Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWgRVOmhs5zUjxshxZvcBmIoGW4.roa
File: hWgRVOmhs5zUjxshxZvcBmIoGW4.roa (raw, json)
Hash identifier: vBzYmY6dfqIjjxB0/L3WlNCGRGzFJQ/uTVH2wAFljDQ=
Subject key identifier: 85:68:11:54:E9:A1:B3:9C:D4:8F:1B:21:C5:9B:DC:06:62:28:19:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01930155D164C972FBE50BAAA6159DF9779E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWgRVOmhs5zUjxshxZvcBmIoGW4.roa
Signing time: Wed 06 Nov 2024 11:57:01 +0000
ROA not before: Wed 06 Nov 2024 11:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203493
IP address blocks: 194.87.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:55:d1:64:c9:72:fb:e5:0b:aa:a6:15:9d:f9:77:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 11:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85681154e9a1b39cd48f1b21c59bdc066228196e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:51:77:d7:62:ee:78:fc:8b:a4:c6:11:e4:
8d:b1:37:37:ac:08:5a:e9:6a:78:4f:bf:03:30:ad:
12:61:ec:e0:bd:17:4f:74:fb:ee:a3:0b:ea:49:ea:
6f:21:24:25:08:f1:41:e5:a1:49:04:8d:1f:0c:7d:
2c:f6:79:08:f3:6f:b6:da:20:fc:de:6c:4c:bc:73:
e2:cc:1b:0e:de:35:36:0d:c7:0e:c2:5d:46:d0:7c:
6d:08:df:62:cd:e3:29:18:9e:9e:0b:08:94:b5:b7:
a0:79:e0:ac:e3:12:95:c0:da:92:01:85:9b:c5:55:
94:13:61:09:04:49:99:37:2c:43:a9:39:24:a3:67:
fb:ff:c4:9c:ca:42:3c:d3:ae:3b:41:4b:ab:bc:77:
6c:a9:21:b2:de:e5:c7:32:65:00:2c:88:40:f7:86:
6e:4d:42:cf:3c:2b:dd:bd:0c:58:dc:da:fd:b6:a0:
e9:d9:4e:10:d6:d0:03:d2:2c:03:7a:52:8c:66:38:
90:3b:86:89:d6:17:e6:4e:fc:45:d5:35:17:9d:b2:
40:88:aa:c3:fc:7d:02:6b:51:3a:f4:1c:79:d5:0f:
33:d9:b2:c4:c9:17:85:56:7a:97:a1:81:2c:38:87:
8c:f0:53:4a:fc:08:a6:b4:a4:a7:ab:de:96:2d:c0:
2c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:68:11:54:E9:A1:B3:9C:D4:8F:1B:21:C5:9B:DC:06:62:28:19:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWgRVOmhs5zUjxshxZvcBmIoGW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.209.0/24
Signature Algorithm: sha256WithRSAEncryption
31:b1:bb:63:65:5f:b0:ce:9e:ce:04:60:e1:62:42:f0:c1:b9:
81:4d:11:fe:2d:c1:24:f1:5b:93:5f:a1:60:02:c2:a2:1d:c7:
1f:31:cb:33:b2:b1:8d:cd:2a:f4:3d:4f:7d:38:56:83:16:c3:
26:05:25:e8:91:9f:e9:ec:c7:34:6b:e3:4e:95:e7:7f:cd:07:
4e:be:db:5c:35:a9:77:18:53:d7:1c:12:6a:80:a0:2f:ac:3a:
11:7d:55:b8:db:1e:05:dc:1b:01:57:d1:9a:68:08:48:e3:01:
63:1b:4c:d9:10:88:46:1c:f5:a8:1f:47:e5:36:e6:4d:a7:56:
45:c6:20:9b:91:87:81:a3:48:67:ba:5e:06:5e:e2:a6:8e:78:
55:bf:dd:db:22:b4:a3:85:4d:f9:b6:27:81:b3:5b:80:b2:b7:
a1:5a:a2:9e:19:41:32:95:2c:a5:ab:9b:8b:eb:9d:86:20:79:
25:04:08:0b:e1:18:60:45:ae:b1:f4:e9:00:69:cc:49:91:93:
d0:f1:ca:5e:bc:c3:82:8c:9e:4a:31:de:c1:24:69:0a:12:8e:
78:49:ec:b0:69:49:74:a9:7f:22:a8:41:ef:e5:79:60:11:7b:
1b:89:ce:14:cb:cd:3d:91:69:85:73:69:2d:80:27:46:28:3a:
08:2b:e7:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMBVdFkyXL75QuqphWd+XeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MTE1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTY4MTE1NGU5YTFiMzljZDQ4ZjFiMjFjNTliZGMwNjYyMjgxOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+dRd9di7nj8i6TGEeSNsTc3rAha
6Wp4T78DMK0SYezgvRdPdPvuowvqSepvISQlCPFB5aFJBI0fDH0s9nkI82+22iD8
3mxMvHPizBsO3jU2DccOwl1G0HxtCN9izeMpGJ6eCwiUtbegeeCs4xKVwNqSAYWb
xVWUE2EJBEmZNyxDqTkko2f7/8ScykI80647QUurvHdsqSGy3uXHMmUALIhA94Zu
TULPPCvdvQxY3Nr9tqDp2U4Q1tAD0iwDelKMZjiQO4aJ1hfmTvxF1TUXnbJAiKrD
/H0Ca1E69Bx51Q8z2bLEyReFVnqXoYEsOIeM8FNK/AimtKSnq96WLcAsCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVoEVTpobOc1I8bIcWb3AZiKBluMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaFdnUlZPbWhzNXpVanhzaHhadmNCbUlvR1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfRMA0G
CSqGSIb3DQEBCwUAA4IBAQAxsbtjZV+wzp7OBGDhYkLwwbmBTRH+LcEk8VuTX6Fg
AsKiHccfMcszsrGNzSr0PU99OFaDFsMmBSXokZ/p7Mc0a+NOled/zQdOvttcNal3
GFPXHBJqgKAvrDoRfVW42x4F3BsBV9GaaAhI4wFjG0zZEIhGHPWoH0flNuZNp1ZF
xiCbkYeBo0hnul4GXuKmjnhVv93bIrSjhU35tieBs1uAsrehWqKeGUEylSylq5uL
652GIHklBAgL4RhgRa6x9OkAacxJkZPQ8cpevMOCjJ5KMd7BJGkKEo54SeywaUl0
qX8iqEHv5XlgEXsbic4Uy809kWmFc2ktgCdGKDoIK+es
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:32:08 2025 by rpki-client