Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mXlnPPSqF9Rp56z2ayBl4aehW4U.roa
File: mXlnPPSqF9Rp56z2ayBl4aehW4U.roa (raw, json)
Hash identifier: yBTKEg+gWaUMxDtz2Lc0Iunp3s3ULJTb+Ign2xFqGWU=
Subject key identifier: 99:79:67:3C:F4:AA:17:D4:69:E7:AC:F6:6B:20:65:E1:A7:A1:5B:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CC8665360E1AFFFC5317235BEADB2EB10
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mXlnPPSqF9Rp56z2ayBl4aehW4U.roa
Signing time: Tue 02 Jan 2024 04:19:58 +0000
ROA not before: Tue 02 Jan 2024 04:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199654
IP address blocks: 195.58.58.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:66:53:60:e1:af:ff:c5:31:72:35:be:ad:b2:eb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 04:19:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9979673cf4aa17d469e7acf66b2065e1a7a15b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ed:25:a1:b7:35:2c:34:e2:0d:a9:6c:a9:5c:
f2:3c:a6:17:87:14:3f:2e:a7:c1:40:d1:62:17:2c:
63:fa:90:ae:2f:b9:3b:5c:a6:4b:63:12:56:c6:ec:
1a:26:41:ed:66:82:91:91:ac:75:d4:9c:1e:c7:f1:
9d:82:58:17:6b:5c:9d:74:74:26:f9:91:da:a7:9a:
e7:0a:33:de:d7:94:1e:4f:55:9a:e4:02:10:b9:b3:
77:12:94:df:e1:92:74:ef:0f:93:3e:c8:94:71:f3:
65:ff:6b:ae:10:3f:21:c7:b5:3d:1d:b4:bb:a6:21:
11:3f:a4:02:29:5c:c5:ae:10:63:ef:1d:c1:5c:0e:
91:6b:fe:3a:23:fb:a4:b5:53:0c:5b:de:b5:d1:8a:
dd:e7:94:78:9d:39:d9:2d:34:fd:ab:af:25:4a:e4:
06:81:2f:e0:4f:fd:1f:e9:72:a9:71:ea:65:df:1f:
c8:40:31:d4:63:7a:86:e5:ca:fd:58:08:24:76:46:
5a:1f:a8:f2:d1:58:84:98:f1:56:d6:af:66:2f:0d:
2b:17:2c:55:45:6d:2f:94:0f:94:b9:7e:f1:ce:95:
13:f4:10:c5:47:8b:92:94:94:2d:f5:21:2a:cc:4e:
01:15:a3:27:6a:53:cb:c7:cb:41:d8:97:1f:1d:1f:
c2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:79:67:3C:F4:AA:17:D4:69:E7:AC:F6:6B:20:65:E1:A7:A1:5B:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mXlnPPSqF9Rp56z2ayBl4aehW4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.87.0/24
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
07:a2:96:24:46:b8:9d:89:f3:e7:4c:02:41:39:96:8a:f0:f1:
e6:27:51:4b:c5:f1:ce:9b:57:4c:4d:73:a0:eb:a0:a2:e2:0a:
a1:5d:69:25:03:12:fa:2c:83:39:63:14:de:85:c1:92:d3:8d:
f7:a2:4d:cf:c8:42:cf:21:a2:fe:5c:e5:4f:00:c8:67:a4:82:
2d:97:16:ea:c4:64:44:32:2c:1d:29:66:26:7c:dd:27:33:48:
85:db:43:fb:74:6d:bb:d4:82:81:f0:d2:d1:4a:cd:df:2f:09:
a1:eb:49:92:35:ee:ce:b5:37:3d:80:53:f1:1f:cb:00:80:0d:
c3:6a:b4:8f:e3:3a:94:f1:bf:56:44:36:26:4e:a9:7b:14:06:
29:1b:28:0a:15:c2:fe:54:58:17:3d:bc:5f:81:49:3f:87:0b:
84:9e:1e:5d:49:67:76:13:0b:41:8b:5c:86:dc:bc:3b:65:fe:
6d:69:1f:d5:59:aa:91:e8:59:28:d2:3b:c5:1a:e1:a3:e3:d1:
02:b9:2a:4c:26:83:80:2b:ef:f7:0a:0c:84:07:a3:cc:86:31:
5b:2c:f4:e7:5b:fa:20:0f:48:eb:03:00:f4:50:95:27:0e:d8:
cc:a8:69:5b:39:69:10:00:d7:18:c8:94:f4:f7:2d:ad:0b:e8:
af:c3:e0:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIZlNg4a//xTFyNb6tsusQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMDQxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc5NjczY2Y0YWExN2Q0NjllN2FjZjY2YjIwNjVlMWE3YTE1Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO0lobc1LDTiDalsqVzyPKYXhxQ/
LqfBQNFiFyxj+pCuL7k7XKZLYxJWxuwaJkHtZoKRkax11Jwex/GdglgXa1yddHQm
+ZHap5rnCjPe15QeT1Wa5AIQubN3EpTf4ZJ07w+TPsiUcfNl/2uuED8hx7U9HbS7
piERP6QCKVzFrhBj7x3BXA6Ra/46I/uktVMMW9610Yrd55R4nTnZLTT9q68lSuQG
gS/gT/0f6XKpcepl3x/IQDHUY3qG5cr9WAgkdkZaH6jy0ViEmPFW1q9mLw0rFyxV
RW0vlA+UuX7xzpUT9BDFR4uSlJQt9SEqzE4BFaMnalPLx8tB2JcfHR/CKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJl5Zzz0qhfUaees9msgZeGnoVuFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVhsblBQU3FGOVJwNTZ6MmF5Qmw0YWVoVzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldXAwQA
wzo6MA0GCSqGSIb3DQEBCwUAA4IBAQAHopYkRridifPnTAJBOZaK8PHmJ1FLxfHO
m1dMTXOg66Ci4gqhXWklAxL6LIM5YxTehcGS0433ok3PyELPIaL+XOVPAMhnpIIt
lxbqxGREMiwdKWYmfN0nM0iF20P7dG271IKB8NLRSs3fLwmh60mSNe7OtTc9gFPx
H8sAgA3DarSP4zqU8b9WRDYmTql7FAYpGygKFcL+VFgXPbxfgUk/hwuEnh5dSWd2
EwtBi1yG3Lw7Zf5taR/VWaqR6Fko0jvFGuGj49ECuSpMJoOAK+/3CgyEB6PMhjFb
LPTnW/ogD0jrAwD0UJUnDtjMqGlbOWkQANcYyJT09y2tC+ivw+BB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org