Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oBBX1GlXz5Ks8xG6QGujzwHUslM.roa
File: oBBX1GlXz5Ks8xG6QGujzwHUslM.roa (raw, json)
Hash identifier: o2KEHblR9+dy5c6WYjURbeXKR8JDXi++GrVXzshQ8K8=
Subject key identifier: A0:10:57:D4:69:57:CF:92:AC:F3:11:BA:40:6B:A3:CF:01:D4:B2:53
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BC9E5B8BC076D53DDFEA2E081FFCF482D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oBBX1GlXz5Ks8xG6QGujzwHUslM.roa
Signing time: Mon 13 Nov 2023 18:15:57 +0000
ROA not before: Mon 13 Nov 2023 18:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203172
IP address blocks: 194.87.223.0/24 maxlen: 24
194.87.20.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:e5:b8:bc:07:6d:53:dd:fe:a2:e0:81:ff:cf:48:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 13 18:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a01057d46957cf92acf311ba406ba3cf01d4b253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:ee:9a:14:0f:d0:34:58:ec:f4:3f:87:ce:
83:c0:7d:b4:3a:65:7c:b3:76:c2:31:e5:d1:2d:9f:
cc:74:f9:aa:76:af:71:5e:bc:a5:80:84:fb:c6:88:
d3:b3:3d:dd:8a:b0:03:0e:e9:86:af:c7:3f:85:55:
a2:ef:e8:0b:3f:92:5b:04:88:e9:9a:ce:9e:36:2e:
f3:bc:71:12:3e:9e:c2:a2:cf:73:fd:8e:80:c1:02:
28:b9:92:75:0e:b9:4b:02:6c:5d:d6:0f:08:5a:d3:
44:27:69:a6:c2:57:2c:2b:eb:92:12:4a:37:5a:5b:
05:c7:ad:a9:20:b4:98:4c:ad:cd:67:40:dc:7d:a8:
05:e0:c8:17:5c:18:d4:05:4a:9f:9c:ce:ff:b1:5f:
b6:44:18:2c:b3:16:d1:11:ff:57:26:90:ea:da:76:
47:ca:bd:b1:9a:57:de:d7:7a:e3:fb:a1:ab:35:84:
f8:bf:8a:cf:5e:f5:20:95:d2:78:19:44:77:a0:f5:
63:5d:a0:4f:bf:2f:eb:fa:b7:8a:a7:93:7e:52:e8:
f6:68:93:8d:78:1e:49:ce:46:d6:8f:11:2c:4c:7a:
55:0c:f3:7c:f0:fc:d8:9f:f0:41:4e:bc:98:67:97:
74:b2:51:dc:bf:08:d8:97:7d:9c:99:3f:54:d5:3c:
73:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:10:57:D4:69:57:CF:92:AC:F3:11:BA:40:6B:A3:CF:01:D4:B2:53
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oBBX1GlXz5Ks8xG6QGujzwHUslM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.20.0/23
194.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ce:7b:f0:04:e3:cd:41:14:79:50:54:70:e4:0a:6a:89:05:
25:e8:21:3a:67:be:3e:d8:d4:d0:85:d9:f4:18:73:31:03:34:
b6:bd:93:d5:ef:6c:19:98:cb:18:7a:22:fe:e6:d9:cd:e7:f9:
92:0b:74:33:6a:9f:0e:10:42:b2:c6:e1:48:e6:7e:69:31:70:
6f:80:c7:83:0f:cf:22:14:1e:77:2a:3a:e1:b3:28:4b:7e:df:
b8:72:c3:52:a9:dc:07:8b:74:de:bb:13:9c:24:5c:15:4f:9d:
3b:86:83:ad:09:02:33:0b:d3:a5:ca:ae:db:0a:2c:3d:6e:8a:
f6:e7:20:f6:fd:4a:c6:68:41:6c:3f:55:cd:d5:a3:a6:16:9f:
b1:43:7e:61:af:bd:de:1d:bd:04:fb:9c:6b:19:44:ba:97:d3:
04:56:9a:cc:62:cc:86:9f:ef:6e:a1:72:f3:df:68:1c:74:92:
f5:83:aa:f6:9d:22:50:3c:ea:78:93:00:0a:59:7e:2f:42:16:
04:93:af:51:f2:b5:06:e2:b3:c6:fe:a4:71:b3:f2:2b:88:f1:
65:8f:1f:6d:c2:84:a2:42:95:0f:3f:f0:54:b8:ee:c9:23:44:
66:f7:1c:24:27:9a:c4:06:6b:ad:30:cc:38:dc:f8:24:ca:77:
08:9d:69:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvJ5bi8B21T3f6i4IH/z0gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEzMTgxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEwNTdkNDY5NTdjZjkyYWNmMzExYmE0MDZiYTNjZjAxZDRiMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUPumhQP0DRY7PQ/h86DwH20OmV8
s3bCMeXRLZ/MdPmqdq9xXrylgIT7xojTsz3dirADDumGr8c/hVWi7+gLP5JbBIjp
ms6eNi7zvHESPp7Cos9z/Y6AwQIouZJ1DrlLAmxd1g8IWtNEJ2mmwlcsK+uSEko3
WlsFx62pILSYTK3NZ0DcfagF4MgXXBjUBUqfnM7/sV+2RBgssxbREf9XJpDq2nZH
yr2xmlfe13rj+6GrNYT4v4rPXvUgldJ4GUR3oPVjXaBPvy/r+reKp5N+Uuj2aJON
eB5JzkbWjxEsTHpVDPN88PzYn/BBTryYZ5d0slHcvwjYl32cmT9U1TxzeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAQV9RpV8+SrPMRukBro88B1LJTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb0JCWDFHbFh6NUtzOHhHNlFHdWp6d0hVc2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwlcUAwQA
wlffMA0GCSqGSIb3DQEBCwUAA4IBAQCDznvwBOPNQRR5UFRw5ApqiQUl6CE6Z74+
2NTQhdn0GHMxAzS2vZPV72wZmMsYeiL+5tnN5/mSC3Qzap8OEEKyxuFI5n5pMXBv
gMeDD88iFB53KjrhsyhLft+4csNSqdwHi3TeuxOcJFwVT507hoOtCQIzC9Olyq7b
Ciw9bor25yD2/UrGaEFsP1XN1aOmFp+xQ35hr73eHb0E+5xrGUS6l9MEVprMYsyG
n+9uoXLz32gcdJL1g6r2nSJQPOp4kwAKWX4vQhYEk69R8rUG4rPG/qRxs/IriPFl
jx9twoSiQpUPP/BUuO7JI0Rm9xwkJ5rEBmutMMw43PgkyncInWkY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org