Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t_CVYoZm6eFmQgbF3Xv8PoCjtaY.roa
File: t_CVYoZm6eFmQgbF3Xv8PoCjtaY.roa (raw, json)
Hash identifier: pWsOjclKzhC8HZrBLP2X7OE7dQBJeYACyd58oD6n9ok=
Subject key identifier: B7:F0:95:62:86:66:E9:E1:66:42:06:C5:DD:7B:FC:3E:80:A3:B5:A6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AA6C6067479777D7F2874908D4A700E6F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t_CVYoZm6eFmQgbF3Xv8PoCjtaY.roa
Signing time: Mon 18 Sep 2023 05:31:50 +0000
ROA not before: Mon 18 Sep 2023 05:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31863
IP address blocks: 194.87.228.0/24 maxlen: 24
212.192.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 05:41:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:c6:06:74:79:77:7d:7f:28:74:90:8d:4a:70:0e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 18 05:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f095628666e9e1664206c5dd7bfc3e80a3b5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d9:60:6e:b2:57:45:91:1c:46:12:62:86:71:
03:0b:93:84:03:24:aa:e1:4b:dd:9a:1b:f7:65:5a:
ec:ca:c6:26:d6:a2:76:9f:f2:eb:de:5f:63:ed:bf:
c4:f8:a5:53:fd:16:9f:d4:12:62:d1:7b:f9:ad:72:
4f:7a:06:b9:3e:89:00:fc:3a:12:78:11:9a:70:42:
91:7d:f6:92:a2:7c:d5:82:24:52:d9:59:aa:f1:5e:
c3:8d:06:de:2f:86:f5:e6:29:21:03:5a:a1:c0:99:
36:c1:f2:8b:22:47:cd:9b:4e:fe:61:1f:aa:e7:9b:
f9:29:be:7b:3c:f2:fd:93:bc:47:00:81:82:e3:e2:
45:00:65:c7:cc:af:d9:40:43:ad:61:90:c9:78:fc:
4c:29:d7:44:3f:46:49:13:63:13:0b:63:da:b6:ca:
06:be:5a:05:36:3d:fe:71:dc:ff:7c:7b:37:ec:5e:
8b:a9:d7:4b:46:8e:2d:a5:f8:04:92:f6:8d:5c:79:
5e:17:75:48:4c:86:cd:f4:e1:39:fb:a4:8c:94:45:
c0:b2:b2:57:d5:91:86:f2:d5:38:96:ba:9f:5c:f8:
18:b6:d3:6f:f8:dd:0c:f9:e2:6c:ae:7d:6b:74:8e:
19:d9:89:24:dc:32:aa:96:ec:5c:35:b9:f4:88:e8:
ae:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F0:95:62:86:66:E9:E1:66:42:06:C5:DD:7B:FC:3E:80:A3:B5:A6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t_CVYoZm6eFmQgbF3Xv8PoCjtaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.228.0/24
212.192.255.0/24
Signature Algorithm: sha256WithRSAEncryption
33:e9:51:9f:e2:e7:d9:e7:a1:1a:48:69:f2:ea:f3:88:9c:a2:
52:e6:60:e8:3d:cf:c7:9a:24:7d:58:b2:e2:48:b3:52:cc:0c:
0d:b1:8d:4d:06:ac:3b:1e:db:67:a0:9c:53:e9:0d:0a:fe:30:
b7:49:85:89:f6:4f:cf:d7:08:d4:0e:9d:f7:86:b1:a5:9a:d9:
98:73:a5:c2:ec:d7:f9:4d:f9:09:89:60:9b:52:d7:94:39:72:
80:00:00:60:d1:ea:1c:2a:4e:7e:ca:1a:09:41:68:49:df:51:
a9:c1:83:9f:58:3c:12:60:ed:ea:d8:a7:f1:63:db:20:c2:37:
3c:8f:9e:ee:10:8d:a6:fa:87:b3:fe:c8:0b:fb:07:7f:23:dc:
12:76:03:86:02:87:02:af:ed:1a:d3:b6:56:82:3a:84:c9:73:
a0:ae:41:aa:a9:5c:0a:be:21:af:b5:30:e2:c2:c8:3a:ca:24:
e3:ee:36:0a:2f:dc:ea:2e:80:c3:e5:62:27:cf:01:b9:1a:2d:
01:1a:d7:1d:f9:0b:6f:5b:08:b0:25:b2:47:f5:29:18:35:7d:
ab:92:fa:0f:44:f4:51:9f:9e:12:2d:ad:05:5b:b6:bc:e0:d5:
0b:15:4b:5f:bb:6b:b0:1b:64:4c:55:5a:f1:76:f4:17:81:ec:
02:b7:61:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqmxgZ0eXd9fyh0kI1KcA5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE4MDUzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YwOTU2Mjg2NjZlOWUxNjY0MjA2YzVkZDdiZmMzZTgwYTNiNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydlgbrJXRZEcRhJihnEDC5OEAySq
4Uvdmhv3ZVrsysYm1qJ2n/Lr3l9j7b/E+KVT/Raf1BJi0Xv5rXJPega5PokA/DoS
eBGacEKRffaSonzVgiRS2Vmq8V7DjQbeL4b15ikhA1qhwJk2wfKLIkfNm07+YR+q
55v5Kb57PPL9k7xHAIGC4+JFAGXHzK/ZQEOtYZDJePxMKddEP0ZJE2MTC2PatsoG
vloFNj3+cdz/fHs37F6LqddLRo4tpfgEkvaNXHleF3VITIbN9OE5+6SMlEXAsrJX
1ZGG8tU4lrqfXPgYttNv+N0M+eJsrn1rdI4Z2Ykk3DKqluxcNbn0iOiurwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfwlWKGZunhZkIGxd17/D6Ao7WmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdF9DVllvWm02ZUZtUWdiRjNYdjhQb0NqdGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlfkAwQA
1MD/MA0GCSqGSIb3DQEBCwUAA4IBAQAz6VGf4ufZ56EaSGny6vOInKJS5mDoPc/H
miR9WLLiSLNSzAwNsY1NBqw7HttnoJxT6Q0K/jC3SYWJ9k/P1wjUDp33hrGlmtmY
c6XC7Nf5TfkJiWCbUteUOXKAAABg0eocKk5+yhoJQWhJ31GpwYOfWDwSYO3q2Kfx
Y9sgwjc8j57uEI2m+oez/sgL+wd/I9wSdgOGAocCr+0a07ZWgjqEyXOgrkGqqVwK
viGvtTDiwsg6yiTj7jYKL9zqLoDD5WInzwG5Gi0BGtcd+QtvWwiwJbJH9SkYNX2r
kvoPRPRRn54SLa0FW7a84NULFUtfu2uwG2RMVVrxdvQXgewCt2FF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org