Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hosFmttrrq9TNTF4lKd9FGIQWXU.roa
File: hosFmttrrq9TNTF4lKd9FGIQWXU.roa (raw, json)
Hash identifier: Jx3i5FTEn+hceV1j6Z9y1mzpsQFBkxsp+QlY09bnZeQ=
Subject key identifier: 86:8B:05:9A:DB:6B:AE:AF:53:35:31:78:94:A7:7D:14:62:10:59:75
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186030B75F7895678F352A743BC4B39CDC5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hosFmttrrq9TNTF4lKd9FGIQWXU.roa
Signing time: Mon 30 Jan 2023 14:18:48 +0000
ROA not before: Mon 30 Jan 2023 14:18:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.188.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:0b:75:f7:89:56:78:f3:52:a7:43:bc:4b:39:cd:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 14:18:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=868b059adb6baeaf5335317894a77d1462105975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:86:90:8d:e3:09:25:2f:14:fb:5e:6b:00:97:
06:b9:f0:e4:49:e4:db:48:1b:e4:24:bf:6d:91:83:
58:f6:e6:cd:9d:e3:b9:f7:a9:9a:71:61:9d:d4:ba:
60:32:0a:6d:db:c5:3b:47:ad:03:9a:be:a5:f9:17:
61:8e:e1:4d:a8:3e:b4:90:88:3e:07:30:8d:f2:6d:
19:c9:a2:43:e5:9b:57:8f:42:d7:38:88:8a:e6:e1:
25:7f:ef:a1:a5:6c:70:43:23:fa:87:d9:90:ee:2a:
d9:60:03:3d:47:de:41:f7:c9:92:83:d6:ae:5f:fb:
cc:90:b4:59:7e:86:f8:c6:45:a7:b9:93:6a:8e:62:
34:26:29:49:8f:f8:47:4c:43:b1:94:5a:74:1b:c6:
8c:87:45:db:a4:ee:8f:2b:36:04:1b:36:e8:85:92:
02:0e:34:67:5c:86:41:70:7e:11:70:fc:a6:76:6c:
44:13:db:87:93:ff:8d:d2:d1:0a:d3:a8:a6:0a:71:
f1:3e:2f:50:e2:c0:d4:f0:f7:9e:66:ee:d4:9a:8a:
42:14:50:60:5d:be:5f:c1:0d:05:15:a6:e3:9a:47:
40:fa:79:cb:bd:52:d6:4d:77:94:05:be:6e:9d:32:
10:65:45:61:84:76:70:01:6f:d0:03:fa:89:67:4d:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8B:05:9A:DB:6B:AE:AF:53:35:31:78:94:A7:7D:14:62:10:59:75
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hosFmttrrq9TNTF4lKd9FGIQWXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.91.0/24
194.87.188.0/24
Signature Algorithm: sha256WithRSAEncryption
44:df:e4:9e:45:47:8c:4c:6d:72:6a:24:40:d2:8c:e1:3b:26:
6f:84:8f:e9:a8:a8:a1:4b:e1:20:17:f0:62:ae:98:d1:ef:2e:
ca:ad:7d:9e:12:41:f4:e8:30:b8:b1:d8:89:01:6b:0e:f9:6f:
14:ac:9e:3d:73:be:cd:01:f3:d3:9f:e1:cf:07:25:71:14:8a:
83:ec:4b:71:10:5a:53:7a:20:d0:16:d7:18:38:ce:e7:b7:0e:
59:df:e6:0b:86:62:54:c1:03:74:c2:c7:5c:01:dc:b3:99:61:
28:25:20:e9:33:01:7c:07:fd:b4:16:f2:d5:4b:4c:b7:97:ea:
2a:f0:0a:b1:98:a1:f7:d8:9b:b0:fd:57:20:43:9b:44:dc:a3:
15:d0:a7:d3:a7:99:6f:28:ef:ac:cb:e4:e3:9d:7b:96:e3:32:
f0:14:48:b4:47:8d:24:35:1c:11:22:4e:79:c2:27:cc:f0:83:
07:84:73:c9:8b:b9:6e:5c:cf:5c:4d:3e:58:24:e2:fc:fc:8b:
79:3b:8f:6b:52:4e:c9:6e:88:ca:c1:93:6b:6d:40:ce:91:47:
b5:5e:2d:7a:ca:99:d4:aa:96:29:d2:c4:1e:29:03:b8:d6:fa:
2b:4a:ab:59:9f:11:c6:7e:10:97:6e:94:f1:08:52:80:e8:75:
e9:0a:aa:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYDC3X3iVZ481KnQ7xLOc3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMwMTQxODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhiMDU5YWRiNmJhZWFmNTMzNTMxNzg5NGE3N2QxNDYyMTA1OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoaQjeMJJS8U+15rAJcGufDkSeTb
SBvkJL9tkYNY9ubNneO596macWGd1LpgMgpt28U7R60Dmr6l+RdhjuFNqD60kIg+
BzCN8m0ZyaJD5ZtXj0LXOIiK5uElf++hpWxwQyP6h9mQ7irZYAM9R95B98mSg9au
X/vMkLRZfob4xkWnuZNqjmI0JilJj/hHTEOxlFp0G8aMh0XbpO6PKzYEGzbohZIC
DjRnXIZBcH4RcPymdmxEE9uHk/+N0tEK06imCnHxPi9Q4sDU8PeeZu7UmopCFFBg
Xb5fwQ0FFabjmkdA+nnLvVLWTXeUBb5unTIQZUVhhHZwAW/QA/qJZ02lywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIaLBZrba66vUzUxeJSnfRRiEFl1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaG9zRm10dHJycTlUTlRGNGxLZDlGR0lRV1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldbAwQA
wle8MA0GCSqGSIb3DQEBCwUAA4IBAQBE3+SeRUeMTG1yaiRA0ozhOyZvhI/pqKih
S+EgF/BirpjR7y7KrX2eEkH06DC4sdiJAWsO+W8UrJ49c77NAfPTn+HPByVxFIqD
7EtxEFpTeiDQFtcYOM7ntw5Z3+YLhmJUwQN0wsdcAdyzmWEoJSDpMwF8B/20FvLV
S0y3l+oq8AqxmKH32Juw/VcgQ5tE3KMV0KfTp5lvKO+sy+TjnXuW4zLwFEi0R40k
NRwRIk55wifM8IMHhHPJi7luXM9cTT5YJOL8/It5O49rUk7JbojKwZNrbUDOkUe1
Xi16ypnUqpYp0sQeKQO41vorSqtZnxHGfhCXbpTxCFKA6HXpCqoF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org