Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y_nNCQFccZLmDLaZzsjd3Q0SO5Y.roa
File: y_nNCQFccZLmDLaZzsjd3Q0SO5Y.roa (raw, json)
Hash identifier: bMgMZWHA9urahycl8zSTwllbCke/1ZI3PK2wb7S9TJs=
Subject key identifier: CB:F9:CD:09:01:5C:71:92:E6:0C:B6:99:CE:C8:DD:DD:0D:12:3B:96
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7527C0F1147AAC081A63BE668946
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y_nNCQFccZLmDLaZzsjd3Q0SO5Y.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 194.87.130.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 08:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:75:27:c0:f1:14:7a:ac:08:1a:63:be:66:89:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf9cd09015c7192e60cb699cec8dddd0d123b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:17:80:c4:92:58:ef:d8:fd:22:77:ad:d5:
ae:6c:ec:19:cf:8c:68:63:e4:3c:a0:c8:c7:e0:64:
b5:52:0b:26:65:2a:e4:18:6c:d7:33:80:80:39:1b:
46:69:f5:0e:71:d8:1d:d1:d3:87:ed:f6:8d:49:97:
30:07:4d:ca:f7:97:9d:2a:ea:e0:67:da:c3:c2:4d:
0c:19:a0:37:66:a4:a9:0a:68:fb:a4:49:20:22:db:
c5:2b:12:29:0c:89:f0:1a:fb:2e:a5:ad:ec:cc:e6:
22:4c:8a:28:b7:63:ba:67:08:b2:3e:b8:af:2f:6c:
65:b9:ed:43:79:f3:45:02:54:b3:9f:ee:d0:fb:01:
fa:26:18:a8:65:07:bb:1d:a7:63:36:d2:70:38:57:
f1:cb:19:14:5c:45:b4:55:79:c9:30:b8:63:cc:ac:
8c:eb:00:e2:43:11:1e:8f:62:80:09:72:84:dc:ed:
47:02:a2:a8:f9:b9:5b:33:dd:c3:f0:e2:44:a6:d4:
cb:8b:7c:f2:59:75:4b:45:98:32:f3:79:64:c4:ca:
65:4b:a6:7e:f6:75:35:43:6c:f1:6f:bb:c7:c4:e3:
9c:fc:c2:fe:05:c2:92:4e:8a:fb:20:b8:aa:f5:93:
3f:10:d5:24:a5:75:e1:8b:05:0b:c8:da:0e:26:52:
3a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F9:CD:09:01:5C:71:92:E6:0C:B6:99:CE:C8:DD:DD:0D:12:3B:96
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y_nNCQFccZLmDLaZzsjd3Q0SO5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.130.0/24
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
05:1f:24:02:e5:95:0e:09:ab:51:19:9a:2e:48:c8:53:08:6e:
78:38:9f:9b:d1:c8:20:b7:ac:4f:13:ba:42:51:9a:e2:cb:fb:
8e:8a:ad:c7:40:fe:82:fd:03:cd:4e:d6:b8:e7:ef:3a:88:4d:
1d:7a:ea:1a:1b:fa:6e:96:f4:0f:5d:bc:56:3d:df:d6:18:db:
df:78:a3:50:da:73:9c:16:1e:7c:84:42:f3:24:4e:c5:01:a9:
58:1a:80:15:28:96:3d:08:b7:13:a7:19:a0:ba:50:8f:24:3f:
d9:b5:ad:d4:f8:d5:40:f0:2a:55:4d:d0:12:ee:a0:f3:5b:f9:
97:45:7c:02:d3:81:35:36:3c:be:d0:64:82:a8:90:df:77:55:
b2:68:13:63:36:cd:55:dc:9a:a7:08:94:c0:cd:4e:ae:29:12:
af:42:f1:40:27:95:cc:4f:63:b4:6c:3a:00:6a:b5:23:03:af:
e0:e3:e2:fb:9f:be:9e:f5:00:ba:de:ee:b5:b2:77:68:92:53:
93:ba:ac:bd:73:5f:11:ce:86:17:7d:92:4d:ec:7f:a0:29:19:
af:1d:1e:7e:e8:b6:08:12:a7:9e:07:d4:e0:86:82:ec:45:8e:
bf:6d:77:53:cd:ad:2b:24:01:d0:bf:5b:71:cb:73:f5:22:23:
0e:38:f5:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKnUnwPEUeqwIGmO+ZolGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY5Y2QwOTAxNWM3MTkyZTYwY2I2OTljZWM4ZGRkZDBkMTIzYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngMXgMSSWO/Y/SJ3rdWubOwZz4xo
Y+Q8oMjH4GS1UgsmZSrkGGzXM4CAORtGafUOcdgd0dOH7faNSZcwB03K95edKurg
Z9rDwk0MGaA3ZqSpCmj7pEkgItvFKxIpDInwGvsupa3szOYiTIoot2O6ZwiyPriv
L2xlue1DefNFAlSzn+7Q+wH6JhioZQe7HadjNtJwOFfxyxkUXEW0VXnJMLhjzKyM
6wDiQxEej2KACXKE3O1HAqKo+blbM93D8OJEptTLi3zyWXVLRZgy83lkxMplS6Z+
9nU1Q2zxb7vHxOOc/ML+BcKSTor7ILiq9ZM/ENUkpXXhiwULyNoOJlI6PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMv5zQkBXHGS5gy2mc7I3d0NEjuWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveV9uTkNRRmNjWkxtRExhWnpzamQzUTBTTzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwleCAwQA
wlf2MA0GCSqGSIb3DQEBCwUAA4IBAQAFHyQC5ZUOCatRGZouSMhTCG54OJ+b0cgg
t6xPE7pCUZriy/uOiq3HQP6C/QPNTta45+86iE0deuoaG/pulvQPXbxWPd/WGNvf
eKNQ2nOcFh58hELzJE7FAalYGoAVKJY9CLcTpxmgulCPJD/Zta3U+NVA8CpVTdAS
7qDzW/mXRXwC04E1Njy+0GSCqJDfd1WyaBNjNs1V3JqnCJTAzU6uKRKvQvFAJ5XM
T2O0bDoAarUjA6/g4+L7n76e9QC63u61sndoklOTuqy9c18RzoYXfZJN7H+gKRmv
HR5+6LYIEqeeB9TghoLsRY6/bXdTza0rJAHQv1txy3P1IiMOOPUU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org