Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hK78dzaa4UaW0hrBLHLj922rf8I.roa
File: hK78dzaa4UaW0hrBLHLj922rf8I.roa (raw, json)
Hash identifier: ODyG0WTuaHQRmLulNlC3ryfL1EM4yflWk1uQbjeg6C0=
Subject key identifier: 84:AE:FC:77:36:9A:E1:46:96:D2:1A:C1:2C:72:E3:F7:6D:AB:7F:C2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D319A993D97C5ACDC51BB61124664CF9C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hK78dzaa4UaW0hrBLHLj922rf8I.roa
Signing time: Mon 22 Jan 2024 14:37:11 +0000
ROA not before: Mon 22 Jan 2024 14:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 194.135.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 09:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:9a:99:3d:97:c5:ac:dc:51:bb:61:12:46:64:cf:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 22 14:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84aefc77369ae14696d21ac12c72e3f76dab7fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a4:ff:d8:94:07:f7:30:4a:16:0f:8c:37:9c:
02:91:37:b8:38:58:ed:30:05:43:f9:60:da:f1:c5:
d6:af:90:25:05:e5:64:67:29:61:3b:81:6a:fc:0a:
92:99:ff:c0:82:5d:0d:32:9f:7d:ea:52:29:62:68:
d0:52:b6:70:bc:48:7e:3e:6f:eb:7b:69:91:b1:46:
93:32:cc:ff:ce:f2:f6:3a:91:c6:c4:c9:dd:59:6b:
81:ad:25:c2:1c:c9:4c:f5:19:10:bc:a1:f4:ef:28:
d9:63:1a:ee:e6:cd:b0:4f:5d:56:be:c1:6f:ff:9b:
cb:94:46:2f:da:dd:3c:5c:20:20:81:42:6c:28:5e:
30:6c:3e:f8:c9:12:09:fe:bb:ad:f6:28:59:67:30:
ed:8b:90:f0:19:10:df:d0:2e:dc:f2:50:75:f9:e4:
68:0c:fb:f6:27:dc:73:3f:50:77:81:f2:3e:4e:5c:
39:c0:39:11:38:56:45:24:5b:58:70:08:fa:18:e7:
d9:fd:cb:b0:08:e9:d8:6d:b5:53:12:75:66:7d:ca:
ab:8f:95:f0:e9:68:53:6d:c1:91:8c:5c:b5:ff:f9:
f3:ca:e7:5c:fc:6e:94:0a:2e:e6:f3:86:4e:af:6a:
6e:1a:58:41:98:04:ac:4d:11:55:40:f1:b0:60:c1:
c8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AE:FC:77:36:9A:E1:46:96:D2:1A:C1:2C:72:E3:F7:6D:AB:7F:C2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hK78dzaa4UaW0hrBLHLj922rf8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.32.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ef:9c:4c:60:f6:51:c5:0f:9e:6a:6f:6a:fc:b9:2b:32:16:
c3:d0:55:51:a8:f1:9a:6c:46:07:85:7f:48:15:87:35:55:8f:
1e:f5:85:c6:b5:92:80:84:da:df:33:41:2c:a9:7a:f2:7a:66:
71:6e:84:8e:af:da:4f:02:40:fe:e9:4c:65:f8:8d:f5:39:02:
c4:96:f3:5d:a2:60:c6:e7:0c:91:b4:f7:94:2a:a9:1c:ad:b1:
85:c7:8e:f1:cb:ed:3d:bf:b7:4c:9e:a8:b6:af:45:8e:3d:bf:
5d:b8:22:62:71:8a:35:c6:c8:00:7a:e8:a4:fa:c1:09:82:c1:
72:b8:79:b7:54:8d:1a:77:5d:b0:3c:7b:b7:3a:37:83:11:ab:
9a:d6:df:85:30:e5:c2:e3:3b:fa:34:9e:31:19:61:83:52:3f:
b6:48:34:71:09:03:81:63:8f:ea:1c:cf:3d:25:ea:76:f5:c1:
17:00:26:90:84:a9:f9:e8:21:b4:30:13:01:0c:7e:ca:ee:f2:
e7:55:c3:17:4e:1c:3a:53:47:ec:41:13:9f:d1:b0:01:62:98:
54:f6:eb:11:ee:43:cd:b3:2a:a0:fa:e4:fb:4a:16:a1:42:66:
8b:f7:5b:cf:26:d1:ef:40:1d:e4:87:2e:ca:d2:eb:4f:68:85:
d2:44:22:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0xmpk9l8Ws3FG7YRJGZM+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIyMTQzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFlZmM3NzM2OWFlMTQ2OTZkMjFhYzEyYzcyZTNmNzZkYWI3ZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6T/2JQH9zBKFg+MN5wCkTe4OFjt
MAVD+WDa8cXWr5AlBeVkZylhO4Fq/AqSmf/Agl0NMp996lIpYmjQUrZwvEh+Pm/r
e2mRsUaTMsz/zvL2OpHGxMndWWuBrSXCHMlM9RkQvKH07yjZYxru5s2wT11WvsFv
/5vLlEYv2t08XCAggUJsKF4wbD74yRIJ/rut9ihZZzDti5DwGRDf0C7c8lB1+eRo
DPv2J9xzP1B3gfI+Tlw5wDkROFZFJFtYcAj6GOfZ/cuwCOnYbbVTEnVmfcqrj5Xw
6WhTbcGRjFy1//nzyudc/G6UCi7m84ZOr2puGlhBmASsTRFVQPGwYMHIlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISu/Hc2muFGltIawSxy4/dtq3/CMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaEs3OGR6YWE0VWFXMGhyQkxITGo5MjJyZjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwocgMA0G
CSqGSIb3DQEBCwUAA4IBAQAD75xMYPZRxQ+eam9q/LkrMhbD0FVRqPGabEYHhX9I
FYc1VY8e9YXGtZKAhNrfM0EsqXryemZxboSOr9pPAkD+6Uxl+I31OQLElvNdomDG
5wyRtPeUKqkcrbGFx47xy+09v7dMnqi2r0WOPb9duCJicYo1xsgAeuik+sEJgsFy
uHm3VI0ad12wPHu3OjeDEaua1t+FMOXC4zv6NJ4xGWGDUj+2SDRxCQOBY4/qHM89
Jep29cEXACaQhKn56CG0MBMBDH7K7vLnVcMXThw6U0fsQROf0bABYphU9usR7kPN
syqg+uT7ShahQmaL91vPJtHvQB3khy7K0utPaIXSRCKA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org