Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tjPKBiHq5dOiAH9iXFlsG2KOnXs.roa
File: tjPKBiHq5dOiAH9iXFlsG2KOnXs.roa (raw, json)
Hash identifier: rmAzi+iKtJMrMjQCxCEUh9wU8K7RBaI7WKfYbkI5Yj0=
Subject key identifier: B6:33:CA:06:21:EA:E5:D3:A2:00:7F:62:5C:59:6C:1B:62:8E:9D:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BD292CC21D7B2F28DE0EB57CC88E0FB57
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tjPKBiHq5dOiAH9iXFlsG2KOnXs.roa
Signing time: Wed 15 Nov 2023 10:41:57 +0000
ROA not before: Wed 15 Nov 2023 10:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:92:cc:21:d7:b2:f2:8d:e0:eb:57:cc:88:e0:fb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 10:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b633ca0621eae5d3a2007f625c596c1b628e9d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:4b:f6:12:6b:5c:da:5b:b7:db:cd:ea:27:
49:7a:83:91:ec:76:ce:cc:8d:c9:6f:a1:8a:79:52:
a9:bf:8e:b0:be:41:87:95:63:03:cb:ce:02:e3:41:
c2:51:a8:a1:13:63:7d:47:6f:91:be:88:75:76:cf:
2f:92:d0:a2:6c:5e:11:ca:a2:80:b8:ff:cb:c5:1f:
aa:fe:72:4b:51:4e:d2:d3:97:76:02:73:9d:26:2d:
e9:70:55:1b:86:d3:14:be:5f:7b:8a:a3:3d:4d:1d:
45:9a:80:39:eb:16:bf:af:0c:3e:0b:63:07:27:d8:
37:36:3a:ae:b7:7f:de:5a:a5:67:8a:6b:78:2b:3b:
7a:5f:9c:7f:dd:58:1f:d6:15:b1:fb:5a:74:de:18:
89:cf:4a:e9:00:11:18:c9:f2:7f:b4:6a:f0:29:29:
db:d4:e6:96:87:fb:7d:34:e7:78:7f:60:59:38:9b:
03:d6:49:40:6d:80:33:e4:70:93:78:bb:f3:5c:4e:
87:49:d0:8e:47:01:c3:74:34:9f:e7:10:7f:44:0b:
cc:d5:bf:e6:35:a8:60:37:8e:b9:c1:3c:f5:23:93:
08:95:a2:79:93:95:46:ab:72:d9:61:30:f2:ed:f2:
4b:cb:79:24:1d:7a:55:35:5a:47:97:2e:eb:60:9e:
af:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:33:CA:06:21:EA:E5:D3:A2:00:7F:62:5C:59:6C:1B:62:8E:9D:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tjPKBiHq5dOiAH9iXFlsG2KOnXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:f4:97:e0:1e:3d:f0:49:66:b7:bc:a7:10:8c:6e:e4:44:c7:
c2:69:1c:37:61:5f:7a:f3:ab:bd:ba:6c:fc:77:e7:f2:ce:53:
c1:fc:d4:04:ef:79:be:0b:05:aa:8d:bc:fb:52:17:23:7c:4a:
c1:fd:9d:05:cb:b5:56:9c:46:79:37:e0:53:0f:56:6d:ce:74:
15:87:23:92:27:97:2a:ff:60:6a:a1:ae:1d:22:8b:69:e7:d7:
f4:25:16:2d:63:e5:e9:ad:6c:60:89:60:89:80:3b:b6:12:f1:
f6:1f:b3:75:47:d5:35:71:da:ed:ef:f1:4d:52:af:c7:4d:9d:
56:cd:36:2c:b4:3f:54:98:c3:8a:c9:10:6f:44:81:2c:0a:99:
cf:5d:1e:b3:66:21:66:62:cf:b6:2e:31:ff:dd:2a:e6:60:5d:
71:f0:a0:b6:c2:11:24:3c:ff:a3:72:c2:79:41:d7:db:cd:d9:
b7:38:b0:20:07:8f:a0:6c:cd:88:4e:f9:2d:28:59:48:1b:23:
6c:20:25:05:62:c8:9b:50:37:84:87:3f:0c:1b:33:29:21:92:
99:9c:5c:f7:a0:7b:9c:3d:af:86:4c:3e:c1:8c:64:f6:76:ea:
eb:88:e2:b3:ce:13:63:03:e5:94:a9:e9:1a:b9:2f:6c:a3:85:
85:2f:39:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvSkswh17LyjeDrV8yI4PtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE1MTA0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMzY2EwNjIxZWFlNWQzYTIwMDdmNjI1YzU5NmMxYjYyOGU5ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIRL9hJrXNpbt9vN6idJeoOR7HbO
zI3Jb6GKeVKpv46wvkGHlWMDy84C40HCUaihE2N9R2+Rvoh1ds8vktCibF4RyqKA
uP/LxR+q/nJLUU7S05d2AnOdJi3pcFUbhtMUvl97iqM9TR1FmoA56xa/rww+C2MH
J9g3Njqut3/eWqVnimt4Kzt6X5x/3Vgf1hWx+1p03hiJz0rpABEYyfJ/tGrwKSnb
1OaWh/t9NOd4f2BZOJsD1klAbYAz5HCTeLvzXE6HSdCORwHDdDSf5xB/RAvM1b/m
NahgN465wTz1I5MIlaJ5k5VGq3LZYTDy7fJLy3kkHXpVNVpHly7rYJ6vjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYzygYh6uXTogB/YlxZbBtijp17MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdGpQS0JpSHE1ZE9pQUg5aVhGbHNHMktPblhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfHMA0G
CSqGSIb3DQEBCwUAA4IBAQBL9JfgHj3wSWa3vKcQjG7kRMfCaRw3YV9686u9umz8
d+fyzlPB/NQE73m+CwWqjbz7UhcjfErB/Z0Fy7VWnEZ5N+BTD1ZtznQVhyOSJ5cq
/2Bqoa4dIotp59f0JRYtY+XprWxgiWCJgDu2EvH2H7N1R9U1cdrt7/FNUq/HTZ1W
zTYstD9UmMOKyRBvRIEsCpnPXR6zZiFmYs+2LjH/3SrmYF1x8KC2whEkPP+jcsJ5
Qdfbzdm3OLAgB4+gbM2ITvktKFlIGyNsICUFYsibUDeEhz8MGzMpIZKZnFz3oHuc
Pa+GTD7BjGT2durriOKzzhNjA+WUqekauS9so4WFLzkN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org