Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xAUQd5Lj6-TNR8tRxC29pWwr6FM.roa
File: xAUQd5Lj6-TNR8tRxC29pWwr6FM.roa (raw, json)
Hash identifier: /P1WRFuMU0iRRa/g1jijMruCfNFggGgO/P1zgkAP8ZI=
Subject key identifier: C4:05:10:77:92:E3:EB:E4:CD:47:CB:51:C4:2D:BD:A5:6C:2B:E8:53
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187522BCC70BD53D62D37F8A24704FB938D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xAUQd5Lj6-TNR8tRxC29pWwr6FM.roa
Signing time: Wed 05 Apr 2023 16:06:54 +0000
ROA not before: Wed 05 Apr 2023 16:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210352
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 16:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:2b:cc:70:bd:53:d6:2d:37:f8:a2:47:04:fb:93:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c405107792e3ebe4cd47cb51c42dbda56c2be853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3e:4c:f3:99:9a:ca:35:85:1c:3f:ef:86:0a:
00:9a:5a:19:d8:10:6d:85:79:c8:6f:c4:94:2c:f1:
a1:08:1f:6e:96:12:61:bd:bf:64:f8:c2:95:df:72:
23:58:f1:7f:9f:12:e5:e0:95:30:6e:64:04:59:30:
83:c3:39:50:d5:00:ae:30:76:30:de:7f:ae:85:22:
b1:c8:98:c5:e3:d7:76:e2:af:57:83:b0:00:30:00:
18:b8:3a:c9:42:9f:4a:aa:48:66:2d:bf:00:f5:e8:
0e:b1:49:34:e4:aa:45:75:4a:21:e2:a3:ff:8c:c8:
04:73:a5:2b:01:ce:4e:43:46:0e:e6:cd:fa:86:49:
a7:8a:36:d1:8d:27:5b:a3:50:d0:7e:40:9e:33:ac:
1c:d6:f3:1f:48:0f:d2:cc:99:95:e6:e4:f1:2a:9c:
5f:ab:89:e2:5d:4a:22:e7:d2:cf:98:88:c2:45:21:
05:bb:64:53:57:27:24:67:36:09:f2:88:f6:60:90:
43:b4:37:94:f0:49:25:a2:7d:d9:8d:e3:ab:74:20:
97:ff:e9:9d:87:e4:e6:fd:4c:0b:c0:f0:0a:30:a2:
fb:75:fe:30:12:0b:dd:46:13:3f:7c:4a:9d:e5:d1:
c8:26:8b:b0:31:1d:b4:d4:02:06:1e:2d:41:cd:7c:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:05:10:77:92:E3:EB:E4:CD:47:CB:51:C4:2D:BD:A5:6C:2B:E8:53
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xAUQd5Lj6-TNR8tRxC29pWwr6FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
Signature Algorithm: sha256WithRSAEncryption
65:7f:e6:6a:24:96:5b:f1:bd:23:1c:64:27:5e:c7:6c:dc:c4:
42:c4:a6:73:1a:0b:f7:c4:00:fb:65:f9:3a:aa:4e:71:22:94:
8f:33:46:f9:36:7b:2b:ed:55:a6:6c:f5:8d:a7:6f:3d:e3:8d:
a6:8c:57:2e:4d:9e:44:8b:3f:9e:cd:fd:59:33:fc:52:62:99:
96:d5:c9:e6:b2:a4:72:a7:71:60:a3:44:4f:b9:bd:c0:0d:c3:
ec:62:ab:3e:d1:f2:74:6d:b1:27:34:f1:9a:ea:6f:36:35:6e:
7a:aa:bf:09:53:42:fc:32:55:9c:c3:01:6b:94:12:c8:44:c0:
8b:36:06:4a:bc:9a:20:6e:1a:fd:6c:df:2c:33:55:57:b4:98:
88:3e:85:59:17:29:6c:d1:37:73:43:1a:bc:4d:9e:65:a2:d1:
c5:57:06:3c:3d:88:51:33:32:41:6b:55:e5:1d:d8:6d:f0:4d:
4c:8c:26:8a:03:f9:52:9b:03:79:67:4f:da:82:98:30:00:99:
76:6a:94:e0:f1:82:87:89:aa:93:18:b7:dd:dd:cd:bf:92:0c:
07:f6:e5:c2:79:26:57:1e:16:c9:c0:c9:62:5c:7d:8a:70:ad:
28:28:6d:9e:b7:91:11:13:81:ab:b1:58:17:77:98:41:da:71:
d7:ed:f1:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdSK8xwvVPWLTf4okcE+5ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA1MTA3NzkyZTNlYmU0Y2Q0N2NiNTFjNDJkYmRhNTZjMmJlODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+T5M85mayjWFHD/vhgoAmloZ2BBt
hXnIb8SULPGhCB9ulhJhvb9k+MKV33IjWPF/nxLl4JUwbmQEWTCDwzlQ1QCuMHYw
3n+uhSKxyJjF49d24q9Xg7AAMAAYuDrJQp9KqkhmLb8A9egOsUk05KpFdUoh4qP/
jMgEc6UrAc5OQ0YO5s36hkmnijbRjSdbo1DQfkCeM6wc1vMfSA/SzJmV5uTxKpxf
q4niXUoi59LPmIjCRSEFu2RTVyckZzYJ8oj2YJBDtDeU8Eklon3ZjeOrdCCX/+md
h+Tm/UwLwPAKMKL7df4wEgvdRhM/fEqd5dHIJouwMR201AIGHi1BzXw4awIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMQFEHeS4+vkzUfLUcQtvaVsK+hTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveEFVUWQ1TGo2LVROUjh0UnhDMjlwV3dyNkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaMA0GCSqGSIb3DQEBCwUAA4IBAQBlf+ZqJJZb
8b0jHGQnXsds3MRCxKZzGgv3xAD7Zfk6qk5xIpSPM0b5Nnsr7VWmbPWNp289442m
jFcuTZ5Eiz+ezf1ZM/xSYpmW1cnmsqRyp3Fgo0RPub3ADcPsYqs+0fJ0bbEnNPGa
6m82NW56qr8JU0L8MlWcwwFrlBLIRMCLNgZKvJogbhr9bN8sM1VXtJiIPoVZFyls
0TdzQxq8TZ5lotHFVwY8PYhRMzJBa1XlHdht8E1MjCaKA/lSmwN5Z0/agpgwAJl2
apTg8YKHiaqTGLfd3c2/kgwH9uXCeSZXHhbJwMliXH2KcK0oKG2et5ERE4GrsVgX
d5hB2nHX7fFm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:51 2024 by rpki-client on console-ams.rpki-client.org