Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lHXWua3hcbaDtoWSvtua1LxWYB4.roa
File: lHXWua3hcbaDtoWSvtua1LxWYB4.roa (raw, json)
Hash identifier: ddNilSwpjId7mSToSKPLSsPvufIJlSm3TWvLMpyfW6A=
Subject key identifier: 94:75:D6:B9:AD:E1:71:B6:83:B6:85:92:BE:DB:9A:D4:BC:56:60:1E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018899BEB4F59CA4904635A44BBD856CE9BF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lHXWua3hcbaDtoWSvtua1LxWYB4.roa
Signing time: Thu 08 Jun 2023 06:43:12 +0000
ROA not before: Thu 08 Jun 2023 06:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.87.116.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 08:22:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:be:b4:f5:9c:a4:90:46:35:a4:4b:bd:85:6c:e9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 8 06:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9475d6b9ade171b683b68592bedb9ad4bc56601e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:38:a0:c1:2e:02:dc:fb:86:ce:d9:33:23:e5:
14:08:1b:fc:94:cf:82:e0:b5:a5:a9:8c:07:84:9e:
69:70:58:12:96:77:35:dd:ca:19:87:d2:5e:18:22:
9e:bb:fb:21:20:ae:de:30:c2:a4:d3:0f:e6:94:fa:
eb:78:60:ac:73:31:91:d0:85:a9:05:34:64:14:db:
bb:39:39:b0:74:21:e0:8a:0b:de:07:60:bc:dc:0b:
db:82:4a:e7:b7:13:d4:9a:c4:c0:d7:16:0c:2b:da:
8b:2b:70:02:d2:86:81:5d:3a:5e:b6:bf:f6:68:73:
76:2a:45:da:8b:80:6a:03:08:ed:00:2e:2d:8f:ec:
a5:67:a0:bc:64:82:2b:e6:30:20:68:49:83:e5:43:
43:3c:50:9b:24:73:2b:8b:a8:35:ea:4a:e4:7b:2d:
c8:6c:42:7e:fa:34:89:6b:3c:5c:1b:ce:0d:a3:3d:
68:2c:b8:88:4e:e2:db:ba:a7:9e:21:f7:9a:6c:21:
6d:9f:89:fb:19:40:2b:75:7c:77:58:a5:34:f9:8d:
1d:9e:2d:08:2f:2f:92:30:56:16:44:4d:55:48:82:
05:e3:fc:32:42:02:50:d5:1c:aa:4f:e7:12:80:f2:
eb:af:83:c2:5c:77:62:30:ef:03:c4:3a:0f:ce:0f:
15:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:75:D6:B9:AD:E1:71:B6:83:B6:85:92:BE:DB:9A:D4:BC:56:60:1E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lHXWua3hcbaDtoWSvtua1LxWYB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.40.0/24
194.87.116.0/24
Signature Algorithm: sha256WithRSAEncryption
02:31:77:3e:35:76:14:3b:25:14:28:31:63:85:43:d4:7b:97:
49:a1:bc:65:7d:cb:15:2a:1b:41:e8:49:6a:9d:64:d7:07:f7:
25:d3:77:16:eb:d4:52:1d:af:77:8d:7c:f6:3a:e6:67:73:dd:
6d:ca:d6:78:e6:83:9b:9a:58:92:0c:eb:db:52:05:ef:1e:1c:
c3:8b:7b:87:8c:81:79:36:30:07:5d:69:2b:e7:62:b2:43:e4:
bf:60:39:77:3b:70:cc:d7:e4:84:b3:b8:ae:ce:e7:3e:a4:27:
b7:7e:7f:02:5c:74:58:fa:3e:94:4c:cb:af:50:fd:28:3d:f5:
39:00:57:b8:8d:e9:3d:23:47:ac:2e:45:cb:28:bb:e2:71:03:
85:04:87:64:42:24:9a:91:e2:6f:4c:e7:15:bc:d6:ee:74:f3:
37:cb:02:b4:99:97:90:33:b4:33:09:a1:3e:5f:7d:4d:d9:17:
00:bb:1e:21:11:cb:c8:6e:85:cf:86:66:0a:8c:4b:f4:c8:bd:
06:e0:77:68:0c:6e:0a:77:fb:8b:b7:eb:ee:db:a9:4b:9d:bd:
38:41:6f:a3:14:c4:c5:7f:30:20:e5:c4:e6:de:49:fb:f6:78:
a3:64:1c:92:e9:6c:99:c4:7d:fd:e7:9e:10:4d:b7:f2:17:70:
22:e3:c1:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiZvrT1nKSQRjWkS72FbOm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA4MDY0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc1ZDZiOWFkZTE3MWI2ODNiNjg1OTJiZWRiOWFkNGJjNTY2MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzigwS4C3PuGztkzI+UUCBv8lM+C
4LWlqYwHhJ5pcFgSlnc13coZh9JeGCKeu/shIK7eMMKk0w/mlPrreGCsczGR0IWp
BTRkFNu7OTmwdCHgigveB2C83AvbgkrntxPUmsTA1xYMK9qLK3AC0oaBXTpetr/2
aHN2KkXai4BqAwjtAC4tj+ylZ6C8ZIIr5jAgaEmD5UNDPFCbJHMri6g16krkey3I
bEJ++jSJazxcG84Noz1oLLiITuLbuqeeIfeabCFtn4n7GUArdXx3WKU0+Y0dni0I
Ly+SMFYWRE1VSIIF4/wyQgJQ1RyqT+cSgPLrr4PCXHdiMO8DxDoPzg8VoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJR11rmt4XG2g7aFkr7bmtS8VmAeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbEhYV3VhM2hjYmFEdG9XU3Z0dWExTHhXWUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlcoAwQA
wld0MA0GCSqGSIb3DQEBCwUAA4IBAQACMXc+NXYUOyUUKDFjhUPUe5dJobxlfcsV
KhtB6ElqnWTXB/cl03cW69RSHa93jXz2OuZnc91tytZ45oObmliSDOvbUgXvHhzD
i3uHjIF5NjAHXWkr52KyQ+S/YDl3O3DM1+SEs7iuzuc+pCe3fn8CXHRY+j6UTMuv
UP0oPfU5AFe4jek9I0esLkXLKLvicQOFBIdkQiSakeJvTOcVvNbudPM3ywK0mZeQ
M7QzCaE+X31N2RcAux4hEcvIboXPhmYKjEv0yL0G4HdoDG4Kd/uLt+vu26lLnb04
QW+jFMTFfzAg5cTm3kn79nijZByS6WyZxH39554QTbfyF3Ai48FU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org