Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/smQhtvf_MFjiC_PVn1tV-UhynZI.roa
File: smQhtvf_MFjiC_PVn1tV-UhynZI.roa (raw, json)
Hash identifier: y8vMzfV5exY6KBxjzqcQxE/Anj64KnOTc4LLa02eun8=
Subject key identifier: B2:64:21:B6:F7:FF:30:58:E2:0B:F3:D5:9F:5B:55:F9:48:72:9D:92
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018757D13AAD210BED92E7872726E274F06D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/smQhtvf_MFjiC_PVn1tV-UhynZI.roa
Signing time: Thu 06 Apr 2023 18:25:42 +0000
ROA not before: Thu 06 Apr 2023 18:25:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 194.87.140.0/22 maxlen: 22
194.87.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 17:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:d1:3a:ad:21:0b:ed:92:e7:87:27:26:e2:74:f0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 18:25:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b26421b6f7ff3058e20bf3d59f5b55f948729d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:b8:32:b4:ab:8c:81:23:27:9c:56:a7:73:
0c:a9:a7:29:9c:47:0a:1a:04:b1:82:6b:d3:54:61:
2e:fa:e2:84:f4:23:a7:5b:f4:68:4d:c9:34:a7:77:
1f:a2:25:38:e9:8a:c3:d0:98:30:b2:86:06:86:3e:
99:9e:b9:3f:52:34:79:83:38:13:76:52:29:42:34:
d9:01:8d:57:76:5e:b2:06:44:7d:27:ea:08:38:57:
b7:83:0d:e7:2b:e4:cb:51:69:ec:a2:bb:0c:87:11:
24:45:9e:13:c9:fa:44:f9:cf:ae:4f:9b:9f:3f:6e:
64:c3:2e:75:bf:33:dd:19:cf:1a:17:e7:07:c8:2d:
19:60:a8:c7:99:95:a6:71:46:ef:c3:61:5a:26:98:
ef:87:66:f4:a3:df:5a:81:11:d4:1e:41:d7:75:af:
7c:92:e5:db:32:4a:fb:4c:4e:2c:63:62:41:b5:24:
dc:a7:a7:84:7d:4d:50:59:d7:e2:e0:52:17:59:ac:
e4:93:2b:7a:1d:47:25:ba:29:3d:4d:27:b6:b9:cf:
57:d3:b8:53:89:24:e7:93:cc:d3:39:98:95:50:bc:
39:17:9b:4d:87:b5:18:6f:ff:0c:77:d7:85:b1:6f:
bc:e6:9a:be:fa:0a:e4:a2:7c:88:9b:47:7e:d9:18:
4e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:64:21:B6:F7:FF:30:58:E2:0B:F3:D5:9F:5B:55:F9:48:72:9D:92
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/smQhtvf_MFjiC_PVn1tV-UhynZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.140.0/22
194.87.148.0/24
Signature Algorithm: sha256WithRSAEncryption
19:bd:0c:94:6f:11:00:93:3c:b2:27:49:03:c9:cf:6c:62:db:
86:6d:5e:8f:58:f0:10:6c:ad:07:e0:9e:10:8a:b7:03:1a:71:
a3:7c:72:8b:9a:21:f3:c0:45:b7:3c:7f:b0:d3:34:fe:6d:b9:
f5:d3:ca:32:79:e6:05:66:e9:72:b8:ba:a5:f2:4e:3c:ff:60:
ce:54:96:06:c8:fa:12:21:fe:36:e8:e3:24:39:57:16:28:90:
57:dd:10:5d:de:ee:1a:dc:fa:b9:13:5c:57:38:61:d8:ff:ce:
7b:60:42:a9:95:e9:69:e7:e5:71:d5:e6:90:ab:ce:51:6f:b2:
3c:2e:48:78:98:97:d2:22:fd:68:9a:6c:2a:ca:23:fe:e5:fa:
94:58:ae:b2:c3:d7:c4:d9:29:fc:4d:f0:90:72:d0:30:30:24:
87:43:75:64:d9:41:7e:24:15:cc:ea:e4:79:ec:82:20:cb:75:
3f:44:8b:9f:ae:a7:13:c3:fa:7e:74:fc:a6:9e:12:af:f3:89:
f7:ad:f1:82:dc:43:37:f1:54:bb:6c:e6:5e:98:fa:a2:03:1c:
12:05:d2:07:98:11:d3:23:79:f8:d0:84:88:3b:ea:de:08:8a:
9c:dd:24:e9:30:86:5d:f5:65:e1:4c:5a:18:9b:d8:39:71:b1:
76:7f:b0:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdX0TqtIQvtkueHJybidPBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTgyNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY0MjFiNmY3ZmYzMDU4ZTIwYmYzZDU5ZjViNTVmOTQ4NzI5ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaS4MrSrjIEjJ5xWp3MMqacpnEcK
GgSxgmvTVGEu+uKE9COnW/RoTck0p3cfoiU46YrD0JgwsoYGhj6Znrk/UjR5gzgT
dlIpQjTZAY1Xdl6yBkR9J+oIOFe3gw3nK+TLUWnsorsMhxEkRZ4TyfpE+c+uT5uf
P25kwy51vzPdGc8aF+cHyC0ZYKjHmZWmcUbvw2FaJpjvh2b0o99agRHUHkHXda98
kuXbMkr7TE4sY2JBtSTcp6eEfU1QWdfi4FIXWazkkyt6HUcluik9TSe2uc9X07hT
iSTnk8zTOZiVULw5F5tNh7UYb/8Md9eFsW+85pq++grkonyIm0d+2RhOlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLJkIbb3/zBY4gvz1Z9bVflIcp2SMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc21RaHR2Zl9NRmppQ19QVm4xdFYtVWh5blpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwleMAwQA
wleUMA0GCSqGSIb3DQEBCwUAA4IBAQAZvQyUbxEAkzyyJ0kDyc9sYtuGbV6PWPAQ
bK0H4J4QircDGnGjfHKLmiHzwEW3PH+w0zT+bbn108oyeeYFZulyuLql8k48/2DO
VJYGyPoSIf426OMkOVcWKJBX3RBd3u4a3Pq5E1xXOGHY/857YEKplelp5+Vx1eaQ
q85Rb7I8Lkh4mJfSIv1ommwqyiP+5fqUWK6yw9fE2Sn8TfCQctAwMCSHQ3Vk2UF+
JBXM6uR57IIgy3U/RIufrqcTw/p+dPymnhKv84n3rfGC3EM38VS7bOZemPqiAxwS
BdIHmBHTI3n40ISIO+reCIqc3STpMIZd9WXhTFoYm9g5cbF2f7Cn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org