Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/moqTmfNBoGD8FZ67W7p3yFNMM4M.roa
File: moqTmfNBoGD8FZ67W7p3yFNMM4M.roa (raw, json)
Hash identifier: hOh7Lv2w2AOvnz8WR4A9OoWvGimCwrN2cqDBJU4eG+Y=
Subject key identifier: 9A:8A:93:99:F3:41:A0:60:FC:15:9E:BB:5B:BA:77:C8:53:4C:33:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191B22A00F9C113E6630184989676D6425F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/moqTmfNBoGD8FZ67W7p3yFNMM4M.roa
Signing time: Mon 02 Sep 2024 09:56:22 +0000
ROA not before: Mon 02 Sep 2024 09:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 16:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:2a:00:f9:c1:13:e6:63:01:84:98:96:76:d6:42:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 2 09:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a8a9399f341a060fc159ebb5bba77c8534c3383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:44:04:0c:38:f1:53:56:15:6f:64:6c:6c:0b:
a8:67:a8:17:db:76:7c:88:4d:1f:4f:0c:06:45:de:
f9:80:9f:eb:fd:fb:0a:94:9d:15:20:3f:99:30:68:
a2:eb:a0:23:4f:e9:64:dd:72:94:0f:17:ad:c3:08:
55:1c:cc:73:30:a6:97:9e:95:71:75:c5:e3:3f:f7:
51:af:8a:5f:6f:5b:8d:fc:2d:89:5c:ac:1e:00:78:
03:fd:f2:4f:73:d5:cf:a4:92:3b:db:0a:90:9a:58:
e2:67:21:e1:b7:f3:33:78:67:18:69:1f:c6:69:6b:
35:20:c5:49:77:6b:fd:cb:75:98:65:27:d1:9d:1c:
7f:82:32:cd:34:c8:1e:ca:bf:3c:36:50:09:fd:81:
05:c8:5f:88:68:42:70:4e:ab:a6:31:9a:81:c1:33:
15:6f:09:bc:74:88:9d:4c:d9:6b:65:ff:db:80:f0:
d0:ba:b0:30:d2:bd:54:ac:49:77:2d:42:4c:22:6d:
0c:3a:74:5a:1c:24:19:db:f2:4f:e6:90:6e:c2:6d:
2a:a3:92:ce:33:a5:62:2e:df:55:8d:d4:35:b7:b6:
e3:58:2d:5c:75:85:08:ec:43:f7:92:1d:ff:68:2c:
e8:9a:4a:d6:0d:f1:43:cc:29:ff:b9:0f:de:1b:a8:
27:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8A:93:99:F3:41:A0:60:FC:15:9E:BB:5B:BA:77:C8:53:4C:33:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/moqTmfNBoGD8FZ67W7p3yFNMM4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.37.0/24
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
32:1b:ae:e2:be:89:48:5a:d9:80:fa:09:65:33:b1:2b:87:de:
49:7b:1f:7b:95:a2:4d:c5:61:08:55:8f:de:47:cd:20:1d:5e:
01:c7:fb:5a:5a:2a:63:48:72:e7:ec:a0:19:9b:11:1e:d7:48:
5c:d3:da:7e:3e:0b:d6:72:fc:07:d5:1c:e0:6e:7d:dc:74:8d:
1e:73:0d:ac:d3:c9:2b:79:be:d5:67:e2:bf:65:32:b5:f0:3e:
de:71:cd:5e:0e:10:88:d4:4c:f3:4f:16:88:0e:e0:9a:a2:83:
09:6f:7e:15:f3:1b:bb:76:78:d5:17:c3:45:f2:ad:c2:67:db:
55:f1:65:aa:ab:76:a8:6c:12:cc:76:da:7b:09:01:59:95:cf:
92:33:d8:fe:f0:87:4a:1a:e8:e5:a2:99:a9:9c:45:51:03:7b:
c5:f4:0d:e6:7a:6a:16:c0:d5:28:dc:02:c8:0c:a6:67:df:12:
66:60:a0:9a:e5:a2:8e:5c:b9:7f:76:70:b6:a7:11:cf:2b:6a:
67:34:b9:07:63:82:4a:c9:16:ff:b9:23:61:66:cf:b9:ae:35:
77:d0:88:05:e8:fa:f5:be:d6:c2:28:62:f0:29:c5:0a:d2:7c:
93:37:5e:86:c3:98:e1:8f:be:12:85:31:a7:be:8e:33:b9:dc:
60:62:30:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGyKgD5wRPmYwGEmJZ21kJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMDk1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThhOTM5OWYzNDFhMDYwZmMxNTllYmI1YmJhNzdjODUzNGMzMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0QEDDjxU1YVb2RsbAuoZ6gX23Z8
iE0fTwwGRd75gJ/r/fsKlJ0VID+ZMGii66AjT+lk3XKUDxetwwhVHMxzMKaXnpVx
dcXjP/dRr4pfb1uN/C2JXKweAHgD/fJPc9XPpJI72wqQmljiZyHht/MzeGcYaR/G
aWs1IMVJd2v9y3WYZSfRnRx/gjLNNMgeyr88NlAJ/YEFyF+IaEJwTqumMZqBwTMV
bwm8dIidTNlrZf/bgPDQurAw0r1UrEl3LUJMIm0MOnRaHCQZ2/JP5pBuwm0qo5LO
M6ViLt9VjdQ1t7bjWC1cdYUI7EP3kh3/aCzomkrWDfFDzCn/uQ/eG6gnDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJqKk5nzQaBg/BWeu1u6d8hTTDODMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbW9xVG1mTkJvR0Q4Rlo2N1c3cDN5Rk5NTTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlclAwQA
w4URAwQAw4UnMA0GCSqGSIb3DQEBCwUAA4IBAQAyG67ivolIWtmA+gllM7Erh95J
ex97laJNxWEIVY/eR80gHV4Bx/taWipjSHLn7KAZmxEe10hc09p+PgvWcvwH1Rzg
bn3cdI0ecw2s08kreb7VZ+K/ZTK18D7ecc1eDhCI1EzzTxaIDuCaooMJb34V8xu7
dnjVF8NF8q3CZ9tV8WWqq3aobBLMdtp7CQFZlc+SM9j+8IdKGujlopmpnEVRA3vF
9A3memoWwNUo3ALIDKZn3xJmYKCa5aKOXLl/dnC2pxHPK2pnNLkHY4JKyRb/uSNh
Zs+5rjV30IgF6Pr1vtbCKGLwKcUK0nyTN16Gw5jhj74ShTGnvo4zudxgYjB4
-----END CERTIFICATE-----
Generated at Mon Sep 2 21:05:44 2024 by rpki-client on console-ams.rpki-client.org