Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jkVKUqvwIxv7wqtoUggCmB4IHHo.roa
File: jkVKUqvwIxv7wqtoUggCmB4IHHo.roa (raw, json)
Hash identifier: BWsl9NJvgOzshgF00xLkeNbWscqqkgh0M4IfC4P7Cu0=
Subject key identifier: 8E:45:4A:52:AB:F0:23:1B:FB:C2:AB:68:52:08:02:98:1E:08:1C:7A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DC4E953B39B98099F324C25F2AF3FF49C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jkVKUqvwIxv7wqtoUggCmB4IHHo.roa
Signing time: Tue 20 Feb 2024 05:07:22 +0000
ROA not before: Tue 20 Feb 2024 05:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 194.87.185.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 05:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c4:e9:53:b3:9b:98:09:9f:32:4c:25:f2:af:3f:f4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 20 05:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e454a52abf0231bfbc2ab68520802981e081c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:21:3b:4d:dc:8f:d5:e5:66:5f:00:22:04:
e0:7f:b6:ef:97:3f:f8:f0:10:49:f7:d3:fb:cf:0a:
69:7e:d1:2a:51:9e:08:0f:6a:3a:a0:4a:13:a8:82:
97:83:f7:42:ad:03:fc:e3:28:57:6f:6b:23:00:7d:
0b:58:a2:80:0f:5c:40:57:cd:d0:8b:e9:37:3f:51:
36:cc:99:39:c7:49:a2:c7:de:34:4e:32:b4:9d:df:
3f:bd:20:a0:9e:c8:f5:40:66:1f:21:35:74:b4:ca:
d9:f3:16:49:b3:f8:08:a6:e4:3a:45:49:5e:08:ce:
52:bd:ed:7b:5c:55:4f:ea:56:62:c1:84:87:48:4a:
eb:21:a6:d8:74:94:5c:61:b6:16:e0:0d:86:a3:a9:
5e:bb:a8:39:59:fd:37:77:bf:69:bf:6a:0a:7c:46:
5a:41:5b:f2:17:18:33:3b:d8:51:3e:4e:a0:1e:99:
a7:5c:a3:c4:74:8c:66:79:81:36:92:67:61:3b:7f:
cc:2b:50:a1:0d:7a:48:3b:3c:61:23:31:f7:75:71:
41:cc:e6:19:d3:35:b2:b6:6a:f4:a9:f2:2c:ff:a2:
a6:12:47:7f:d4:3c:52:3b:5b:af:01:e9:92:e7:fd:
13:4c:b9:98:18:c6:10:08:77:19:07:75:5b:d4:f6:
00:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:45:4A:52:AB:F0:23:1B:FB:C2:AB:68:52:08:02:98:1E:08:1C:7A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jkVKUqvwIxv7wqtoUggCmB4IHHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.185.0/24
195.133.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ec:e2:61:33:41:db:ba:17:56:40:02:57:65:19:2c:b6:8d:
87:90:78:d4:44:d8:9f:63:5d:71:54:6b:29:df:fb:42:68:90:
34:0b:7f:1a:53:7c:92:8f:0b:9f:3c:18:03:1b:9e:f1:8f:46:
1f:8c:13:fb:ed:9e:4f:54:a2:35:dd:05:a1:2e:75:0c:9c:17:
90:11:51:08:b2:0e:92:a0:ab:bf:61:02:eb:8a:8d:c4:eb:6a:
78:7c:bd:fb:02:57:b2:11:ed:4b:41:fe:10:48:66:57:e5:52:
e2:4e:e0:b5:86:ad:31:a2:71:00:f4:02:0f:70:ab:cd:ec:8e:
58:78:d3:46:fb:ca:b9:79:b4:aa:e6:43:3e:9f:f9:0a:e1:6b:
3b:3e:cf:9c:02:e4:8c:6b:51:fc:9a:fc:73:ff:dd:57:d9:31:
0c:c2:7a:2c:74:7c:1b:0a:83:c6:87:21:24:c1:10:94:1c:ce:
7e:e7:21:85:cb:27:94:20:f5:7c:5d:fe:22:c6:5a:91:fc:8c:
0f:45:07:83:96:bb:60:4b:aa:17:13:cc:bd:8b:f6:bb:80:10:
d2:39:d7:34:11:66:57:02:39:94:68:5c:e2:70:c4:ff:72:e4:
7e:b5:49:03:cf:61:1f:30:22:29:37:e9:69:80:1d:09:13:b0:
0e:d7:06:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3E6VOzm5gJnzJMJfKvP/ScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIwMDUwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ1NGE1MmFiZjAyMzFiZmJjMmFiNjg1MjA4MDI5ODFlMDgxYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJwhO03cj9XlZl8AIgTgf7bvlz/4
8BBJ99P7zwppftEqUZ4ID2o6oEoTqIKXg/dCrQP84yhXb2sjAH0LWKKAD1xAV83Q
i+k3P1E2zJk5x0mix940TjK0nd8/vSCgnsj1QGYfITV0tMrZ8xZJs/gIpuQ6RUle
CM5Sve17XFVP6lZiwYSHSErrIabYdJRcYbYW4A2Go6leu6g5Wf03d79pv2oKfEZa
QVvyFxgzO9hRPk6gHpmnXKPEdIxmeYE2kmdhO3/MK1ChDXpIOzxhIzH3dXFBzOYZ
0zWytmr0qfIs/6KmEkd/1DxSO1uvAemS5/0TTLmYGMYQCHcZB3Vb1PYA+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI5FSlKr8CMb+8KraFIIApgeCBx6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvamtWS1VxdndJeHY3d3F0b1VnZ0NtQjRJSEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwle5AwQA
w4UrMA0GCSqGSIb3DQEBCwUAA4IBAQB67OJhM0HbuhdWQAJXZRksto2HkHjURNif
Y11xVGsp3/tCaJA0C38aU3ySjwufPBgDG57xj0YfjBP77Z5PVKI13QWhLnUMnBeQ
EVEIsg6SoKu/YQLrio3E62p4fL37AleyEe1LQf4QSGZX5VLiTuC1hq0xonEA9AIP
cKvN7I5YeNNG+8q5ebSq5kM+n/kK4Ws7Ps+cAuSMa1H8mvxz/91X2TEMwnosdHwb
CoPGhyEkwRCUHM5+5yGFyyeUIPV8Xf4ixlqR/IwPRQeDlrtgS6oXE8y9i/a7gBDS
Odc0EWZXAjmUaFzicMT/cuR+tUkDz2EfMCIpN+lpgB0JE7AO1wZA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org