Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsS3ka6ndbB29lLEBVtaIUW5TyE.roa
File: fsS3ka6ndbB29lLEBVtaIUW5TyE.roa (raw, json)
Hash identifier: gwfqIekeuGWbJ8j7ed9gk4aQT7oUGr9AB7k5zFHLxOY=
Subject key identifier: 7E:C4:B7:91:AE:A7:75:B0:76:F6:52:C4:05:5B:5A:21:45:B9:4F:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189E3C53727ADB06A4D176D455340890E56
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsS3ka6ndbB29lLEBVtaIUW5TyE.roa
Signing time: Fri 11 Aug 2023 08:44:59 +0000
ROA not before: Fri 11 Aug 2023 08:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:c5:37:27:ad:b0:6a:4d:17:6d:45:53:40:89:0e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 08:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ec4b791aea775b076f652c4055b5a2145b94f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:57:1f:f2:62:78:31:ce:5a:2b:e2:03:96:f3:
92:41:9d:c9:ae:a6:18:07:08:19:e0:c7:60:13:e2:
5b:58:99:d5:ce:ca:47:12:98:fc:7b:47:f4:f8:93:
07:f2:95:ad:41:fc:f8:07:05:0a:85:49:7a:42:4e:
82:34:4e:57:89:3d:86:0a:01:c2:2b:d0:29:3b:f9:
44:10:b3:bb:f6:0d:2f:34:dd:85:e6:2a:af:17:79:
83:61:50:e3:ae:1a:d7:13:13:0b:5e:85:35:9a:f3:
16:e9:cb:fa:78:e6:0f:cf:1b:54:fe:68:6f:14:3d:
6f:1a:6f:c6:91:6a:3e:5d:e5:6f:e5:05:2b:c3:ed:
fd:94:c2:20:76:3e:5a:6a:94:16:74:1f:87:0d:83:
0b:13:1f:fe:a2:44:35:10:31:c0:57:66:fd:6a:64:
70:d4:3f:82:dc:09:ac:cf:c2:5f:b5:6d:c1:d1:31:
db:00:8c:b3:d9:41:0b:84:2f:af:86:ff:06:3d:0d:
33:b1:fe:26:af:cd:a9:59:0e:b9:c5:9a:0d:7a:12:
4b:af:a2:d7:92:a0:46:cd:c1:1d:92:36:db:10:a1:
bd:9f:6e:2a:d4:39:01:49:b6:35:37:06:b1:98:35:
7b:b7:5d:89:96:b5:5c:58:e3:dd:2f:02:d6:74:43:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C4:B7:91:AE:A7:75:B0:76:F6:52:C4:05:5B:5A:21:45:B9:4F:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fsS3ka6ndbB29lLEBVtaIUW5TyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.91.0/24
194.87.188.0/24
Signature Algorithm: sha256WithRSAEncryption
01:27:1e:08:23:d6:a8:c4:82:9d:4a:a2:16:73:74:a9:0e:92:
6f:32:03:bf:fe:43:26:c8:d6:62:d9:15:03:1b:a0:89:19:0b:
77:a3:cd:88:07:0d:fd:59:22:be:30:db:ff:46:52:a2:6c:09:
ed:1c:57:a0:17:ec:4c:65:91:a4:6d:c6:99:72:4f:63:21:fa:
45:c9:c4:f1:0f:62:10:8e:a5:8f:ef:e8:d6:f2:2a:e1:3c:e0:
df:9f:f2:d0:d9:b0:54:2c:24:6c:59:4e:4d:7f:24:40:64:03:
e4:36:67:ab:4d:73:b1:31:c0:33:43:f3:a2:d5:ea:0c:37:55:
52:d8:f2:7d:e0:6f:4b:21:67:c7:74:3d:c8:d3:e5:70:e7:eb:
d4:8a:50:57:17:7a:50:42:f0:d6:18:a3:00:be:d4:eb:56:1e:
b4:8b:72:bc:14:96:b2:a1:db:7e:f4:45:9e:46:6f:d0:f4:23:
7f:ba:c8:34:f5:8e:b3:4d:39:78:42:a6:ef:54:11:14:6e:0c:
62:b3:a5:e0:12:d1:f6:b4:43:9b:84:e5:a0:2b:84:7e:98:b6:
37:46:f4:83:aa:b9:57:27:e6:8f:11:aa:8d:89:a9:49:c6:af:
07:0b:e4:10:66:d7:49:54:67:11:72:13:2c:cb:2e:5d:36:f7:
19:c9:4a:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnjxTcnrbBqTRdtRVNAiQ5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODExMDg0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWM0Yjc5MWFlYTc3NWIwNzZmNjUyYzQwNTViNWEyMTQ1Yjk0ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFcf8mJ4Mc5aK+IDlvOSQZ3JrqYY
BwgZ4MdgE+JbWJnVzspHEpj8e0f0+JMH8pWtQfz4BwUKhUl6Qk6CNE5XiT2GCgHC
K9ApO/lEELO79g0vNN2F5iqvF3mDYVDjrhrXExMLXoU1mvMW6cv6eOYPzxtU/mhv
FD1vGm/GkWo+XeVv5QUrw+39lMIgdj5aapQWdB+HDYMLEx/+okQ1EDHAV2b9amRw
1D+C3Amsz8JftW3B0THbAIyz2UELhC+vhv8GPQ0zsf4mr82pWQ65xZoNehJLr6LX
kqBGzcEdkjbbEKG9n24q1DkBSbY1NwaxmDV7t12JlrVcWOPdLwLWdEMzKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH7Et5Gup3WwdvZSxAVbWiFFuU8hMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZnNTM2thNm5kYkIyOWxMRUJWdGFJVVc1VHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldbAwQA
wle8MA0GCSqGSIb3DQEBCwUAA4IBAQABJx4II9aoxIKdSqIWc3SpDpJvMgO//kMm
yNZi2RUDG6CJGQt3o82IBw39WSK+MNv/RlKibAntHFegF+xMZZGkbcaZck9jIfpF
ycTxD2IQjqWP7+jW8irhPODfn/LQ2bBULCRsWU5NfyRAZAPkNmerTXOxMcAzQ/Oi
1eoMN1VS2PJ94G9LIWfHdD3I0+Vw5+vUilBXF3pQQvDWGKMAvtTrVh60i3K8FJay
odt+9EWeRm/Q9CN/usg09Y6zTTl4QqbvVBEUbgxis6XgEtH2tEObhOWgK4R+mLY3
RvSDqrlXJ+aPEaqNialJxq8HC+QQZtdJVGcRchMsyy5dNvcZyUp0
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:21 2024 by rpki-client on console-fra.rpki-client.org