Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/giq5m9vNuXSb_EFErUUQgoDfEvo.roa
File: giq5m9vNuXSb_EFErUUQgoDfEvo.roa (raw, json)
Hash identifier: vjhXUim/Ac1ZuRvkeXcyKt4HD8tKmKldvUghDaz/8IY=
Subject key identifier: 82:2A:B9:9B:DB:CD:B9:74:9B:FC:41:44:AD:45:10:82:80:DF:12:FA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8071260DC07582AAAE8394456539
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/giq5m9vNuXSb_EFErUUQgoDfEvo.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199614
IP address blocks: 194.87.135.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 06:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:80:71:26:0d:c0:75:82:aa:ae:83:94:45:65:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822ab99bdbcdb9749bfc4144ad45108280df12fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:94:f4:b6:87:c7:42:da:b8:ec:b0:76:a4:
95:41:d0:20:01:1d:d4:6c:f4:90:64:b6:30:c8:17:
27:fd:57:9c:a0:af:3a:cf:87:62:43:1d:50:a5:eb:
7b:cf:b5:64:45:4a:06:c8:10:e3:8b:22:c4:72:86:
2a:72:f6:3f:3a:38:0f:fb:94:09:09:75:86:c2:bd:
43:02:0d:c5:17:a5:97:70:81:1f:8c:9a:04:1d:7c:
97:ae:d5:02:03:84:4f:2e:63:20:5e:ba:27:75:dd:
f8:b8:e6:e0:c0:8c:cd:d9:78:e0:6e:93:2a:73:6b:
82:11:d6:be:c8:c1:39:98:07:1c:ea:c0:78:ac:4a:
be:2c:53:92:6a:06:c2:a1:12:aa:43:78:2b:1f:8d:
60:79:4b:2e:09:c7:f4:61:42:f9:97:2b:44:39:5e:
45:96:93:7d:ce:ca:93:09:ac:41:a1:89:7a:1c:25:
f2:a4:b1:d1:96:21:4d:1a:e8:03:eb:e0:c8:79:21:
ca:ed:58:ba:b9:25:04:df:d2:d3:5d:29:b6:df:4b:
ef:a5:94:d3:36:39:82:07:0c:d7:ba:5c:5d:f1:41:
8d:1e:d1:29:5a:00:ee:d6:72:74:8c:33:47:14:5f:
60:18:90:b1:92:65:1c:79:42:53:74:1a:7c:fb:74:
88:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2A:B9:9B:DB:CD:B9:74:9B:FC:41:44:AD:45:10:82:80:DF:12:FA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/giq5m9vNuXSb_EFErUUQgoDfEvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.134.0/23
194.87.171.0/24
Signature Algorithm: sha256WithRSAEncryption
05:eb:75:0f:10:38:aa:b3:76:93:b8:dc:1e:ce:37:33:64:1f:
b5:45:3f:8a:39:b6:6a:f0:a5:46:b9:b9:11:c4:ed:5d:25:8b:
50:0d:8d:62:87:d3:a8:83:f9:ba:f2:6b:c3:38:cf:72:63:9f:
ee:28:70:f5:87:5a:14:8b:87:cd:7f:10:ca:11:bd:d2:66:fb:
a3:98:e9:ac:41:b1:56:47:56:30:74:b0:50:3d:bb:89:94:02:
bc:34:4b:34:5a:41:ab:dd:39:9d:54:97:0c:cf:28:c1:a3:39:
e2:e0:55:7f:cb:28:97:8f:8e:5d:f9:c0:29:96:06:57:63:cd:
1f:52:53:79:a9:0b:b3:dd:6f:9b:31:af:48:22:ae:00:0b:3f:
42:e6:6b:df:fd:d6:9d:ee:b8:61:e2:cc:78:ce:7d:c9:9e:a2:
fc:21:80:0e:25:ad:d8:1e:62:60:46:ad:8b:75:64:dd:bd:5d:
de:bc:fc:31:53:de:d3:4b:c2:a5:d4:9c:77:1e:ae:b0:79:c3:
8f:17:83:28:c6:f8:06:09:35:db:12:d2:55:d7:5b:d3:43:e3:
29:9d:80:6b:0f:77:77:c7:b6:52:2f:30:05:fd:80:d5:78:af:
75:0d:23:5e:0b:a9:bc:be:bd:de:4c:f6:a8:81:23:54:f0:c0:
7b:63:ab:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKoBxJg3AdYKqroOURWU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJhYjk5YmRiY2RiOTc0OWJmYzQxNDRhZDQ1MTA4MjgwZGYxMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHOU9LaHx0LauOywdqSVQdAgAR3U
bPSQZLYwyBcn/VecoK86z4diQx1Qpet7z7VkRUoGyBDjiyLEcoYqcvY/OjgP+5QJ
CXWGwr1DAg3FF6WXcIEfjJoEHXyXrtUCA4RPLmMgXrondd34uObgwIzN2XjgbpMq
c2uCEda+yME5mAcc6sB4rEq+LFOSagbCoRKqQ3grH41geUsuCcf0YUL5lytEOV5F
lpN9zsqTCaxBoYl6HCXypLHRliFNGugD6+DIeSHK7Vi6uSUE39LTXSm230vvpZTT
NjmCBwzXulxd8UGNHtEpWgDu1nJ0jDNHFF9gGJCxkmUceUJTdBp8+3SIpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIIquZvbzbl0m/xBRK1FEIKA3xL6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ2lxNW05dk51WFNiX0VGRXJVVVFnb0RmRXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo9AwQB
wleGAwQAwlerMA0GCSqGSIb3DQEBCwUAA4IBAQAF63UPEDiqs3aTuNwezjczZB+1
RT+KObZq8KVGubkRxO1dJYtQDY1ih9Oog/m68mvDOM9yY5/uKHD1h1oUi4fNfxDK
Eb3SZvujmOmsQbFWR1YwdLBQPbuJlAK8NEs0WkGr3TmdVJcMzyjBozni4FV/yyiX
j45d+cAplgZXY80fUlN5qQuz3W+bMa9IIq4ACz9C5mvf/dad7rhh4sx4zn3JnqL8
IYAOJa3YHmJgRq2LdWTdvV3evPwxU97TS8Kl1Jx3Hq6wecOPF4MoxvgGCTXbEtJV
11vTQ+MpnYBrD3d3x7ZSLzAF/YDVeK91DSNeC6m8vr3eTPaogSNU8MB7Y6u/
-----END CERTIFICATE-----
Generated at Fri Feb 2 09:27:08 2024 by rpki-client on console-ams.rpki-client.org