Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hXpezzerKny34LJkLJqdSPuIYIk.roa
File: hXpezzerKny34LJkLJqdSPuIYIk.roa (raw, json)
Hash identifier: b2RKJRGuMbj4VLtc171IxVA7Onufx6/7VZZSjkUoCw4=
Subject key identifier: 85:7A:5E:CF:37:AB:2A:7C:B7:E0:B2:64:2C:9A:9D:48:FB:88:60:89
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ABC3BE967281CE85D0583A2D6EF79203C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hXpezzerKny34LJkLJqdSPuIYIk.roa
Signing time: Fri 22 Sep 2023 09:32:37 +0000
ROA not before: Fri 22 Sep 2023 09:32:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.54.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 10:37:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:3b:e9:67:28:1c:e8:5d:05:83:a2:d6:ef:79:20:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 22 09:32:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=857a5ecf37ab2a7cb7e0b2642c9a9d48fb886089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e1:75:9b:ae:c8:90:69:8a:0e:89:04:28:85:
c9:3e:31:48:bd:e7:6d:20:15:21:56:7d:54:b3:dd:
23:2e:0e:8b:92:21:22:fd:62:40:b1:f9:ee:ef:70:
e8:c1:d0:08:36:47:7a:61:22:9b:ca:63:b3:14:d8:
b7:1a:68:3a:29:74:2a:73:5b:cf:b9:3d:14:9d:6b:
cf:ed:3c:52:24:31:8d:ed:ee:ec:50:61:3e:72:db:
1d:07:34:fb:c7:34:59:39:da:3c:7f:f9:25:b5:49:
5e:c9:dc:8d:ca:b6:47:cf:23:0d:a0:fa:3b:c9:63:
ef:95:92:72:43:74:f0:a7:ea:d0:e0:bd:43:b8:e8:
ad:8f:a3:ac:e5:96:fc:15:1d:55:8c:dd:86:e1:f7:
28:9d:3a:76:18:05:9d:7d:63:96:2b:00:a8:6c:03:
8a:96:7b:f6:fa:a2:a4:5f:15:4b:db:28:b4:e4:ec:
b1:85:ec:8e:74:d4:af:42:f3:fe:41:a1:a7:ba:d1:
5d:bf:35:13:f9:48:93:33:0b:88:88:b4:0b:f4:f7:
44:de:1a:0e:e7:f7:46:8e:3a:25:65:16:62:6c:23:
89:44:c3:d9:81:75:ac:e1:5a:ea:b1:95:33:71:c9:
3e:9c:e5:1c:47:51:03:11:b1:aa:46:8e:e2:5f:69:
eb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7A:5E:CF:37:AB:2A:7C:B7:E0:B2:64:2C:9A:9D:48:FB:88:60:89
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hXpezzerKny34LJkLJqdSPuIYIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.87.54.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:ea:69:ac:fa:32:d7:10:91:04:02:45:71:21:aa:c4:6c:71:
00:79:0f:08:70:74:21:d5:c4:ff:bf:a7:a6:b7:6f:ef:90:8f:
b8:eb:97:38:b4:c9:70:89:05:09:3c:f4:42:9d:6e:4f:91:8d:
63:d6:31:3f:46:b6:cd:f7:e9:81:f4:f2:99:55:f0:90:13:b2:
95:05:62:53:0d:73:23:bf:99:80:98:6b:b9:25:f4:38:e0:c3:
7a:50:2b:a2:01:38:6d:a7:1b:b3:d8:56:43:fd:9c:7d:bc:c8:
b4:ec:ac:55:2d:20:87:3e:56:3a:1f:96:13:3b:5d:67:3d:97:
13:28:15:5d:b4:06:f1:24:b0:20:15:d2:a0:09:d2:29:6e:ed:
14:7f:b2:f6:57:00:27:5c:b2:7c:78:ca:94:d1:81:68:89:42:
66:61:5e:21:3d:c0:8c:c5:9d:d1:6c:4f:6a:f8:24:31:89:60:
9d:94:d6:e0:84:ef:d8:9e:e2:40:ce:51:89:8e:41:de:90:ff:
f4:34:e4:c5:11:bb:85:a0:eb:4b:0b:33:92:09:92:ec:95:65:
3a:27:2b:d6:01:d6:eb:6f:92:e7:31:ad:1f:9b:f9:0f:a6:ec:
d0:cb:87:4b:8e:63:ad:96:4b:59:ce:d0:e9:dc:18:2f:e4:45:
b8:a0:06:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq8O+lnKBzoXQWDotbveSA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIyMDkzMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdhNWVjZjM3YWIyYTdjYjdlMGIyNjQyYzlhOWQ0OGZiODg2MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+F1m67IkGmKDokEKIXJPjFIvedt
IBUhVn1Us90jLg6LkiEi/WJAsfnu73DowdAINkd6YSKbymOzFNi3Gmg6KXQqc1vP
uT0UnWvP7TxSJDGN7e7sUGE+ctsdBzT7xzRZOdo8f/kltUleydyNyrZHzyMNoPo7
yWPvlZJyQ3Twp+rQ4L1DuOitj6Os5Zb8FR1VjN2G4fconTp2GAWdfWOWKwCobAOK
lnv2+qKkXxVL2yi05OyxheyOdNSvQvP+QaGnutFdvzUT+UiTMwuIiLQL9PdE3hoO
5/dGjjolZRZibCOJRMPZgXWs4VrqsZUzcck+nOUcR1EDEbGqRo7iX2nrPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIV6Xs83qyp8t+CyZCyanUj7iGCJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaFhwZXp6ZXJLbnkzNExKa0xKcWRTUHVJWUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjosAwQA
wlc2MA0GCSqGSIb3DQEBCwUAA4IBAQB+6mms+jLXEJEEAkVxIarEbHEAeQ8IcHQh
1cT/v6emt2/vkI+465c4tMlwiQUJPPRCnW5PkY1j1jE/RrbN9+mB9PKZVfCQE7KV
BWJTDXMjv5mAmGu5JfQ44MN6UCuiAThtpxuz2FZD/Zx9vMi07KxVLSCHPlY6H5YT
O11nPZcTKBVdtAbxJLAgFdKgCdIpbu0Uf7L2VwAnXLJ8eMqU0YFoiUJmYV4hPcCM
xZ3RbE9q+CQxiWCdlNbghO/YnuJAzlGJjkHekP/0NOTFEbuFoOtLCzOSCZLslWU6
JyvWAdbrb5LnMa0fm/kPpuzQy4dLjmOtlktZztDp3Bgv5EW4oAbM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org