Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-jpVjcLwDqVCCe1g72guE6_Z_4.roa
File: l-jpVjcLwDqVCCe1g72guE6_Z_4.roa (raw, json)
Hash identifier: JxptV6bcJQpg0FY4KW8AkxLYDrF2vGG3OB3P+Ec4nkU=
Subject key identifier: 97:E8:E9:56:37:0B:C0:3A:95:08:27:B5:83:BD:A0:B8:4E:BF:67:FE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B6FB63EC874FF00DD278025EB56DCE917
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-jpVjcLwDqVCCe1g72guE6_Z_4.roa
Signing time: Fri 27 Oct 2023 05:58:16 +0000
ROA not before: Fri 27 Oct 2023 05:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 194.87.220.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Nov 2023 04:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:b6:3e:c8:74:ff:00:dd:27:80:25:eb:56:dc:e9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 27 05:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97e8e956370bc03a950827b583bda0b84ebf67fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:54:70:8b:2b:70:4a:ca:e8:9e:90:81:f1:9c:
dd:47:84:36:ac:2e:f1:6d:99:d3:54:0f:9b:0d:09:
c2:96:50:d7:ce:c4:1c:82:ba:42:7d:0c:c8:37:17:
f0:76:5c:87:c3:20:e2:e7:9f:e9:05:4a:60:84:c9:
d2:2f:12:a1:8f:17:08:57:ae:38:9a:31:03:3c:66:
fc:ff:dd:9f:1b:47:18:b2:ee:4e:55:7c:af:a7:2b:
74:ca:37:9c:7d:35:25:db:26:99:a2:03:bf:6f:68:
36:ff:7e:49:14:83:c8:70:78:f0:9d:7b:16:6b:ab:
fd:c7:60:3d:94:2c:7c:d1:a2:2e:ec:00:9c:1e:ef:
cb:43:9e:da:1a:7f:cf:10:8d:f4:2e:1b:1a:0b:c2:
8f:45:53:fe:9e:ef:bf:62:0e:1d:73:27:0a:7f:05:
4c:a2:46:95:2f:57:86:5f:a7:1e:02:2d:92:49:8f:
5c:c0:8d:3b:b4:79:0e:e5:12:01:5a:a2:d0:3c:76:
ed:1e:0d:04:64:33:32:ad:e4:19:e3:d5:ed:a5:6f:
49:5d:32:6a:59:a1:93:ba:a5:87:ff:08:38:85:ba:
f6:05:09:b9:a5:f2:48:d2:c8:48:fc:83:eb:2f:e4:
ab:8f:f3:a5:75:97:ef:b1:92:23:4a:0b:9e:73:9b:
99:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E8:E9:56:37:0B:C0:3A:95:08:27:B5:83:BD:A0:B8:4E:BF:67:FE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-jpVjcLwDqVCCe1g72guE6_Z_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.49.0/24
194.87.220.0/24
195.58.37.0/24
195.133.61.0/24
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
29:61:dc:de:de:a0:a8:cb:e5:ab:ae:db:b9:f7:12:64:64:c4:
e5:d9:3d:f1:4e:45:a6:f6:97:31:10:0a:c3:c3:44:1f:54:47:
83:9f:71:31:82:23:64:bd:a9:d3:f5:ef:ed:57:85:0b:79:6a:
8b:50:74:49:c2:a4:a9:d5:d2:3d:91:12:c6:62:d2:bc:af:e4:
38:94:24:21:78:5f:b7:73:50:a3:f8:2c:d2:00:46:f3:4d:cb:
e8:c6:8f:bc:ff:a5:bd:db:83:e3:fc:24:b6:a3:31:36:70:2a:
79:b4:90:7c:eb:b7:61:70:42:29:49:74:15:91:7c:5d:46:41:
30:b7:2c:91:fa:b5:9b:8b:e9:c5:03:16:e1:05:9c:c8:af:ad:
c4:c8:76:47:60:d0:9f:cd:d2:c7:d9:ae:5d:34:29:19:90:6a:
0f:de:d8:6d:80:50:6b:34:70:4d:de:5b:96:67:51:81:f4:96:
83:d5:ce:ee:b2:a1:fe:06:06:99:f4:e5:04:59:e2:f2:a0:27:
f3:ad:3d:81:c7:aa:40:9b:5d:fd:15:30:70:de:56:ab:7e:dd:
e4:c7:e1:1b:62:79:92:62:1b:ca:54:cf:b7:07:2d:7a:18:73:
57:d8:84:75:56:55:21:c8:ad:5e:ff:b7:ca:59:83:b2:66:e3:
c6:c7:e7:c7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtvtj7IdP8A3SeAJetW3OkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI3MDU1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2U4ZTk1NjM3MGJjMDNhOTUwODI3YjU4M2JkYTBiODRlYmY2N2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFRwiytwSsronpCB8ZzdR4Q2rC7x
bZnTVA+bDQnCllDXzsQcgrpCfQzINxfwdlyHwyDi55/pBUpghMnSLxKhjxcIV644
mjEDPGb8/92fG0cYsu5OVXyvpyt0yjecfTUl2yaZogO/b2g2/35JFIPIcHjwnXsW
a6v9x2A9lCx80aIu7ACcHu/LQ57aGn/PEI30LhsaC8KPRVP+nu+/Yg4dcycKfwVM
okaVL1eGX6ceAi2SSY9cwI07tHkO5RIBWqLQPHbtHg0EZDMyreQZ49XtpW9JXTJq
WaGTuqWH/wg4hbr2BQm5pfJI0shI/IPrL+Srj/OldZfvsZIjSguec5uZgwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJfo6VY3C8A6lQgntYO9oLhOv2f+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbC1qcFZqY0x3RHFWQ0NlMWc3Mmd1RTZfWl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcxAwQA
wlfcAwQAwzolAwQAw4U9AwQAw4U/AwQA1MD2MA0GCSqGSIb3DQEBCwUAA4IBAQAp
Ydze3qCoy+Wrrtu59xJkZMTl2T3xTkWm9pcxEArDw0QfVEeDn3ExgiNkvanT9e/t
V4ULeWqLUHRJwqSp1dI9kRLGYtK8r+Q4lCQheF+3c1Cj+CzSAEbzTcvoxo+8/6W9
24Pj/CS2ozE2cCp5tJB867dhcEIpSXQVkXxdRkEwtyyR+rWbi+nFAxbhBZzIr63E
yHZHYNCfzdLH2a5dNCkZkGoP3thtgFBrNHBN3luWZ1GB9JaD1c7usqH+BgaZ9OUE
WeLyoCfzrT2Bx6pAm139FTBw3larft3kx+EbYnmSYhvKVM+3By16GHNX2IR1VlUh
yK1e/7fKWYOyZuPGx+fH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org