Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5xc_-qKthHa4dtYeRTiS4EYioM.roa
File: z5xc_-qKthHa4dtYeRTiS4EYioM.roa (raw, json)
Hash identifier: vbboJEfZjApibKN8VwQonDpdEJUf8SoD3lx0e4qbpvs=
Subject key identifier: CF:9C:5C:FF:EA:8A:B6:11:DA:E1:DB:58:79:14:E2:4B:81:18:8A:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A691091906AE1DD1232C14B4711BBAFAF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5xc_-qKthHa4dtYeRTiS4EYioM.roa
Signing time: Wed 06 Sep 2023 05:56:48 +0000
ROA not before: Wed 06 Sep 2023 05:56:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206216
IP address blocks: 194.87.169.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:10:91:90:6a:e1:dd:12:32:c1:4b:47:11:bb:af:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 05:56:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf9c5cffea8ab611dae1db587914e24b81188a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6a:39:b3:ed:b2:ca:24:c6:a7:44:20:f5:18:
4e:29:17:19:d9:ec:fc:eb:3f:c2:a1:be:b5:e9:94:
b9:49:b5:c9:7e:ab:e7:4e:c3:d2:40:74:b9:78:7e:
fa:49:a7:6e:a2:06:5d:68:86:7c:b0:e7:be:d0:15:
4a:af:ba:54:22:c0:32:05:db:78:91:26:1a:a2:8b:
fa:fb:be:cd:a3:f9:4c:f8:57:87:6e:35:45:74:5f:
14:1f:4d:4d:97:78:44:08:1b:03:25:77:df:7d:ef:
da:bf:4b:23:bb:8d:63:3c:a3:45:33:95:7e:4d:d5:
db:d4:51:91:4b:9c:98:96:d3:5e:f0:7e:cf:46:17:
e3:5f:d6:b1:0b:1c:48:1c:ee:5a:76:8f:8b:5a:01:
bf:51:60:41:d4:f8:6c:01:b1:da:55:68:0c:7a:d7:
56:05:f4:ce:f9:5e:ea:61:86:10:af:dc:ac:da:42:
6e:45:62:89:c4:b9:ac:80:01:f4:6e:85:1d:57:1f:
a6:4b:db:dc:4b:18:93:9b:78:fe:ca:f1:a6:0d:d3:
2e:4a:7d:7b:7d:f8:c5:9c:80:21:2c:04:49:7d:98:
29:25:2c:1c:68:1e:4f:c3:fe:85:8c:39:da:e9:e0:
39:85:b2:66:b0:35:e0:4b:33:da:b8:15:41:ac:2c:
91:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9C:5C:FF:EA:8A:B6:11:DA:E1:DB:58:79:14:E2:4B:81:18:8A:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/z5xc_-qKthHa4dtYeRTiS4EYioM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.169.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:21:01:6f:e7:c7:1c:2e:f6:86:38:cd:51:e6:fc:aa:3e:39:
f9:86:08:99:4e:ed:7a:40:7d:bb:68:a9:1b:53:9a:87:25:cf:
41:30:53:ac:2f:73:f7:1f:5c:5c:4d:5c:b1:04:1f:59:4e:11:
d2:d4:8f:2e:79:a2:49:53:d2:03:57:f3:eb:a7:cf:51:d2:e8:
36:62:45:7c:d7:9a:6b:3f:92:ff:dc:53:92:3c:a7:13:57:55:
92:99:66:e7:b0:1d:9a:ba:19:79:b0:91:bb:d8:4f:75:4e:5f:
8f:b9:c2:25:23:43:ab:a7:f5:bd:41:fa:f2:6b:1b:47:67:88:
ac:93:35:a2:0a:1f:5f:15:ad:b8:8f:16:57:be:f5:35:1a:21:
1f:db:66:c2:d6:2b:3c:7f:27:cc:63:d8:92:59:8d:8b:7f:fb:
bb:d9:2a:2a:1c:40:eb:02:73:e9:b6:eb:39:91:79:44:67:25:
59:e3:1b:d5:13:2a:e0:a0:a4:4a:71:0f:f6:5d:9b:00:c1:78:
bf:c0:d0:e6:82:a2:14:15:c3:27:ad:c1:42:19:f0:ec:1c:cc:
0b:46:c2:61:90:c4:4c:7a:32:e9:a5:9a:8c:90:02:a1:56:a2:
82:f4:da:aa:e7:8f:de:e2:39:7c:99:2c:b0:f2:51:6b:d5:4c:
31:42:12:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYppEJGQauHdEjLBS0cRu6+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MDU1NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjljNWNmZmVhOGFiNjExZGFlMWRiNTg3OTE0ZTI0YjgxMTg4YTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGo5s+2yyiTGp0Qg9RhOKRcZ2ez8
6z/Cob616ZS5SbXJfqvnTsPSQHS5eH76SaduogZdaIZ8sOe+0BVKr7pUIsAyBdt4
kSYaoov6+77No/lM+FeHbjVFdF8UH01Nl3hECBsDJXfffe/av0sju41jPKNFM5V+
TdXb1FGRS5yYltNe8H7PRhfjX9axCxxIHO5ado+LWgG/UWBB1PhsAbHaVWgMetdW
BfTO+V7qYYYQr9ys2kJuRWKJxLmsgAH0boUdVx+mS9vcSxiTm3j+yvGmDdMuSn17
ffjFnIAhLARJfZgpJSwcaB5Pw/6FjDna6eA5hbJmsDXgSzPauBVBrCyRNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM+cXP/qirYR2uHbWHkU4kuBGIqDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvejV4Y18tcUt0aEhhNGR0WWVSVGlTNEVZaW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlepAwQA
1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQBbIQFv58ccLvaGOM1R5vyqPjn5hgiZTu16
QH27aKkbU5qHJc9BMFOsL3P3H1xcTVyxBB9ZThHS1I8ueaJJU9IDV/Prp89R0ug2
YkV815prP5L/3FOSPKcTV1WSmWbnsB2auhl5sJG72E91Tl+PucIlI0Orp/W9Qfry
axtHZ4iskzWiCh9fFa24jxZXvvU1GiEf22bC1is8fyfMY9iSWY2Lf/u72SoqHEDr
AnPptus5kXlEZyVZ4xvVEyrgoKRKcQ/2XZsAwXi/wNDmgqIUFcMnrcFCGfDsHMwL
RsJhkMRMejLppZqMkAKhVqKC9Nqq54/e4jl8mSyw8lFr1UwxQhKd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org