Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycSYYHCOueikcQXtswqRIXMCtfc.roa
File: ycSYYHCOueikcQXtswqRIXMCtfc.roa (raw, json)
Hash identifier: S0iZHdPv4lKxTUbJ3guUvbkQrbRKrfC7Ttb3tvg3f9o=
Subject key identifier: C9:C4:98:60:70:8E:B9:E8:A4:71:05:ED:B3:0A:91:21:73:02:B5:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189B1038EF12EE6781B499AC8FAFFB6BF52
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycSYYHCOueikcQXtswqRIXMCtfc.roa
Signing time: Tue 01 Aug 2023 12:12:27 +0000
ROA not before: Tue 01 Aug 2023 12:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:03:8e:f1:2e:e6:78:1b:49:9a:c8:fa:ff:b6:bf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 1 12:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9c49860708eb9e8a47105edb30a91217302b5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:92:bf:f2:e9:15:2b:4d:58:ff:29:35:e5:93:
75:05:0b:4a:da:5d:e4:b1:9b:2c:3f:bb:27:44:7f:
ce:be:cd:b7:c2:53:af:8c:b3:32:d4:3b:0e:9a:5c:
66:05:75:30:87:ff:70:88:a7:04:f2:2f:4a:3d:7c:
30:76:50:49:a5:17:41:df:0c:4b:cf:74:93:aa:1b:
94:05:66:f9:82:7b:f3:57:9c:f5:60:64:f5:1a:df:
6d:05:fb:e1:a2:aa:30:01:c1:57:82:34:c9:05:33:
0b:e4:7d:54:05:b4:ab:13:c8:f9:24:6d:ab:82:1d:
ba:bf:60:2f:11:64:1a:34:9f:bc:87:b3:e7:48:f9:
28:d4:fc:d8:2e:0b:d5:d6:3d:46:4a:e4:b2:00:ca:
75:b1:d7:d6:78:7c:c4:01:37:ed:6d:eb:32:81:e4:
55:d9:27:c4:1d:25:73:10:25:3c:7a:58:fe:cf:03:
ca:5e:48:2d:a5:ef:f8:73:97:f8:4a:7e:47:47:fa:
d4:46:c8:0b:50:78:2f:2b:e7:bc:c5:b2:6d:50:9c:
c9:c3:2f:fd:99:3c:7a:13:bf:93:34:bf:f7:8e:7f:
7c:b4:ce:41:29:a2:45:13:ea:bd:9a:8f:22:d2:30:
25:34:53:d5:24:71:0f:4b:b6:8c:35:38:76:10:af:
57:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C4:98:60:70:8E:B9:E8:A4:71:05:ED:B3:0A:91:21:73:02:B5:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ycSYYHCOueikcQXtswqRIXMCtfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.163.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ea:6f:a4:a5:91:74:48:d8:a3:45:07:64:d7:cf:2a:ef:ea:
fd:5e:a8:64:75:d7:ce:ce:cd:78:4e:80:d5:b5:47:d2:76:c0:
41:d4:95:ef:c8:3d:cf:fc:a3:a8:3b:d2:b5:69:6e:55:ca:b1:
2d:75:74:25:d8:88:14:a7:5d:20:f3:f1:60:39:8b:5e:dc:ce:
b9:6f:84:6f:68:ed:6b:4c:f2:d3:46:1c:7a:6d:3f:a6:9b:9d:
76:76:d0:a9:58:d2:7b:fe:4e:18:0a:06:bd:e9:6e:be:fb:ae:
5d:e9:1d:e4:4a:15:fd:63:1a:d0:51:e1:0c:80:fd:c3:3c:a8:
db:72:21:2d:3e:cc:a8:cf:25:10:9c:10:81:7a:fc:a3:ae:da:
8d:a0:b2:61:dd:27:8f:b6:1e:6a:53:6e:43:cb:69:37:c9:43:
5a:08:fe:53:1a:5d:05:4a:24:72:1f:97:b7:74:b1:2c:2c:2a:
74:af:45:3d:d8:7b:bf:4d:73:e0:c6:a6:e9:5f:3a:62:93:81:
5a:33:b8:1d:4e:ef:87:c3:ca:85:eb:0f:f2:33:f9:33:90:d6:
24:8c:ea:71:82:03:02:ad:ee:14:8e:47:23:01:3f:13:31:c1:
bd:94:40:2e:3c:4f:65:e0:85:4e:e7:e8:fe:a7:ef:cc:a9:c8:
ba:8e:c2:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmxA47xLuZ4G0mayPr/tr9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAxMTIxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWM0OTg2MDcwOGViOWU4YTQ3MTA1ZWRiMzBhOTEyMTczMDJiNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpK/8ukVK01Y/yk15ZN1BQtK2l3k
sZssP7snRH/Ovs23wlOvjLMy1DsOmlxmBXUwh/9wiKcE8i9KPXwwdlBJpRdB3wxL
z3STqhuUBWb5gnvzV5z1YGT1Gt9tBfvhoqowAcFXgjTJBTML5H1UBbSrE8j5JG2r
gh26v2AvEWQaNJ+8h7PnSPko1PzYLgvV1j1GSuSyAMp1sdfWeHzEATftbesygeRV
2SfEHSVzECU8elj+zwPKXkgtpe/4c5f4Sn5HR/rURsgLUHgvK+e8xbJtUJzJwy/9
mTx6E7+TNL/3jn98tM5BKaJFE+q9mo8i0jAlNFPVJHEPS7aMNTh2EK9XaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnEmGBwjrnopHEF7bMKkSFzArX3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWNTWVlIQ091ZWlrY1FYdHN3cVJJWE1DdGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlejMA0G
CSqGSIb3DQEBCwUAA4IBAQAt6m+kpZF0SNijRQdk188q7+r9XqhkddfOzs14ToDV
tUfSdsBB1JXvyD3P/KOoO9K1aW5VyrEtdXQl2IgUp10g8/FgOYte3M65b4RvaO1r
TPLTRhx6bT+mm512dtCpWNJ7/k4YCga96W6++65d6R3kShX9YxrQUeEMgP3DPKjb
ciEtPsyozyUQnBCBevyjrtqNoLJh3SePth5qU25Dy2k3yUNaCP5TGl0FSiRyH5e3
dLEsLCp0r0U92Hu/TXPgxqbpXzpik4FaM7gdTu+Hw8qF6w/yM/kzkNYkjOpxggMC
re4UjkcjAT8TMcG9lEAuPE9l4IVO5+j+p+/Mqci6jsKI
-----END CERTIFICATE-----
Generated at Tue Aug 1 12:55:33 2023 by rpki-client on console-fra.rpki-client.org