Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iu5TtlTn1Uxpo3NUXFCdMV-k7kg.roa
File: iu5TtlTn1Uxpo3NUXFCdMV-k7kg.roa (raw, json)
Hash identifier: H0CfRX0dbegkoJnjFeYm7UILM2eGUn/JVopIFlYcbAQ=
Subject key identifier: 8A:EE:53:B6:54:E7:D5:4C:69:A3:73:54:5C:50:9D:31:5F:A4:EE:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A92672DCD6EDE4A0443119FF6DF4D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iu5TtlTn1Uxpo3NUXFCdMV-k7kg.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 194.87.127.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 15:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:92:67:2d:cd:6e:de:4a:04:43:11:9f:f6:df:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aee53b654e7d54c69a373545c509d315fa4ee48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e2:79:eb:a8:c6:16:89:96:65:83:bf:1d:5c:
bc:7d:ad:5f:a6:b4:24:b0:0b:16:03:7c:f7:cc:79:
83:5d:7c:b0:d3:b1:2b:a1:8f:d8:d8:0d:fc:15:49:
55:25:99:85:73:33:27:e6:05:f3:5e:17:b3:99:cf:
6e:e7:ac:38:cf:d8:dd:47:c8:4b:81:35:ad:2a:20:
16:34:e7:38:f5:e6:11:e6:8f:24:26:80:4d:e5:e9:
5d:93:39:43:31:84:9e:17:fc:3d:bb:97:99:e1:59:
da:df:e8:64:2e:9d:5a:d2:df:cb:bd:6e:8f:94:be:
17:fe:e4:14:4b:82:4e:aa:8c:c8:70:c9:70:97:f1:
2e:b9:4c:8d:78:8e:61:1f:18:8e:e2:be:82:d4:09:
c4:70:a4:17:f5:53:85:18:04:25:ee:6f:4b:6c:4e:
8f:7a:fc:4c:aa:2e:5f:78:56:73:ac:19:5d:49:a3:
bd:25:af:60:80:b0:1e:97:6e:23:0b:dd:8e:d7:97:
f5:aa:59:9e:b0:bf:4b:dc:dd:52:dd:3e:5f:11:6c:
5a:69:6f:37:8b:16:9e:1a:4d:18:27:fa:90:16:e0:
95:7d:6a:4d:bb:bc:ce:eb:68:b0:78:b5:69:07:a9:
f9:c2:5c:6e:d2:14:a0:fa:cb:93:03:c5:2b:ed:b1:
bb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EE:53:B6:54:E7:D5:4C:69:A3:73:54:5C:50:9D:31:5F:A4:EE:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iu5TtlTn1Uxpo3NUXFCdMV-k7kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.38.0/24
194.87.72.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c3:9d:bf:66:fd:84:9a:ac:20:b8:ae:b1:70:53:27:7c:78:
1b:05:b2:37:2c:c8:bf:37:cb:8d:26:ea:b5:3f:ff:eb:4e:37:
fc:7d:25:8f:72:96:c1:89:7f:f4:da:8a:b8:cc:73:fd:13:c6:
70:74:ea:45:73:a7:15:3d:49:55:3d:6b:2c:a4:02:1d:74:12:
0f:29:b5:c4:d7:bb:da:54:67:79:0e:3c:a4:f7:74:76:d5:22:
2d:d8:3c:8e:e5:20:27:98:80:c3:24:1b:2f:ef:a0:8f:5a:21:
64:c7:be:4a:fe:92:f3:fe:fb:11:82:0b:8c:29:af:57:ee:35:
0b:89:c2:1a:0e:2b:2a:a6:a7:23:30:5d:45:44:4c:27:f5:57:
2f:ab:a2:df:bc:99:71:93:dd:01:e1:10:9e:2e:46:69:49:92:
64:ff:64:fb:2e:9a:c8:a9:7c:77:f8:59:03:cb:34:32:05:63:
3a:67:ed:1d:90:12:8a:b8:c3:61:9c:98:6e:4f:36:2e:d2:be:
8d:d0:79:51:52:e9:05:73:7d:78:fb:4e:b9:31:c4:7b:c1:94:
2a:64:3a:94:12:3d:e1:e9:46:59:19:e7:34:e2:c7:0f:55:da:
2d:76:27:8c:98:37:ec:f8:9e:2c:2e:32:79:d5:10:41:aa:8e:
4d:49:8e:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKpJnLc1u3koEQxGf9t9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVlNTNiNjU0ZTdkNTRjNjlhMzczNTQ1YzUwOWQzMTVmYTRlZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOJ566jGFomWZYO/HVy8fa1fprQk
sAsWA3z3zHmDXXyw07EroY/Y2A38FUlVJZmFczMn5gXzXhezmc9u56w4z9jdR8hL
gTWtKiAWNOc49eYR5o8kJoBN5eldkzlDMYSeF/w9u5eZ4Vna3+hkLp1a0t/LvW6P
lL4X/uQUS4JOqozIcMlwl/EuuUyNeI5hHxiO4r6C1AnEcKQX9VOFGAQl7m9LbE6P
evxMqi5feFZzrBldSaO9Ja9ggLAel24jC92O15f1qlmesL9L3N1S3T5fEWxaaW83
ixaeGk0YJ/qQFuCVfWpNu7zO62iweLVpB6n5wlxu0hSg+suTA8Ur7bG7tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIruU7ZU59VMaaNzVFxQnTFfpO5IMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaXU1VHRsVG4xVXhwbzNOVVhGQ2RNVi1rN2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcmAwQA
wldIAwQAwld/MA0GCSqGSIb3DQEBCwUAA4IBAQBlw52/Zv2EmqwguK6xcFMnfHgb
BbI3LMi/N8uNJuq1P//rTjf8fSWPcpbBiX/02oq4zHP9E8ZwdOpFc6cVPUlVPWss
pAIddBIPKbXE17vaVGd5Djyk93R21SIt2DyO5SAnmIDDJBsv76CPWiFkx75K/pLz
/vsRgguMKa9X7jULicIaDisqpqcjMF1FREwn9Vcvq6LfvJlxk90B4RCeLkZpSZJk
/2T7LprIqXx3+FkDyzQyBWM6Z+0dkBKKuMNhnJhuTzYu0r6N0HlRUukFc314+065
McR7wZQqZDqUEj3h6UZZGec04scPVdotdieMmDfs+J4sLjJ51RBBqo5NSY49
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org