48:ce:a6:
6e:da:fb:28:1b:d3:fd:46:b1:d8:25:aa:97:6c:0e:d0:64:13:
c2:c8:43:a1:2a:ff:8d:22:41:78:49:f6:92:74:9e:7f:c5:90:
c3:cb:db:cd:63:d6:e9:43:15:1a:ac:b7:ea:74:d7:c9:93:aa:
ac:1d:c3:41:cb:86:a5:8f:2c:34:b5:4b:c1:aa:b7:4c:1f:b9:
f4:b6:0d:f6:c9:c1:99:0e:6e:3b:7a:3d:ea:dc:f1:45:7c:f7:
62:f0:f8:5a:bc:26:e1:a9:f8:1a:a3:a2:57:11:07:8d:28:90:
b4:d7:23:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAcdu8FoS87dEAx1UavM5QDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjE1MTUxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM0ZTBiMDA3MTAyNThhMTU0NGNhNmM1Yjk5YTU3MTNjMmI4MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysoo+oiMFCvyixQd6Gt0An3wDD1h
grXwykHRkq1omO6HZlQy4JNa5j1PX9OqXeLGQwQ57AyKFeU1B7jMULA/R/toPXvJ
5kcmexvl0y5udMseMwEIzab51ImsZpNg6ZFeyO6/ap8ODu4P/fWsjAS75G9XWeMX
CAemS3vPbPpTaAFm3Owol0Ia6j1mxn/mAqXTaI/LZNK645p+pE4CukldIh2yC78S
ioENDCjevWw0+dgR36IPP833r/PkZK4GelewgBOTKdZKhb3pw7kptDYYFkS5CMkr
Xp2x/q8vhYS5mA7sx9Ee8JXpz2E5gJSg8EN3WkgT3/O8re0Gf3trK0uAYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvE4LAHECWKFUTKbFuZpXE8K4NGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYThUZ3NBY1FKWW9WUk1wc1c1bWxjVHdyZzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlfJAwQA
w4URMA0GCSqGSIb3DQEBCwUAA4IBAQAV8MQ7ZtRmI9ZSwwuFqUvXqWx+btYXCckC
mrEuh1+uLa2vW7fkmUJsUTeVZ5soaf42fixlYO06eHFMiidyHns20RYTy2NYjgh9
34hXpWcR5MDOmdcPrRZcthhe00oni/alV7NXxcXFXjlA5Y9DDzT6AXRDNJqm8QOj
MO/HoyTfyCv62Ha136KqBVZpbQdIzqZu2vsoG9P9RrHYJaqXbA7QZBPCyEOhKv+N
IkF4SfaSdJ5/xZDDy9vNY9bpQxUarLfqdNfJk6qsHcNBy4aljyw0tUvBqrdMH7n0
tg32ycGZDm47ej3q3PFFfPdi8PhavCbhqfgao6JXEQeNKJC01yP0
-----END CERTIFICATE-----
Generated at Sun Aug 11 15:25:48 2024 by rpki-client on console-ams.rpki-client.org