Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nUZfU3qBXFXe1Ds5QTsCY34m3zA.roa
File: nUZfU3qBXFXe1Ds5QTsCY34m3zA.roa (raw, json)
Hash identifier: cCf/ofI9seWVOM+8mj+gRWGkdIcai49FdFkmXjKE1Ag=
Subject key identifier: 9D:46:5F:53:7A:81:5C:55:DE:D4:3B:39:41:3B:02:63:7E:26:DF:30
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AA22E7DA9CE62F2BA11FFD620946D1C26
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nUZfU3qBXFXe1Ds5QTsCY34m3zA.roa
Signing time: Sun 17 Sep 2023 08:07:50 +0000
ROA not before: Sun 17 Sep 2023 08:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 194.87.73.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Nov 2023 03:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:2e:7d:a9:ce:62:f2:ba:11:ff:d6:20:94:6d:1c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 17 08:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d465f537a815c55ded43b39413b02637e26df30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:56:9f:ca:eb:cc:77:4f:86:99:86:8c:56:38:
66:b2:ef:87:66:e2:1b:e0:57:20:d6:07:2d:63:80:
15:3d:c6:18:f9:a5:d5:51:d5:bc:f4:2e:87:cc:82:
30:b4:de:bd:65:13:44:f2:a4:01:ef:be:d3:a7:0e:
11:8b:e2:bd:7d:74:06:e8:0b:d1:dd:54:58:26:e3:
67:7a:2c:20:89:70:19:0d:33:1b:c3:d8:25:a5:60:
55:37:b1:bb:f9:cf:fa:47:a2:47:ce:49:00:3e:3f:
81:62:eb:a8:b2:ba:6b:bf:85:60:fc:7f:ee:ed:06:
e7:00:4e:0e:1b:06:62:30:a0:0c:8b:f8:86:ea:b5:
30:71:92:4a:a4:82:97:9b:e6:99:1b:8f:12:2b:42:
69:62:1e:d6:72:e3:2b:0d:90:33:19:7e:4e:5c:6f:
23:7f:a2:ed:ff:ce:7e:dc:45:1f:f3:d8:5a:8c:93:
d2:54:d2:b7:97:10:76:29:f2:cd:f5:ac:bf:b3:05:
a1:de:e9:1c:01:79:cd:f1:0c:da:b2:de:17:59:ab:
ef:81:e0:cd:26:09:5e:5f:9e:8d:bd:c6:26:d2:15:
63:64:ca:51:22:46:64:43:7b:2a:ee:85:3a:21:0e:
2a:0d:69:56:6f:88:45:3b:1d:2b:7a:4c:8a:b4:0b:
4c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:46:5F:53:7A:81:5C:55:DE:D4:3B:39:41:3B:02:63:7E:26:DF:30
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nUZfU3qBXFXe1Ds5QTsCY34m3zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.90.0/24
212.193.0.0/23
Signature Algorithm: sha256WithRSAEncryption
58:1c:d0:70:f8:35:79:fe:b3:89:87:1d:af:d8:91:0b:cc:78:
2d:da:9e:9e:ad:88:1d:0c:9f:a2:34:f2:da:a6:43:8c:cb:17:
b9:1b:24:df:17:b0:c3:d3:72:5e:c3:8b:b6:08:ca:10:61:da:
a9:e8:f6:a6:60:73:b1:69:ff:0c:3f:15:03:69:98:ff:c3:4c:
84:56:ce:29:d1:c5:48:28:bc:bc:c8:d3:dd:48:3a:40:f5:df:
dd:76:bf:38:ff:04:79:06:24:a4:bc:13:08:17:cd:7a:8f:ca:
7c:6f:6d:0e:47:11:ca:32:a3:a0:22:8c:97:e5:6d:b8:f3:49:
6d:92:02:1f:f6:92:f8:06:9f:bb:2f:03:a0:d6:65:3b:2b:f2:
88:0b:32:a1:af:fe:1d:2a:6f:30:97:be:ea:b4:47:6b:54:c3:
31:4e:b8:33:a2:77:ae:0b:65:67:4e:21:df:17:72:4a:f1:44:
ba:c4:bb:03:82:8a:fc:27:ff:95:96:bc:10:df:ac:1b:e4:91:
30:c7:57:2c:92:a3:71:02:91:e3:a1:d0:ca:96:fc:94:32:45:
e9:87:a1:8a:c1:84:51:4c:0b:b7:33:80:4b:d2:88:1a:ee:97:
17:25:b4:e6:90:26:06:fe:e3:14:6f:4a:5a:13:95:8d:a9:f5:
06:08:ea:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqiLn2pzmLyuhH/1iCUbRwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE3MDgwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ2NWY1MzdhODE1YzU1ZGVkNDNiMzk0MTNiMDI2MzdlMjZkZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslafyuvMd0+GmYaMVjhmsu+HZuIb
4Fcg1gctY4AVPcYY+aXVUdW89C6HzIIwtN69ZRNE8qQB777Tpw4Ri+K9fXQG6AvR
3VRYJuNneiwgiXAZDTMbw9glpWBVN7G7+c/6R6JHzkkAPj+BYuuosrprv4Vg/H/u
7QbnAE4OGwZiMKAMi/iG6rUwcZJKpIKXm+aZG48SK0JpYh7WcuMrDZAzGX5OXG8j
f6Lt/85+3EUf89hajJPSVNK3lxB2KfLN9ay/swWh3ukcAXnN8Qzast4XWavvgeDN
JgleX56NvcYm0hVjZMpRIkZkQ3sq7oU6IQ4qDWlWb4hFOx0rekyKtAtMCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ1GX1N6gVxV3tQ7OUE7AmN+Jt8wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvblVaZlUzcUJYRlhlMURzNVFUc0NZMzRtM3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwldJAwQA
wldaAwQB1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQBYHNBw+DV5/rOJhx2v2JELzHgt
2p6erYgdDJ+iNPLapkOMyxe5GyTfF7DD03Jew4u2CMoQYdqp6PamYHOxaf8MPxUD
aZj/w0yEVs4p0cVIKLy8yNPdSDpA9d/ddr84/wR5BiSkvBMIF816j8p8b20ORxHK
MqOgIoyX5W2480ltkgIf9pL4Bp+7LwOg1mU7K/KICzKhr/4dKm8wl77qtEdrVMMx
TrgzoneuC2VnTiHfF3JK8US6xLsDgor8J/+VlrwQ36wb5JEwx1cskqNxApHjodDK
lvyUMkXph6GKwYRRTAu3M4BL0oga7pcXJbTmkCYG/uMUb0paE5WNqfUGCOr7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org