Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVi2gHDlaUyo-BNIXbApVUBqk0Q.roa
File: iVi2gHDlaUyo-BNIXbApVUBqk0Q.roa (raw, json)
Hash identifier: DG+1LB6jEwPr5puclCHAwXnm0YIGjLBHgZB/MkfH5NQ=
Subject key identifier: 89:58:B6:80:70:E5:69:4C:A8:F8:13:48:5D:B0:29:55:40:6A:93:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01882D7D6B9DFCD12CF12B457A0142D319B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVi2gHDlaUyo-BNIXbApVUBqk0Q.roa
Signing time: Thu 18 May 2023 06:12:54 +0000
ROA not before: Thu 18 May 2023 06:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2d:7d:6b:9d:fc:d1:2c:f1:2b:45:7a:01:42:d3:19:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 18 06:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8958b68070e5694ca8f813485db02955406a9344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c7:db:d4:97:b4:d4:f0:b1:f7:9b:7d:c7:a3:
0b:79:57:2a:09:14:ff:97:76:a7:1e:aa:9a:03:1b:
5a:ae:12:e0:04:cb:16:4a:c3:d0:99:11:57:14:db:
65:4a:77:13:21:6f:c2:b0:8f:a2:81:cb:d4:be:6c:
d4:fa:69:4f:b9:0b:56:7f:31:e8:1a:0d:e1:a7:88:
76:38:21:1f:af:3a:b8:8c:3e:85:f2:27:9a:61:20:
7b:f5:bf:cb:98:94:c8:ae:64:7f:27:5e:05:89:05:
29:89:15:d6:e4:13:a9:a9:b6:28:bc:8a:9b:5e:b6:
cb:9c:68:a5:d5:3e:64:d3:ec:a4:ce:47:78:ef:36:
c4:cd:81:48:52:9b:6d:4a:f1:b3:bb:b5:34:72:ed:
eb:80:d4:79:d0:aa:7f:19:7c:b2:91:8b:0c:79:2d:
1e:20:25:97:ad:26:93:9b:81:ee:ff:2e:cb:69:9d:
ab:2b:2f:32:18:ee:98:8d:0b:01:3a:c7:f8:7a:03:
ea:af:9d:ee:c5:31:62:e0:34:eb:ba:22:b8:2b:0d:
bb:c8:b5:8c:a9:7f:83:16:e8:6e:3d:a9:fd:5a:b2:
18:cd:88:12:62:7e:e9:29:1a:30:f1:db:f7:ea:dc:
fe:3f:fd:88:70:40:b6:ba:74:1b:e4:97:bd:21:c7:
be:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:58:B6:80:70:E5:69:4C:A8:F8:13:48:5D:B0:29:55:40:6A:93:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVi2gHDlaUyo-BNIXbApVUBqk0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.180.0/24
Signature Algorithm: sha256WithRSAEncryption
02:a8:eb:ab:4a:18:de:98:83:f8:0f:5d:03:cb:51:9e:79:7b:
5d:91:00:c8:60:c9:23:7f:39:f5:56:d5:14:00:49:32:5f:e8:
d2:98:21:f5:fa:43:84:21:f7:5f:bc:51:aa:ed:04:e4:a0:60:
c8:2d:5f:15:f6:d0:2f:db:d5:35:3a:b1:c2:29:9c:be:03:1a:
51:b2:66:b4:9e:40:d4:9f:f0:92:0f:95:f1:15:cd:be:ac:5e:
05:6e:8c:04:1b:88:5d:ac:87:0c:66:2c:d2:1f:71:7d:c9:55:
21:a9:66:3e:d4:34:00:66:9e:98:86:36:ca:d1:18:74:ff:4d:
5d:95:93:68:6b:71:bb:71:ce:f6:25:3a:5a:f2:30:27:3d:7b:
7c:30:42:96:f9:ad:f0:7d:4e:e0:52:0e:e3:ac:2d:c6:1f:99:
99:36:57:dc:fd:1c:98:4d:16:40:58:1c:29:eb:e9:22:ac:b9:
3d:cb:4b:02:bd:99:44:e6:6a:be:8b:15:93:25:c2:c0:90:f8:
e3:4f:4a:65:bc:d4:28:b0:c7:fd:e4:0c:da:ed:b4:4c:1f:8d:
04:57:bd:83:42:9b:85:98:e9:e6:4e:b1:63:48:1c:82:b9:1e:
5d:48:04:f7:0e:23:32:23:fd:e0:9c:d1:02:80:d2:e3:84:ce:
44:f3:92:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgtfWud/NEs8StFegFC0xm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE4MDYxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU4YjY4MDcwZTU2OTRjYThmODEzNDg1ZGIwMjk1NTQwNmE5MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Mfb1Je01PCx95t9x6MLeVcqCRT/
l3anHqqaAxtarhLgBMsWSsPQmRFXFNtlSncTIW/CsI+igcvUvmzU+mlPuQtWfzHo
Gg3hp4h2OCEfrzq4jD6F8ieaYSB79b/LmJTIrmR/J14FiQUpiRXW5BOpqbYovIqb
XrbLnGil1T5k0+ykzkd47zbEzYFIUpttSvGzu7U0cu3rgNR50Kp/GXyykYsMeS0e
ICWXrSaTm4Hu/y7LaZ2rKy8yGO6YjQsBOsf4egPqr53uxTFi4DTruiK4Kw27yLWM
qX+DFuhuPan9WrIYzYgSYn7pKRow8dv36tz+P/2IcEC2unQb5Je9Ice+bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlYtoBw5WlMqPgTSF2wKVVAapNEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVZpMmdIRGxhVXlvLUJOSVhiQXBWVUJxazBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjo9AwQA
wle0MA0GCSqGSIb3DQEBCwUAA4IBAQACqOurShjemIP4D10Dy1GeeXtdkQDIYMkj
fzn1VtUUAEkyX+jSmCH1+kOEIfdfvFGq7QTkoGDILV8V9tAv29U1OrHCKZy+AxpR
sma0nkDUn/CSD5XxFc2+rF4FbowEG4hdrIcMZizSH3F9yVUhqWY+1DQAZp6YhjbK
0Rh0/01dlZNoa3G7cc72JTpa8jAnPXt8MEKW+a3wfU7gUg7jrC3GH5mZNlfc/RyY
TRZAWBwp6+kirLk9y0sCvZlE5mq+ixWTJcLAkPjjT0plvNQosMf95Aza7bRMH40E
V72DQpuFmOnmTrFjSByCuR5dSAT3DiMyI/3gnNECgNLjhM5E85I3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org