Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lYA7v0tiebxxQndPlVYDsQNoE0A.roa
File: lYA7v0tiebxxQndPlVYDsQNoE0A.roa (raw, json)
Hash identifier: N+ptyoMWv1j4COoXjeczilbiYZEQcaLjBmO02rkHitA=
Subject key identifier: 95:80:3B:BF:4B:62:79:BC:71:42:77:4F:95:56:03:B1:03:68:13:40
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F6715D647ECB32F950CA243B00B03F3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lYA7v0tiebxxQndPlVYDsQNoE0A.roa
Signing time: Sun 01 Jan 2023 22:15:04 +0000
ROA not before: Sun 01 Jan 2023 22:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 194.87.127.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 04:21:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:15:d6:47:ec:b3:2f:95:0c:a2:43:b0:0b:03:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95803bbf4b6279bc7142774f955603b103681340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:44:b6:cd:a2:44:8d:40:50:17:9d:e2:df:
a5:36:0d:d3:3f:9c:62:2c:55:91:30:1a:ab:d2:58:
93:4a:79:7a:87:cb:b2:ae:f2:d1:3b:bd:e3:9f:96:
ec:4e:be:3f:62:6d:13:20:18:76:4e:e1:a9:76:c1:
be:65:a4:c5:5a:7b:9a:47:83:e8:60:5e:e5:e0:27:
28:97:2c:9f:2a:1d:cd:13:da:57:b8:24:d5:98:f7:
26:e7:ee:38:07:2d:a1:ff:7f:50:d4:c8:07:70:7e:
d8:e0:56:51:81:5f:50:44:05:f0:18:bf:aa:79:d9:
a0:18:02:45:89:78:d0:45:b1:c6:39:c6:9b:46:54:
d0:20:80:31:5a:fe:4c:b3:29:47:17:a4:80:f2:2b:
f1:7d:7c:fd:a7:2f:d0:f8:13:41:ea:f9:c5:10:b7:
86:79:14:c8:cd:67:7a:e2:4c:49:a5:09:4e:66:af:
9f:0d:03:8f:7c:b9:b2:cc:40:3e:45:a8:a8:74:a4:
8e:6b:7c:7a:c0:62:c6:ec:db:ce:fa:3b:8a:4f:ba:
9a:23:79:15:23:88:ad:d2:87:86:f3:fa:c1:8f:06:
60:9d:96:ca:5f:a7:bf:10:1e:d5:6f:5b:92:68:84:
22:60:98:37:75:2b:d3:cb:a2:53:09:d0:09:87:d3:
25:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:80:3B:BF:4B:62:79:BC:71:42:77:4F:95:56:03:B1:03:68:13:40
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lYA7v0tiebxxQndPlVYDsQNoE0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.72.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:03:c9:11:44:8b:08:b3:25:f2:d2:61:d6:43:ef:5a:46:81:
ba:85:7e:d9:c3:c7:5a:6e:0d:9f:8d:81:8a:b8:83:65:7f:03:
65:9d:3f:e3:80:54:9d:b1:51:26:28:e3:a6:2b:16:9f:bf:3a:
9d:02:af:ff:e3:3e:e3:eb:d9:59:91:01:1d:0b:19:98:ed:ee:
8c:6b:88:fc:fa:b0:bc:d7:8d:60:39:77:09:bf:a2:78:6b:25:
80:d0:3a:0c:20:63:ac:5b:a3:b9:b6:cf:bb:8b:3f:d5:4a:31:
0d:40:98:10:d7:46:9e:6b:a0:61:30:e1:07:e5:0f:47:5f:0f:
60:69:db:f0:25:14:76:2c:51:c7:00:c6:97:f2:01:aa:67:47:
53:9b:17:25:40:46:fd:e4:31:9e:15:ae:be:0c:fa:9e:ff:68:
60:70:83:d0:da:3e:9a:20:b5:3c:79:0e:6d:da:e4:f4:db:69:
50:8b:2a:2c:db:49:c4:7b:10:35:08:45:39:7d:29:a5:3a:95:
82:ab:2f:95:7e:ae:4f:7b:0a:3e:34:8f:cd:ad:f9:de:c2:30:
f6:c8:4b:85:bf:d5:3b:f0:67:e4:d6:22:c0:54:4e:5e:d4:76:
8a:26:f8:dc:4e:2d:e6:c8:49:a9:52:f7:be:89:3d:e8:5c:68:
11:93:78:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZxXWR+yzL5UMokOwCwPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgwM2JiZjRiNjI3OWJjNzE0Mjc3NGY5NTU2MDNiMTAzNjgxMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNFEts2iRI1AUBed4t+lNg3TP5xi
LFWRMBqr0liTSnl6h8uyrvLRO73jn5bsTr4/Ym0TIBh2TuGpdsG+ZaTFWnuaR4Po
YF7l4CcolyyfKh3NE9pXuCTVmPcm5+44By2h/39Q1MgHcH7Y4FZRgV9QRAXwGL+q
edmgGAJFiXjQRbHGOcabRlTQIIAxWv5MsylHF6SA8ivxfXz9py/Q+BNB6vnFELeG
eRTIzWd64kxJpQlOZq+fDQOPfLmyzEA+RaiodKSOa3x6wGLG7NvO+juKT7qaI3kV
I4it0oeG8/rBjwZgnZbKX6e/EB7Vb1uSaIQiYJg3dSvTy6JTCdAJh9MlvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWAO79LYnm8cUJ3T5VWA7EDaBNAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbFlBN3YwdGllYnh4UW5kUGxWWURzUU5vRTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldIAwQA
wld/MA0GCSqGSIb3DQEBCwUAA4IBAQAPA8kRRIsIsyXy0mHWQ+9aRoG6hX7Zw8da
bg2fjYGKuINlfwNlnT/jgFSdsVEmKOOmKxafvzqdAq//4z7j69lZkQEdCxmY7e6M
a4j8+rC8141gOXcJv6J4ayWA0DoMIGOsW6O5ts+7iz/VSjENQJgQ10aea6BhMOEH
5Q9HXw9gadvwJRR2LFHHAMaX8gGqZ0dTmxclQEb95DGeFa6+DPqe/2hgcIPQ2j6a
ILU8eQ5t2uT022lQiyos20nEexA1CEU5fSmlOpWCqy+Vfq5Pewo+NI/NrfnewjD2
yEuFv9U78Gfk1iLAVE5e1HaKJvjcTi3myEmpUve+iT3oXGgRk3jy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org