Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9IWSlGn1oadE-cg_7YgRqVcDkw.roa
File: p9IWSlGn1oadE-cg_7YgRqVcDkw.roa (raw, json)
Hash identifier: tTB4c+kFji8mi9lo7ogZjcw/pSwK81qxd1l9FQ8Fqbk=
Subject key identifier: A7:D2:16:4A:51:A7:D6:86:9D:13:E7:20:FF:B6:20:46:A5:5C:0E:4C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191260C48A715BFA06C383DCF335735EDF8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9IWSlGn1oadE-cg_7YgRqVcDkw.roa
Signing time: Tue 06 Aug 2024 04:57:04 +0000
ROA not before: Tue 06 Aug 2024 04:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 194.87.37.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 04:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:0c:48:a7:15:bf:a0:6c:38:3d:cf:33:57:35:ed:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 6 04:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7d2164a51a7d6869d13e720ffb62046a55c0e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c8:c9:35:5e:e6:e1:b8:70:90:b6:78:33:a3:
11:71:a4:eb:af:95:69:0e:71:19:a5:cd:ad:cf:ac:
dd:44:4a:b5:6b:5f:78:18:d5:f9:64:0c:03:b0:80:
87:98:e0:50:84:75:84:9c:20:33:27:91:5c:43:91:
4f:5e:11:b2:9f:7c:47:57:5a:2a:2a:31:99:85:13:
77:9e:54:76:1b:20:88:ff:fd:03:76:3a:30:8f:70:
53:41:4f:bb:4c:4d:ea:a9:c8:6a:8d:60:cb:24:7a:
38:de:79:53:55:9f:be:12:bf:55:43:d9:d6:28:3d:
83:d1:79:dc:ce:72:7c:2e:2c:f5:42:9c:fe:52:30:
c3:18:8b:70:ea:c3:98:34:7b:87:36:60:3a:38:9f:
f9:3a:ec:e3:71:59:e3:58:5e:f1:b3:0f:47:00:b2:
64:b9:1f:fe:b0:b3:ad:01:0e:c9:89:c5:48:04:5f:
3e:90:1c:82:11:dd:5e:45:a8:12:5c:f8:59:4e:9a:
c0:a1:39:bc:57:4e:49:11:62:6f:c3:aa:a1:b2:a1:
94:4e:89:6c:f9:48:bc:37:3b:b4:ef:6e:d1:9c:3d:
22:87:e0:df:13:78:13:02:49:81:8f:f5:73:ee:ad:
47:e6:b7:da:6c:21:0a:02:53:ed:86:e8:83:ad:ea:
e5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D2:16:4A:51:A7:D6:86:9D:13:E7:20:FF:B6:20:46:A5:5C:0E:4C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/p9IWSlGn1oadE-cg_7YgRqVcDkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.37.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
89:11:29:d6:33:22:a6:9e:26:4d:05:c5:c0:52:a5:fa:08:43:
0d:fc:51:1b:1a:c7:34:48:0d:1c:f5:b6:5d:36:96:34:0e:5f:
4b:aa:13:da:fa:30:60:0e:3e:51:68:df:69:f7:4b:e8:bc:30:
05:91:24:f3:77:80:fa:3b:51:73:93:16:01:f3:26:b7:32:ce:
5f:78:2a:c2:92:43:a7:13:81:b4:02:d4:36:65:c9:6f:34:9f:
26:52:45:6a:bc:35:05:4f:05:44:7b:27:93:29:7c:82:05:ee:
19:03:43:17:ce:c4:1e:58:70:18:6c:14:4f:14:d0:fd:d0:1f:
4f:c2:bd:41:fe:eb:72:76:0e:8a:cc:d0:30:b0:33:52:1f:28:
01:be:c1:f2:eb:72:79:78:e2:7d:81:ac:45:77:8b:72:36:a1:
3e:91:80:34:78:9e:ba:ae:c1:e5:7b:67:75:d6:cd:90:04:03:
0e:bc:8d:1a:6d:5c:71:4b:cf:72:47:c3:8f:a1:7b:b4:a6:00:
0d:c8:79:4a:e4:50:3c:0e:04:9b:d0:ef:b6:bb:bc:6f:69:6c:
08:a1:bc:ef:8a:e8:e4:4a:4c:13:a7:7d:b0:8b:3e:11:16:cb:
5e:e3:5d:67:1a:4c:e4:6b:ed:44:9b:f7:8d:ca:af:10:4e:41:
21:51:84:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEmDEinFb+gbDg9zzNXNe34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODA2MDQ1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2QyMTY0YTUxYTdkNjg2OWQxM2U3MjBmZmI2MjA0NmE1NWMwZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMjJNV7m4bhwkLZ4M6MRcaTrr5Vp
DnEZpc2tz6zdREq1a194GNX5ZAwDsICHmOBQhHWEnCAzJ5FcQ5FPXhGyn3xHV1oq
KjGZhRN3nlR2GyCI//0Ddjowj3BTQU+7TE3qqchqjWDLJHo43nlTVZ++Er9VQ9nW
KD2D0XncznJ8Liz1Qpz+UjDDGItw6sOYNHuHNmA6OJ/5OuzjcVnjWF7xsw9HALJk
uR/+sLOtAQ7JicVIBF8+kByCEd1eRagSXPhZTprAoTm8V05JEWJvw6qhsqGUTols
+Ui8Nzu0727RnD0ih+DfE3gTAkmBj/Vz7q1H5rfabCEKAlPthuiDrerl1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfSFkpRp9aGnRPnIP+2IEalXA5MMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcDlJV1NsR24xb2FkRS1jZ183WWdScVZjRGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlclAwQA
w4UnMA0GCSqGSIb3DQEBCwUAA4IBAQCJESnWMyKmniZNBcXAUqX6CEMN/FEbGsc0
SA0c9bZdNpY0Dl9LqhPa+jBgDj5RaN9p90vovDAFkSTzd4D6O1FzkxYB8ya3Ms5f
eCrCkkOnE4G0AtQ2ZclvNJ8mUkVqvDUFTwVEeyeTKXyCBe4ZA0MXzsQeWHAYbBRP
FND90B9Pwr1B/utydg6KzNAwsDNSHygBvsHy63J5eOJ9gaxFd4tyNqE+kYA0eJ66
rsHle2d11s2QBAMOvI0abVxxS89yR8OPoXu0pgANyHlK5FA8DgSb0O+2u7xvaWwI
obzviujkSkwTp32wiz4RFste411nGkzka+1Em/eNyq8QTkEhUYQO
-----END CERTIFICATE-----
Generated at Mon Aug 12 06:53:16 2024 by rpki-client on console-ams.rpki-client.org