Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aR1orD7-Vfjg9M_O2ZycjIoiz5o.roa
File: aR1orD7-Vfjg9M_O2ZycjIoiz5o.roa (raw, json)
Hash identifier: Dm7+xwMuhkW3e5lea4l0siz7JBTEHopDnCouc0ZXmfQ=
Subject key identifier: 69:1D:68:AC:3E:FE:55:F8:E0:F4:CF:CE:D9:9C:9C:8C:8A:22:CF:9A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A72BA84E0CAC9FF11F609AF8CE8ED
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aR1orD7-Vfjg9M_O2ZycjIoiz5o.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36113
IP address blocks: 194.58.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 16:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:72:ba:84:e0:ca:c9:ff:11:f6:09:af:8c:e8:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=691d68ac3efe55f8e0f4cfced99c9c8c8a22cf9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ad:ab:d2:b6:77:cb:ba:82:82:e2:42:55:a0:
a9:23:d3:03:3b:67:50:6a:1e:07:62:0c:57:c1:8a:
1c:f9:3a:f8:95:f5:ea:91:4c:8e:34:f5:a4:d8:14:
e8:f3:b8:70:bb:3f:34:cc:9d:94:4f:70:8c:b3:34:
ee:7c:4a:d8:18:cc:2d:bd:42:19:b1:c0:d7:1a:33:
6f:c2:20:97:37:3c:99:ba:65:7b:64:38:cd:cc:98:
50:bd:84:07:93:aa:42:50:36:e5:60:18:07:51:a8:
b4:0e:47:c3:47:b3:83:b3:67:82:6c:31:9b:d1:f8:
51:d2:5d:a5:1b:9c:7e:f1:3e:a5:4d:f0:0c:2c:a1:
3d:7b:9e:37:36:da:13:e3:73:c9:2f:4d:f2:24:68:
6a:07:e9:c7:39:1a:bc:66:4c:bd:ea:b1:72:d8:48:
57:d3:93:a8:b0:17:3a:36:a8:5a:8e:3a:03:8c:ce:
94:13:0b:eb:35:c1:f9:38:d5:d4:d1:7c:d7:ea:9b:
55:e1:f7:cf:a7:a3:e9:f0:f8:15:94:d1:09:e7:02:
a0:54:72:28:d6:e0:58:df:6b:cb:15:cc:14:05:6e:
c0:5c:f7:ba:07:1a:be:72:02:49:44:81:5d:a1:98:
d7:a4:35:8c:2b:40:b7:af:6a:5e:f3:1f:33:cd:d3:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1D:68:AC:3E:FE:55:F8:E0:F4:CF:CE:D9:9C:9C:8C:8A:22:CF:9A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aR1orD7-Vfjg9M_O2ZycjIoiz5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.41.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:99:c4:b8:96:a8:75:3e:d9:4a:36:61:69:5b:c1:f8:eb:46:
61:af:f4:50:b1:58:a6:fb:56:b2:f4:a4:43:75:ff:b1:2c:7b:
65:6d:b9:fd:76:a8:51:02:86:92:de:0c:84:32:0c:cf:ea:e2:
f2:b4:2a:6b:36:a3:a5:c1:0e:ea:93:b9:dc:92:43:b1:c9:35:
f1:5a:3f:8c:21:40:af:c3:50:e6:1a:67:04:33:46:d5:21:e6:
b5:e7:bc:ff:12:11:02:0b:c1:59:c2:be:7f:20:3a:4e:92:6d:
ac:1c:54:8f:68:2a:7c:2a:4a:65:18:74:c5:65:c1:d9:2b:0e:
83:65:66:14:51:ab:0a:c1:5c:39:ad:ee:c2:aa:03:3d:16:a5:
72:a6:08:c4:49:6f:7e:52:53:2c:46:3a:3c:56:c9:5c:03:af:
bc:7e:67:4f:7b:32:6a:55:3a:de:5f:10:6b:bd:16:76:7c:bd:
50:68:37:60:ad:c2:cb:af:15:f7:d7:18:7f:78:c1:c1:84:e1:
be:02:79:fd:34:60:0e:67:e6:1a:0a:51:b8:99:dc:79:37:c7:
9b:0e:5f:bf:99:e6:b6:3a:e1:80:9a:c9:ef:cd:7f:be:df:8f:
dd:bb:ae:41:73:50:aa:ad:db:0a:b7:9a:f0:b2:04:3a:30:ea:
10:fd:7d:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnK6hODKyf8R9gmvjOjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFkNjhhYzNlZmU1NWY4ZTBmNGNmY2VkOTljOWM4YzhhMjJjZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK2r0rZ3y7qCguJCVaCpI9MDO2dQ
ah4HYgxXwYoc+Tr4lfXqkUyONPWk2BTo87hwuz80zJ2UT3CMszTufErYGMwtvUIZ
scDXGjNvwiCXNzyZumV7ZDjNzJhQvYQHk6pCUDblYBgHUai0DkfDR7ODs2eCbDGb
0fhR0l2lG5x+8T6lTfAMLKE9e543NtoT43PJL03yJGhqB+nHORq8Zky96rFy2EhX
05OosBc6NqhajjoDjM6UEwvrNcH5ONXU0XzX6ptV4ffPp6Pp8PgVlNEJ5wKgVHIo
1uBY32vLFcwUBW7AXPe6Bxq+cgJJRIFdoZjXpDWMK0C3r2pe8x8zzdMQxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkdaKw+/lX44PTPztmcnIyKIs+aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYVIxb3JENy1WZmpnOU1fTzJaeWNqSW9pejVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjopMA0G
CSqGSIb3DQEBCwUAA4IBAQAemcS4lqh1PtlKNmFpW8H460Zhr/RQsVim+1ay9KRD
df+xLHtlbbn9dqhRAoaS3gyEMgzP6uLytCprNqOlwQ7qk7nckkOxyTXxWj+MIUCv
w1DmGmcEM0bVIea157z/EhECC8FZwr5/IDpOkm2sHFSPaCp8KkplGHTFZcHZKw6D
ZWYUUasKwVw5re7CqgM9FqVypgjESW9+UlMsRjo8VslcA6+8fmdPezJqVTreXxBr
vRZ2fL1QaDdgrcLLrxX31xh/eMHBhOG+Ann9NGAOZ+YaClG4mdx5N8ebDl+/mea2
OuGAmsnvzX++34/du65Bc1CqrdsKt5rwsgQ6MOoQ/X2L
-----END CERTIFICATE-----
Generated at Wed Jan 17 21:47:45 2024 by rpki-client on console-fra.rpki-client.org