Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh5E0YnZqNieoifiPS-OJchKi20.roa
File: wh5E0YnZqNieoifiPS-OJchKi20.roa (raw, json)
Hash identifier: OkdVWG7+47kBEc12vGdopHup3q9xME+sglcajli/Q2A=
Subject key identifier: C2:1E:44:D1:89:D9:A8:D8:9E:A2:27:E2:3D:2F:8E:25:C8:4A:8B:6D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187572E43A68DCD6F871D0A07505E91F36D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh5E0YnZqNieoifiPS-OJchKi20.roa
Signing time: Thu 06 Apr 2023 15:27:42 +0000
ROA not before: Thu 06 Apr 2023 15:27:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210352
IP address blocks: 194.87.31.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 15:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:2e:43:a6:8d:cd:6f:87:1d:0a:07:50:5e:91:f3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:27:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c21e44d189d9a8d89ea227e23d2f8e25c84a8b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:84:69:55:95:aa:d6:fa:c3:b2:d1:84:b7:74:
1d:f9:f4:12:60:f8:95:86:24:e7:c7:25:82:88:6b:
2c:4a:35:c9:6a:7b:b4:e0:3d:b5:d2:5b:94:03:ac:
1f:68:3f:86:34:ab:56:f3:ab:34:27:e5:4e:6c:48:
de:2b:88:7b:06:76:9a:83:79:f0:be:fa:a8:0b:ec:
cf:13:2b:b0:fe:0f:af:8a:38:05:b4:63:ab:3b:b2:
19:84:7c:98:d7:22:6d:18:20:b7:e6:87:48:17:0a:
e3:ce:c3:67:ba:75:7e:39:be:0c:32:19:22:c7:bf:
86:d1:b1:44:af:30:9b:e2:10:46:ae:d8:d3:29:8c:
17:25:42:73:59:2c:c2:20:7e:33:c5:ce:2d:d3:b5:
e3:db:f4:b0:8d:37:ad:2d:2d:c1:40:69:02:93:e9:
0a:f2:dc:de:f5:47:7b:51:c1:73:84:b2:92:f4:8d:
ee:71:58:df:78:23:05:62:34:ba:ea:85:86:e7:a1:
36:06:0c:27:f3:45:cb:94:bb:f1:72:4e:c2:62:99:
5b:00:9c:60:25:81:0b:16:f1:87:3e:49:7f:63:41:
38:e4:c8:3f:9c:2b:7f:4b:55:f0:6a:5f:c4:f6:14:
14:19:d6:3b:a2:5b:f4:96:f8:96:c3:55:11:69:a3:
a0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1E:44:D1:89:D9:A8:D8:9E:A2:27:E2:3D:2F:8E:25:C8:4A:8B:6D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh5E0YnZqNieoifiPS-OJchKi20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.71.0/24
Signature Algorithm: sha256WithRSAEncryption
70:37:a8:4a:32:1a:1b:69:b8:f1:44:dc:bf:76:eb:71:60:2f:
0f:64:52:01:02:e3:83:f0:46:c4:9b:bb:23:c4:aa:42:b1:f8:
e7:47:d3:65:c1:60:6b:78:76:2f:d8:ef:3e:14:f2:8b:99:7a:
42:e7:79:71:dd:5b:86:93:e7:b6:c5:6c:a8:61:15:4f:1c:c5:
ae:96:7e:ea:33:73:57:ee:1e:91:74:1e:bd:f5:9d:e5:cd:52:
dd:23:39:75:c1:ad:d3:f2:a8:16:65:9a:00:5f:8c:7a:b6:39:
4e:ca:8b:c5:12:46:88:47:78:d5:b5:8a:8d:57:db:7f:e3:4a:
24:1f:45:a8:3e:41:f0:8c:87:54:20:00:d6:15:2d:ed:ee:09:
17:90:6b:ed:e3:08:d7:28:d0:9d:0b:33:0a:36:04:04:6f:b7:
26:dc:6a:1b:c0:f6:34:26:73:5c:77:ab:4d:c5:aa:ae:ee:40:
4c:11:b0:32:61:fb:aa:f4:a2:48:b1:59:09:f0:6f:6b:22:9b:
f4:4c:86:e6:da:af:49:c7:e9:ee:72:d1:47:b1:49:21:d0:75:
62:a7:0a:33:ee:71:8e:db:3a:bc:a4:7e:93:35:9e:fc:a3:62:
70:2b:b8:0a:b6:13:7c:46:b3:65:c9:c5:f4:81:83:a2:d4:df:
34:55:1b:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdXLkOmjc1vhx0KB1BekfNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTUyNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFlNDRkMTg5ZDlhOGQ4OWVhMjI3ZTIzZDJmOGUyNWM4NGE4YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIRpVZWq1vrDstGEt3Qd+fQSYPiV
hiTnxyWCiGssSjXJanu04D210luUA6wfaD+GNKtW86s0J+VObEjeK4h7Bnaag3nw
vvqoC+zPEyuw/g+vijgFtGOrO7IZhHyY1yJtGCC35odIFwrjzsNnunV+Ob4MMhki
x7+G0bFErzCb4hBGrtjTKYwXJUJzWSzCIH4zxc4t07Xj2/SwjTetLS3BQGkCk+kK
8tze9Ud7UcFzhLKS9I3ucVjfeCMFYjS66oWG56E2Bgwn80XLlLvxck7CYplbAJxg
JYELFvGHPkl/Y0E45Mg/nCt/S1Xwal/E9hQUGdY7olv0lviWw1URaaOgUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMIeRNGJ2ajYnqIn4j0vjiXISottMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2g1RTBZblpxTmllb2lmaVBTLU9KY2hLaTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlcfAwQA
wldHMA0GCSqGSIb3DQEBCwUAA4IBAQBwN6hKMhobabjxRNy/dutxYC8PZFIBAuOD
8EbEm7sjxKpCsfjnR9NlwWBreHYv2O8+FPKLmXpC53lx3VuGk+e2xWyoYRVPHMWu
ln7qM3NX7h6RdB699Z3lzVLdIzl1wa3T8qgWZZoAX4x6tjlOyovFEkaIR3jVtYqN
V9t/40okH0WoPkHwjIdUIADWFS3t7gkXkGvt4wjXKNCdCzMKNgQEb7cm3GobwPY0
JnNcd6tNxaqu7kBMEbAyYfuq9KJIsVkJ8G9rIpv0TIbm2q9Jx+nuctFHsUkh0HVi
pwoz7nGO2zq8pH6TNZ78o2JwK7gKthN8RrNlycX0gYOi1N80VRsh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:51 2024 by rpki-client on console-ams.rpki-client.org