Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mvAryvstdnL6I4gqUBcXm3mkK2U.roa
File: mvAryvstdnL6I4gqUBcXm3mkK2U.roa (raw, json)
Hash identifier: Ef9XxHZbKuUwDRU3Tf8tUyvT1xGdURSLNX538eUnqqg=
Subject key identifier: 9A:F0:2B:CA:FB:2D:76:72:FA:23:88:2A:50:17:17:9B:79:A4:2B:65
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F4BAEDF44A88D5E45C5F347A4F03
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mvAryvstdnL6I4gqUBcXm3mkK2U.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43444
IP address blocks: 194.87.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f4:ba:ed:f4:4a:88:d5:e4:5c:5f:34:7a:4f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af02bcafb2d7672fa23882a5017179b79a42b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ef:d2:da:63:cb:3c:48:0f:72:7d:8d:d1:7f:
5e:39:fc:c3:30:16:90:49:1f:63:85:32:0b:a0:db:
ed:3e:3a:53:cd:ae:33:dc:d1:35:cc:b9:b5:16:6d:
9f:63:81:c9:c8:d6:ed:1d:ec:cb:b3:cf:fa:2e:0f:
20:4d:4a:93:a4:94:3c:17:ee:16:90:31:7d:15:5e:
f2:5d:93:03:e0:ee:87:fe:f1:eb:28:c6:d6:b1:69:
9c:f3:65:3b:63:1b:de:ac:ed:2e:0c:4d:c2:2d:51:
5c:c4:12:d7:a7:98:f0:36:17:c2:22:27:24:a1:da:
61:1d:f6:7f:8f:11:56:39:77:96:fe:68:7c:f1:27:
2d:86:50:ba:ec:e1:7d:03:4c:4c:1c:32:43:6b:d4:
46:52:d1:99:13:f0:12:ae:08:26:4b:b8:51:cf:ce:
c8:c6:3f:04:f1:a2:91:6a:10:6a:db:48:10:c1:ea:
4f:60:8a:5e:e7:e7:73:df:71:e8:e1:f5:97:45:26:
c0:85:06:19:5c:3b:a5:94:51:6d:03:ce:05:00:6a:
66:54:a9:1d:9c:9b:87:fb:ef:17:83:05:f4:12:b6:
23:ef:95:78:15:17:c4:8f:7c:f1:ec:16:d9:69:fc:
90:51:2f:20:c4:c2:db:d3:4c:69:52:82:91:22:db:
00:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F0:2B:CA:FB:2D:76:72:FA:23:88:2A:50:17:17:9B:79:A4:2B:65
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mvAryvstdnL6I4gqUBcXm3mkK2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.53.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:14:78:b9:64:f6:71:45:d8:4e:6a:c6:65:be:68:fd:e9:29:
a2:46:bb:47:ec:20:7a:f8:26:12:e8:63:e4:f0:c7:73:f1:50:
85:79:a4:61:6d:94:d2:e8:cb:60:ea:f1:96:81:a5:d4:fd:ef:
a1:c6:f1:1d:4a:b5:b0:71:92:2a:59:b6:c9:3e:ad:96:82:7f:
cf:a2:b6:8b:90:91:49:b0:58:97:99:28:8a:78:c2:33:f8:58:
d3:a4:95:2e:78:5f:60:16:f5:2f:4b:42:37:c6:be:25:39:e6:
5c:f4:34:c2:5d:c1:e8:77:47:e9:7d:57:9f:38:f3:3e:64:8f:
a7:79:88:14:1a:fa:66:39:3f:6c:80:27:35:7f:c4:66:6c:99:
0c:8d:6f:e3:d8:3e:b9:60:8f:f3:51:57:12:cb:8d:3e:2d:5f:
b6:39:fe:28:b6:8d:dd:e3:06:11:da:db:19:ca:b0:41:7c:28:
84:18:e1:96:02:a8:e9:a7:7b:4b:9e:d2:4d:5e:d8:fd:d9:64:
83:ba:5e:30:5c:bf:f1:ab:0b:42:0d:de:ee:f2:5a:76:5d:90:
98:6f:85:5e:24:44:00:75:6c:2b:35:55:ee:5d:48:29:9a:f6:
12:91:19:88:9f:02:6b:97:35:8c:79:ec:1c:7b:2c:91:d3:45:
60:ee:ac:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvS67fRKiNXkXF80ek8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYwMmJjYWZiMmQ3NjcyZmEyMzg4MmE1MDE3MTc5Yjc5YTQyYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+/S2mPLPEgPcn2N0X9eOfzDMBaQ
SR9jhTILoNvtPjpTza4z3NE1zLm1Fm2fY4HJyNbtHezLs8/6Lg8gTUqTpJQ8F+4W
kDF9FV7yXZMD4O6H/vHrKMbWsWmc82U7YxverO0uDE3CLVFcxBLXp5jwNhfCIick
odphHfZ/jxFWOXeW/mh88ScthlC67OF9A0xMHDJDa9RGUtGZE/ASrggmS7hRz87I
xj8E8aKRahBq20gQwepPYIpe5+dz33Ho4fWXRSbAhQYZXDullFFtA84FAGpmVKkd
nJuH++8XgwX0ErYj75V4FRfEj3zx7BbZafyQUS8gxMLb00xpUoKRItsAawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrwK8r7LXZy+iOIKlAXF5t5pCtlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbXZBcnl2c3Rkbkw2STRncVVCY1htM21rSzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlc1MA0G
CSqGSIb3DQEBCwUAA4IBAQANFHi5ZPZxRdhOasZlvmj96SmiRrtH7CB6+CYS6GPk
8Mdz8VCFeaRhbZTS6Mtg6vGWgaXU/e+hxvEdSrWwcZIqWbbJPq2Wgn/PoraLkJFJ
sFiXmSiKeMIz+FjTpJUueF9gFvUvS0I3xr4lOeZc9DTCXcHod0fpfVefOPM+ZI+n
eYgUGvpmOT9sgCc1f8RmbJkMjW/j2D65YI/zUVcSy40+LV+2Of4oto3d4wYR2tsZ
yrBBfCiEGOGWAqjpp3tLntJNXtj92WSDul4wXL/xqwtCDd7u8lp2XZCYb4VeJEQA
dWwrNVXuXUgpmvYSkRmInwJrlzWMeewceyyR00Vg7qyB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-ams.rpki-client.org