Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iQkyQ-hvwbuxtNgYkPU6NSwqkVo.roa
File: iQkyQ-hvwbuxtNgYkPU6NSwqkVo.roa (raw, json)
Hash identifier: ZCokM0LJgMeeuFU1aGfN6MQ5TYZ1DowgYx5I3JW2fkc=
Subject key identifier: 89:09:32:43:E8:6F:C1:BB:B1:B4:D8:18:90:F5:3A:35:2C:2A:91:5A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BFB9A1782E71C254ACF5D6F43459378E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iQkyQ-hvwbuxtNgYkPU6NSwqkVo.roa
Signing time: Thu 23 Nov 2023 09:54:21 +0000
ROA not before: Thu 23 Nov 2023 09:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44620
IP address blocks: 194.87.130.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:9a:17:82:e7:1c:25:4a:cf:5d:6f:43:45:93:78:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 23 09:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89093243e86fc1bbb1b4d81890f53a352c2a915a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c8:b9:7a:8a:54:00:d0:a8:51:36:86:a0:84:
a4:ad:79:91:8d:59:90:3b:16:e6:68:b0:4c:5a:b2:
2c:bf:7b:2f:bc:c9:76:dc:3d:f2:2f:f5:68:c1:68:
66:01:05:9a:e5:95:cf:c6:09:6b:85:3f:dc:4a:93:
f8:9d:38:0a:2b:40:2d:c1:b3:de:47:cc:1d:03:6c:
7a:d1:d0:5c:50:05:73:50:11:1e:6a:f7:a1:ee:f9:
81:01:0d:ca:70:fa:ec:7d:f6:08:55:c9:20:4f:1a:
ca:c8:81:6d:57:b6:ba:c7:5d:0d:83:23:32:b9:37:
d6:c2:68:eb:50:d8:1b:0c:df:a0:1d:21:43:3a:fd:
2b:52:22:68:4d:50:82:38:39:52:4d:1f:2b:df:04:
a1:1b:bb:82:2c:c5:13:a4:ad:a4:38:6e:05:dd:4b:
a5:33:0e:83:1b:2e:a8:ab:4e:6c:d2:15:e8:05:7d:
e6:f7:6d:c0:5f:80:c5:f4:c5:e2:3a:8f:d8:25:9e:
10:43:3b:2d:f0:0e:fa:29:1c:cc:01:87:e2:78:97:
78:77:20:7a:01:2d:1c:94:a5:c6:b6:aa:56:6a:32:
1b:c8:38:5d:d8:91:47:c8:73:2c:11:96:68:71:43:
f5:6f:e0:1b:0c:2d:8c:64:af:49:34:fc:07:6d:b3:
de:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:09:32:43:E8:6F:C1:BB:B1:B4:D8:18:90:F5:3A:35:2C:2A:91:5A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iQkyQ-hvwbuxtNgYkPU6NSwqkVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.130.0/24
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
33:05:4f:58:3d:7f:1a:80:01:0b:3d:b1:ea:f7:d1:a9:de:18:
4c:78:37:4b:65:df:fa:bf:c8:12:ec:d2:ca:9d:1e:56:12:dc:
28:4b:2e:9c:4e:38:79:65:25:28:fb:ea:ef:75:9b:2c:65:e5:
00:cd:75:b2:49:cd:89:55:b1:07:9a:31:ca:17:17:9e:61:da:
ef:1e:8e:10:75:93:8f:32:8a:aa:ab:84:9a:83:7f:9c:9d:89:
35:2a:28:e2:38:21:1e:71:8b:fb:d6:5d:63:c7:f0:e7:a8:9d:
cb:f4:51:35:fe:88:2b:05:0d:66:57:09:4f:0f:cd:cb:8a:3f:
ca:7f:26:ca:d7:97:31:10:09:4d:24:7a:ba:33:70:5c:72:65:
bd:17:e3:4a:d5:d8:ff:db:97:ab:c6:77:f4:d1:7d:ff:e0:ec:
55:27:9b:23:0b:ea:5a:05:72:07:d9:29:c2:f7:f2:6d:86:bc:
ac:1c:f9:a3:07:44:62:3e:ae:2e:56:2f:7a:9c:a4:1a:71:40:
1c:8f:2b:e3:e4:6a:44:96:de:46:ce:d6:ee:83:9e:f0:b6:3e:
24:f2:27:f6:d4:f3:7a:4b:f1:f9:ad:1c:6d:90:ee:50:18:69:
87:2c:bc:d7:55:0f:03:9a:12:5a:4f:c5:85:d6:30:57:88:2c:
dd:a4:01:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv7mheC5xwlSs9db0NFk3jmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIzMDk1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA5MzI0M2U4NmZjMWJiYjFiNGQ4MTg5MGY1M2EzNTJjMmE5MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8i5eopUANCoUTaGoISkrXmRjVmQ
OxbmaLBMWrIsv3svvMl23D3yL/VowWhmAQWa5ZXPxglrhT/cSpP4nTgKK0AtwbPe
R8wdA2x60dBcUAVzUBEeaveh7vmBAQ3KcPrsffYIVckgTxrKyIFtV7a6x10NgyMy
uTfWwmjrUNgbDN+gHSFDOv0rUiJoTVCCODlSTR8r3wShG7uCLMUTpK2kOG4F3Uul
Mw6DGy6oq05s0hXoBX3m923AX4DF9MXiOo/YJZ4QQzst8A76KRzMAYfieJd4dyB6
AS0clKXGtqpWajIbyDhd2JFHyHMsEZZocUP1b+AbDC2MZK9JNPwHbbPePQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkJMkPob8G7sbTYGJD1OjUsKpFaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVFreVEtaHZ3YnV4dE5nWWtQVTZOU3dxa1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwleCAwQA
wlf2MA0GCSqGSIb3DQEBCwUAA4IBAQAzBU9YPX8agAELPbHq99Gp3hhMeDdLZd/6
v8gS7NLKnR5WEtwoSy6cTjh5ZSUo++rvdZssZeUAzXWySc2JVbEHmjHKFxeeYdrv
Ho4QdZOPMoqqq4Sag3+cnYk1KijiOCEecYv71l1jx/DnqJ3L9FE1/ogrBQ1mVwlP
D83Lij/KfybK15cxEAlNJHq6M3BccmW9F+NK1dj/25erxnf00X3/4OxVJ5sjC+pa
BXIH2SnC9/JthrysHPmjB0RiPq4uVi96nKQacUAcjyvj5GpElt5Gztbug57wtj4k
8if21PN6S/H5rRxtkO5QGGmHLLzXVQ8DmhJaT8WF1jBXiCzdpAFL
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org