Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wA9H1e9M6ooPNdDBtwIVf0sKeTU.roa
File: wA9H1e9M6ooPNdDBtwIVf0sKeTU.roa (raw, json)
Hash identifier: bg59NF8RbHvrCGdeT0qeNsJsCczz8VCHYCJFrifAL/g=
Subject key identifier: C0:0F:47:D5:EF:4C:EA:8A:0F:35:D0:C1:B7:02:15:7F:4B:0A:79:35
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A69285F2AA3362BFAC1B4315ACD2B76E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wA9H1e9M6ooPNdDBtwIVf0sKeTU.roa
Signing time: Wed 06 Sep 2023 06:22:48 +0000
ROA not before: Wed 06 Sep 2023 06:22:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 194.87.233.0/24 maxlen: 24
194.87.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Oct 2023 06:24:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:28:5f:2a:a3:36:2b:fa:c1:b4:31:5a:cd:2b:76:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 06:22:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00f47d5ef4cea8a0f35d0c1b702157f4b0a7935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b0:ba:2d:40:59:e0:2b:d0:3b:5d:a9:54:59:
97:56:67:55:c1:af:9f:5f:49:be:5f:05:04:35:58:
fa:43:ee:94:2d:23:d0:d7:bc:3a:30:34:a1:d4:c5:
06:97:f2:7d:93:cd:88:8a:7a:bb:00:e5:9c:04:4e:
1d:23:7b:8e:1e:1d:10:c9:44:f3:46:78:3a:d1:ee:
56:df:31:34:5d:a9:d0:5c:9b:9f:1d:17:ae:0b:1d:
e0:ad:91:2b:0b:3f:51:ec:80:30:45:10:d9:85:a6:
5a:d7:50:9d:10:dd:f2:3c:39:ee:9a:51:ad:e1:a0:
74:35:f3:c8:7a:1b:bd:bc:78:66:a3:04:58:90:2b:
fd:9d:43:91:22:3e:b7:62:f5:38:c0:97:62:21:13:
96:11:a0:62:70:e3:4a:81:cd:e1:3e:57:fb:2a:53:
17:b1:df:a1:bf:82:a9:31:d8:3f:6d:e5:3b:63:9c:
cc:3d:47:e9:63:85:ae:64:d1:fb:8d:6d:57:c7:47:
d8:4b:98:9a:72:61:87:70:60:64:00:f9:d4:28:f6:
0c:ea:f3:8e:6c:c4:fe:24:0c:6b:58:94:68:56:9a:
4f:79:1f:25:45:24:3c:c1:d9:87:09:b7:3a:f9:90:
8d:a7:d3:69:8e:a4:4b:af:a0:f9:47:2b:e0:e3:5f:
a2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0F:47:D5:EF:4C:EA:8A:0F:35:D0:C1:B7:02:15:7F:4B:0A:79:35
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wA9H1e9M6ooPNdDBtwIVf0sKeTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.129.0/24
194.87.233.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2f:0d:ed:81:93:80:cc:ec:cd:7f:da:8b:f0:5e:eb:53:c6:
01:71:b9:2d:c0:c9:62:3b:19:17:20:71:aa:82:c0:20:57:66:
e3:dc:2f:2e:2a:7f:3e:fe:da:be:2f:1c:85:83:7c:8b:4a:1f:
1e:29:51:43:1d:60:23:5d:3c:8d:a2:37:9d:85:1f:5e:5c:8b:
85:84:b3:9d:d6:a9:71:f6:bb:67:85:8c:c9:99:8d:b6:72:4b:
08:af:59:75:ea:91:2f:97:c5:eb:af:03:9a:6e:6d:1c:01:f2:
11:81:da:77:05:57:4a:dd:fe:4e:9d:a5:4b:7f:86:a6:26:27:
2e:a4:38:88:e9:62:57:e5:ed:24:50:d6:50:8f:09:64:f0:03:
f3:d4:0d:c7:65:bd:77:61:9a:c3:eb:b7:6b:ea:01:b8:8a:1d:
de:89:74:df:e6:6d:1d:e0:ef:26:36:8d:9a:b9:d2:fa:f0:d1:
aa:45:42:6a:5a:37:84:6e:95:5e:3f:e3:1c:91:e0:11:58:e2:
3f:02:8a:21:3c:88:8d:eb:d3:31:39:a9:3c:ed:2f:2f:e0:c3:
05:17:b4:02:34:ee:d9:03:b8:9a:a6:3a:f9:92:17:ec:90:ba:
78:ff:e8:f3:92:82:52:8a:da:a4:5e:04:84:84:bc:26:52:e5:
fd:c4:dc:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYppKF8qozYr+sG0MVrNK3bmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MDYyMjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBmNDdkNWVmNGNlYThhMGYzNWQwYzFiNzAyMTU3ZjRiMGE3OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bC6LUBZ4CvQO12pVFmXVmdVwa+f
X0m+XwUENVj6Q+6ULSPQ17w6MDSh1MUGl/J9k82Iinq7AOWcBE4dI3uOHh0QyUTz
Rng60e5W3zE0XanQXJufHReuCx3grZErCz9R7IAwRRDZhaZa11CdEN3yPDnumlGt
4aB0NfPIehu9vHhmowRYkCv9nUORIj63YvU4wJdiIROWEaBicONKgc3hPlf7KlMX
sd+hv4KpMdg/beU7Y5zMPUfpY4WuZNH7jW1Xx0fYS5iacmGHcGBkAPnUKPYM6vOO
bMT+JAxrWJRoVppPeR8lRSQ8wdmHCbc6+ZCNp9NpjqRLr6D5Ryvg41+i+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAPR9XvTOqKDzXQwbcCFX9LCnk1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd0E5SDFlOU02b29QTmREQnR3SVZmMHNLZVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwleBAwQA
wlfpMA0GCSqGSIb3DQEBCwUAA4IBAQA3Lw3tgZOAzOzNf9qL8F7rU8YBcbktwMli
OxkXIHGqgsAgV2bj3C8uKn8+/tq+LxyFg3yLSh8eKVFDHWAjXTyNojedhR9eXIuF
hLOd1qlx9rtnhYzJmY22cksIr1l16pEvl8XrrwOabm0cAfIRgdp3BVdK3f5OnaVL
f4amJicupDiI6WJX5e0kUNZQjwlk8APz1A3HZb13YZrD67dr6gG4ih3eiXTf5m0d
4O8mNo2audL68NGqRUJqWjeEbpVeP+MckeARWOI/AoohPIiN69MxOak87S8v4MMF
F7QCNO7ZA7iapjr5khfskLp4/+jzkoJSitqkXgSEhLwmUuX9xNxA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org