Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/stn1wNv2mXgOgdcRZNvacBcAo-Y.roa
File: stn1wNv2mXgOgdcRZNvacBcAo-Y.roa (raw, json)
Hash identifier: G7ZEOdzdW/MtaNSUJP/DsrVx6KZXIasThWVimKeiBZQ=
Subject key identifier: B2:D9:F5:C0:DB:F6:99:78:0E:81:D7:11:64:DB:DA:70:17:00:A3:E6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185C142D10DB3DC862345939A54F9219431
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/stn1wNv2mXgOgdcRZNvacBcAo-Y.roa
Signing time: Tue 17 Jan 2023 19:44:19 +0000
ROA not before: Tue 17 Jan 2023 19:44:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 194.87.34.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Feb 2023 12:56:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c1:42:d1:0d:b3:dc:86:23:45:93:9a:54:f9:21:94:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 19:44:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2d9f5c0dbf699780e81d71164dbda701700a3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a5:89:bc:2e:f8:c6:57:20:03:55:06:cb:94:
c7:50:ed:23:6a:e4:61:19:12:1f:be:dd:2e:68:da:
3a:98:90:d0:cd:bd:fc:ff:3a:b2:a5:3a:62:9b:13:
9c:e3:b5:08:4c:15:7d:77:ba:7b:f6:74:80:f5:a6:
b8:83:9c:df:40:96:63:d1:e2:9c:7b:21:65:ba:46:
1d:4d:b4:10:5c:a6:1f:99:dc:a6:31:42:b2:15:06:
7a:1c:f7:fe:c8:20:d3:43:f4:12:76:dd:1b:e1:61:
c6:35:23:07:aa:41:13:60:d7:a9:95:29:5b:93:de:
cd:54:46:e6:50:43:97:62:39:d4:d8:31:ce:73:c4:
e3:d8:e5:5b:e6:9b:a6:39:33:92:56:bc:60:29:3d:
1d:d6:47:9c:17:32:09:a3:81:a3:97:ad:13:9f:63:
24:c6:10:c0:69:90:bc:3b:23:1e:5e:3c:84:4c:a7:
35:49:01:af:f5:ba:93:90:ba:85:e6:b6:fe:2d:71:
3f:55:88:fe:81:c9:73:25:bc:be:a7:e0:22:43:84:
20:22:f8:0b:00:d6:ff:76:18:04:13:ff:95:b7:8d:
9d:1d:a8:de:a6:9f:d3:fb:ba:da:81:7a:fa:1b:67:
4b:55:05:09:54:fc:33:18:67:6a:16:bb:9a:12:9d:
b3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D9:F5:C0:DB:F6:99:78:0E:81:D7:11:64:DB:DA:70:17:00:A3:E6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/stn1wNv2mXgOgdcRZNvacBcAo-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.34.0/24
194.87.165.0/24
Signature Algorithm: sha256WithRSAEncryption
19:0c:7c:ed:bd:e4:4c:65:65:e2:45:8b:81:c4:a5:b3:6d:38:
c2:7a:aa:f8:19:2a:83:3b:97:62:c4:06:c3:c1:0e:cc:e2:c4:
28:47:0f:0e:1a:27:1b:db:93:3c:67:27:9d:80:b1:8f:c5:6a:
44:b3:54:86:93:9d:8d:05:ac:91:93:0d:68:09:29:a1:ec:c2:
6e:04:73:54:79:00:fa:70:e4:f8:77:76:e8:f9:50:4c:4b:7b:
a6:e0:86:d5:8d:52:02:1a:f7:47:39:76:a2:27:79:16:1e:5e:
fb:c5:9f:69:f1:73:13:59:15:61:86:b5:cf:21:84:9a:04:1e:
3e:7e:01:73:30:d5:2d:1b:5a:42:db:3d:87:7b:d9:4f:67:00:
65:21:c6:42:b2:bb:99:2e:78:2c:3c:0f:76:f3:41:fc:ab:4c:
3e:6a:fa:e7:5f:62:84:21:06:5f:f4:99:e8:01:0d:85:8a:7b:
10:d8:72:07:4c:2a:93:27:bd:f3:78:fc:86:e0:93:60:cb:b2:
ca:21:8f:a2:12:05:dc:18:0e:af:0e:29:80:f0:d2:d1:5e:ee:
be:61:85:49:98:78:7c:f8:73:85:88:ad:53:e8:ba:ec:92:f4:
5d:85:1e:f2:c4:d0:e7:52:ff:12:08:cc:4a:f6:7c:c0:2a:a5:
31:8e:10:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXBQtENs9yGI0WTmlT5IZQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE3MTk0NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ5ZjVjMGRiZjY5OTc4MGU4MWQ3MTE2NGRiZGE3MDE3MDBhM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaWJvC74xlcgA1UGy5THUO0jauRh
GRIfvt0uaNo6mJDQzb38/zqypTpimxOc47UITBV9d7p79nSA9aa4g5zfQJZj0eKc
eyFlukYdTbQQXKYfmdymMUKyFQZ6HPf+yCDTQ/QSdt0b4WHGNSMHqkETYNeplSlb
k97NVEbmUEOXYjnU2DHOc8Tj2OVb5pumOTOSVrxgKT0d1kecFzIJo4Gjl60Tn2Mk
xhDAaZC8OyMeXjyETKc1SQGv9bqTkLqF5rb+LXE/VYj+gclzJby+p+AiQ4QgIvgL
ANb/dhgEE/+Vt42dHajepp/T+7ragXr6G2dLVQUJVPwzGGdqFruaEp2zGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLZ9cDb9pl4DoHXEWTb2nAXAKPmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3RuMXdOdjJtWGdPZ2RjUlpOdmFjQmNBby1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlciAwQA
wlelMA0GCSqGSIb3DQEBCwUAA4IBAQAZDHztveRMZWXiRYuBxKWzbTjCeqr4GSqD
O5dixAbDwQ7M4sQoRw8OGicb25M8ZyedgLGPxWpEs1SGk52NBayRkw1oCSmh7MJu
BHNUeQD6cOT4d3bo+VBMS3um4IbVjVICGvdHOXaiJ3kWHl77xZ9p8XMTWRVhhrXP
IYSaBB4+fgFzMNUtG1pC2z2He9lPZwBlIcZCsruZLngsPA9280H8q0w+avrnX2KE
IQZf9JnoAQ2FinsQ2HIHTCqTJ73zePyG4JNgy7LKIY+iEgXcGA6vDimA8NLRXu6+
YYVJmHh8+HOFiK1T6LrskvRdhR7yxNDnUv8SCMxK9nzAKqUxjhCR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org