Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n4FAnYYssGFak_Os_yoyYkjjVh0.roa
File: n4FAnYYssGFak_Os_yoyYkjjVh0.roa (raw, json)
Hash identifier: 46EYkUJY0tVVbXqiOTO2RUoLHp2TL0BriXhqVMxq/KY=
Subject key identifier: 9F:81:40:9D:86:2C:B0:61:5A:93:F3:AC:FF:2A:32:62:48:E3:56:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019144C323836BDC01A758C52EBE5A4A4A4F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n4FAnYYssGFak_Os_yoyYkjjVh0.roa
Signing time: Mon 12 Aug 2024 04:05:24 +0000
ROA not before: Mon 12 Aug 2024 04:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 10:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:44:c3:23:83:6b:dc:01:a7:58:c5:2e:be:5a:4a:4a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 04:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f81409d862cb0615a93f3acff2a326248e3561d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:19:b6:a6:9b:de:4b:97:2b:c1:91:7c:b4:19:
3d:74:8e:3e:2c:c9:fe:6b:4b:1b:d1:6b:5e:85:18:
3c:f8:d3:17:96:8b:08:1e:ad:53:39:13:62:bd:82:
84:d2:63:27:6a:17:d1:a9:40:f4:cf:77:93:12:d0:
ee:51:64:bc:a8:88:86:cd:73:2f:ab:d9:d5:fb:28:
07:ad:3a:b9:dd:b0:62:51:9c:57:89:76:b1:1b:2c:
41:ce:1b:18:a2:4e:7f:56:00:50:4c:73:32:05:f9:
f4:9e:04:84:1b:b5:1f:eb:51:70:3d:48:c4:e4:f9:
16:a3:8d:bd:e4:9e:49:5c:db:a0:b9:3e:61:5c:f5:
cc:5b:25:fb:30:7a:de:c3:2d:c5:b7:00:45:94:10:
35:9d:9b:77:12:90:3a:88:64:02:8b:cc:79:fe:9f:
f4:4c:5b:51:d2:5c:9d:3b:13:47:24:16:62:9d:65:
22:4d:6e:29:d5:03:64:59:7e:b6:7d:6c:36:b2:0f:
d5:bf:b5:72:d8:27:2b:0f:b7:9d:f0:d8:0c:06:dd:
13:6c:41:a1:a1:fd:a0:1b:30:14:45:1f:47:29:c5:
de:70:0a:1f:70:21:6b:e8:61:87:6b:ac:8a:1f:a3:
63:6d:da:0e:0a:22:36:09:2e:cf:eb:7a:24:24:50:
15:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:81:40:9D:86:2C:B0:61:5A:93:F3:AC:FF:2A:32:62:48:E3:56:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n4FAnYYssGFak_Os_yoyYkjjVh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.37.0/24
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:ca:f8:8a:c8:b6:da:9e:d9:09:fa:26:90:14:b8:4d:e8:65:
0d:8e:fb:e5:f7:7b:96:a7:9c:ea:74:c9:0a:36:5e:66:a7:ff:
0d:3a:39:3a:d5:9e:c9:1e:d5:3f:05:04:d9:49:6d:a6:95:72:
ac:75:8e:aa:d5:e3:e9:48:cd:15:52:9a:55:a0:3b:4f:2e:a2:
3b:c9:5b:47:81:f8:8b:0b:90:e9:17:c6:21:83:e3:fb:4d:ac:
09:23:d8:32:81:ca:e9:30:ce:87:a8:a2:83:99:be:0f:ed:60:
60:0a:d1:09:d2:37:ee:10:86:13:12:94:04:4a:ba:3c:79:cc:
52:83:98:6e:3c:0d:a3:c6:f1:0e:e5:e9:4d:21:e1:9b:78:09:
b1:a7:ff:87:b3:26:a8:09:cc:77:7a:ee:30:1f:28:7a:09:35:
88:0c:0e:ba:59:71:40:fe:56:16:ec:cf:80:19:ba:d4:ba:7b:
2f:01:15:3e:0d:89:51:9b:a9:ed:76:fb:7e:07:d2:4e:46:2c:
cb:b0:21:b2:34:c2:82:86:b6:1c:b4:81:04:e9:da:8a:70:e7:
69:8f:78:e1:f9:a3:b7:33:c2:4f:b0:a8:c3:67:14:7a:e5:30:
ab:db:af:cf:63:88:ac:f4:56:6c:12:31:72:8f:a7:73:97:a5:
3c:55:3c:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFEwyODa9wBp1jFLr5aSkpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEyMDQwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgxNDA5ZDg2MmNiMDYxNWE5M2YzYWNmZjJhMzI2MjQ4ZTM1NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hm2ppveS5crwZF8tBk9dI4+LMn+
a0sb0WtehRg8+NMXlosIHq1TORNivYKE0mMnahfRqUD0z3eTEtDuUWS8qIiGzXMv
q9nV+ygHrTq53bBiUZxXiXaxGyxBzhsYok5/VgBQTHMyBfn0ngSEG7Uf61FwPUjE
5PkWo4295J5JXNuguT5hXPXMWyX7MHrewy3FtwBFlBA1nZt3EpA6iGQCi8x5/p/0
TFtR0lydOxNHJBZinWUiTW4p1QNkWX62fWw2sg/Vv7Vy2CcrD7ed8NgMBt0TbEGh
of2gGzAURR9HKcXecAofcCFr6GGHa6yKH6NjbdoOCiI2CS7P63okJFAV7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ+BQJ2GLLBhWpPzrP8qMmJI41YdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbjRGQW5ZWXNzR0Zha19Pc195b3lZa2pqVmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlclAwQA
w4URAwQAw4UnMA0GCSqGSIb3DQEBCwUAA4IBAQAryviKyLbantkJ+iaQFLhN6GUN
jvvl93uWp5zqdMkKNl5mp/8NOjk61Z7JHtU/BQTZSW2mlXKsdY6q1ePpSM0VUppV
oDtPLqI7yVtHgfiLC5DpF8Yhg+P7TawJI9gygcrpMM6HqKKDmb4P7WBgCtEJ0jfu
EIYTEpQESro8ecxSg5huPA2jxvEO5elNIeGbeAmxp/+HsyaoCcx3eu4wHyh6CTWI
DA66WXFA/lYW7M+AGbrUunsvARU+DYlRm6ntdvt+B9JORizLsCGyNMKChrYctIEE
6dqKcOdpj3jh+aO3M8JPsKjDZxR65TCr26/PY4is9FZsEjFyj6dzl6U8VTyt
-----END CERTIFICATE-----
Generated at Sat Aug 31 12:13:34 2024 by rpki-client on console-fra.rpki-client.org