Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y9dzeKCCepzAVWrLyFMwSS0w6LE.roa
File: y9dzeKCCepzAVWrLyFMwSS0w6LE.roa (raw, json)
Hash identifier: jH1f5XkhZOW4jwzlUIarsPZNJBaIyHHEbWREsTXcqaU=
Subject key identifier: CB:D7:73:78:A0:82:7A:9C:C0:55:6A:CB:C8:53:30:49:2D:30:E8:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191170BE0BDFFF7B559B1D9FDAAF61295AC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y9dzeKCCepzAVWrLyFMwSS0w6LE.roa
Signing time: Sat 03 Aug 2024 07:02:19 +0000
ROA not before: Sat 03 Aug 2024 07:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400536
IP address blocks: 194.87.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:0b:e0:bd:ff:f7:b5:59:b1:d9:fd:aa:f6:12:95:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 07:02:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbd77378a0827a9cc0556acbc85330492d30e8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:f0:87:a5:17:f1:8e:fe:17:23:87:c1:e6:
83:e0:4f:35:61:92:8e:64:15:79:d8:83:21:77:a6:
8d:2d:8d:f4:32:53:78:02:57:b0:5a:cd:15:d5:e0:
1a:77:5d:53:ad:d7:7d:6c:e5:39:37:7a:7a:91:ce:
63:85:62:60:c7:4d:a2:4c:80:6b:00:af:36:ed:ad:
47:f4:0e:f2:c7:43:c0:21:3a:9a:78:c2:57:79:03:
bf:e5:0b:84:0b:7f:dc:f6:12:f3:9d:00:82:3a:64:
93:c0:84:c6:ac:b0:2b:d9:4b:9c:31:fb:1d:c1:4f:
f8:e5:5e:6d:49:c6:05:d1:38:2b:46:5d:5b:46:f5:
ef:bc:6c:fa:d3:ce:21:1a:2f:5a:93:3e:5e:4d:e1:
24:3e:f0:7c:99:60:ce:35:9b:61:60:b4:45:bd:90:
41:9e:de:9a:9e:34:27:6b:42:8c:29:ab:f8:8b:17:
c4:17:8f:cc:15:f6:11:dc:9d:59:88:3e:72:2f:11:
fd:cd:7c:71:ab:6e:81:f9:9b:1f:6f:57:b0:0e:3e:
d2:27:1c:4b:f8:64:e6:58:91:7e:b9:00:f7:b6:2a:
5b:3b:1a:4d:f6:13:84:8f:bf:59:72:87:c2:1a:79:
61:fc:b3:38:5c:4b:72:4e:f9:31:0d:5f:4b:4b:03:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D7:73:78:A0:82:7A:9C:C0:55:6A:CB:C8:53:30:49:2D:30:E8:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y9dzeKCCepzAVWrLyFMwSS0w6LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.17.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:0d:0c:a6:fb:0f:cc:37:0b:f3:d6:b7:7f:74:7c:84:06:2c:
1f:9f:d1:91:a4:88:e8:bc:4e:36:ae:90:6f:4c:4c:33:7e:02:
2a:12:c7:1a:65:3a:56:85:c3:2a:b7:c6:66:e0:ab:2b:d2:3e:
0b:8a:e1:c4:16:9c:89:bc:4e:15:7e:01:b7:33:6e:7b:73:99:
c6:a1:87:3b:e6:ba:da:a4:5c:97:ee:b2:4e:2a:74:53:67:11:
cb:cb:dc:75:23:d7:5c:08:1e:99:6e:8e:9e:e5:c4:52:8d:74:
f6:09:98:0f:d7:eb:c8:5a:e6:3f:6f:fc:fb:cb:56:54:59:03:
e0:11:05:fd:1c:57:3a:b4:b5:31:fa:9c:6a:af:de:de:d7:16:
38:dc:57:c3:c9:2c:fc:cb:aa:e6:50:e2:51:96:35:14:3a:1d:
30:c9:4d:0d:43:ef:e2:c2:d1:a5:38:74:b9:b0:c4:8d:4e:3d:
c6:68:d9:6e:a6:a9:63:b2:87:36:c3:73:c0:83:59:cf:6a:16:
eb:71:07:d8:29:62:41:32:12:cc:9b:41:0b:b4:67:66:6e:be:
76:e2:f4:a7:20:97:00:f5:83:16:a6:5c:ec:ec:2a:c4:fd:5a:
30:4f:19:52:2a:12:27:12:ab:12:2a:ec:fe:e2:80:26:91:03:
65:34:14:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEXC+C9//e1WbHZ/ar2EpWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODAzMDcwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ3NzM3OGEwODI3YTljYzA1NTZhY2JjODUzMzA0OTJkMzBlOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Pwh6UX8Y7+FyOHweaD4E81YZKO
ZBV52IMhd6aNLY30MlN4AlewWs0V1eAad11Trdd9bOU5N3p6kc5jhWJgx02iTIBr
AK827a1H9A7yx0PAITqaeMJXeQO/5QuEC3/c9hLznQCCOmSTwITGrLAr2UucMfsd
wU/45V5tScYF0TgrRl1bRvXvvGz6084hGi9akz5eTeEkPvB8mWDONZthYLRFvZBB
nt6anjQna0KMKav4ixfEF4/MFfYR3J1ZiD5yLxH9zXxxq26B+Zsfb1ewDj7SJxxL
+GTmWJF+uQD3tipbOxpN9hOEj79ZcofCGnlh/LM4XEtyTvkxDV9LSwPgdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvXc3iggnqcwFVqy8hTMEktMOixMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveTlkemVLQ0NlcHpBVldyTHlGTXdTUzB3NkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcRMA0G
CSqGSIb3DQEBCwUAA4IBAQBrDQym+w/MNwvz1rd/dHyEBiwfn9GRpIjovE42rpBv
TEwzfgIqEscaZTpWhcMqt8Zm4Ksr0j4LiuHEFpyJvE4VfgG3M257c5nGoYc75rra
pFyX7rJOKnRTZxHLy9x1I9dcCB6Zbo6e5cRSjXT2CZgP1+vIWuY/b/z7y1ZUWQPg
EQX9HFc6tLUx+pxqr97e1xY43FfDySz8y6rmUOJRljUUOh0wyU0NQ+/iwtGlOHS5
sMSNTj3GaNlupqljsoc2w3PAg1nPahbrcQfYKWJBMhLMm0ELtGdmbr524vSnIJcA
9YMWplzs7CrE/VowTxlSKhInEqsSKuz+4oAmkQNlNBQ1
-----END CERTIFICATE-----
Generated at Mon Oct 7 14:40:53 2024 by rpki-client on console-ams.rpki-client.org