Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/L_6YBDXl9nkxw-60R6-PEtpreP4.roa
File: L_6YBDXl9nkxw-60R6-PEtpreP4.roa (raw, json)
Hash identifier: +jVobK/MzFpbPamL3+eUoG/O7EaNRX+OsV/7jDe95pk=
Subject key identifier: 2F:FE:98:04:35:E5:F6:79:31:C3:EE:B4:47:AF:8F:12:DA:6B:78:FE
Certificate issuer: /CN=864f301e590b83eaa38fc121b6609ff6fe52b868
Certificate serial: 018CC348BFE020E5CA4B667A18AA06C70955
Authority key identifier: 86:4F:30:1E:59:0B:83:EA:A3:8F:C1:21:B6:60:9F:F6:FE:52:B8:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hk8wHlkLg-qjj8EhtmCf9v5SuGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/L_6YBDXl9nkxw-60R6-PEtpreP4.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41978
IP address blocks: 194.35.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bf:e0:20:e5:ca:4b:66:7a:18:aa:06:c7:09:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864f301e590b83eaa38fc121b6609ff6fe52b868
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ffe980435e5f67931c3eeb447af8f12da6b78fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e3:cf:ae:63:f9:33:d2:18:7c:a5:6f:34:c1:
e8:63:b7:df:c5:06:f8:ce:00:5e:00:a8:4a:5a:dc:
8c:c3:f4:f0:a3:ef:bd:b8:2a:b9:cf:fd:63:d9:ed:
28:4e:70:0b:b7:78:ab:c4:86:c5:71:11:66:f2:c0:
90:e1:df:52:1e:a5:41:63:0f:a3:be:d2:86:62:35:
dd:fa:08:f5:c8:72:40:69:85:97:ca:09:47:d2:26:
90:9d:77:53:0f:09:04:65:78:a8:5b:ed:64:1e:d5:
e6:6a:f2:5e:1c:43:ea:bf:a3:7a:bf:14:91:3b:5b:
26:ec:42:73:80:4c:8d:4f:e5:06:ce:e0:49:be:e0:
2f:f7:6b:9b:34:7a:f3:0c:a9:ac:b2:8e:1a:1d:51:
28:30:f5:de:ae:b6:5c:cd:9a:43:c3:8f:5e:bb:2d:
80:c7:92:1c:dc:36:d5:b5:5c:1f:b9:49:ee:3c:a3:
05:74:a2:bd:c7:ea:b4:8f:6b:b5:af:a2:c3:9b:c1:
52:fd:1e:28:7a:c8:72:a8:92:c1:b9:75:dd:7a:05:
22:83:44:e5:70:96:2f:a7:c8:a3:6a:3a:0d:83:9c:
1a:7e:4a:5d:be:2c:26:eb:f4:a1:ba:6b:9c:6e:d0:
26:e4:bd:29:aa:8f:29:60:1e:8d:17:1e:34:38:91:
84:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FE:98:04:35:E5:F6:79:31:C3:EE:B4:47:AF:8F:12:DA:6B:78:FE
X509v3 Authority Key Identifier:
keyid:86:4F:30:1E:59:0B:83:EA:A3:8F:C1:21:B6:60:9F:F6:FE:52:B8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hk8wHlkLg-qjj8EhtmCf9v5SuGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/L_6YBDXl9nkxw-60R6-PEtpreP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.74.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6b:7a:1e:de:3e:2a:ff:12:bb:a3:8f:29:c4:5c:f2:e8:00:
ab:a5:bd:41:a3:7e:d8:24:39:3f:59:bd:54:03:f5:71:dd:61:
04:e9:89:f5:58:80:a3:b8:77:c0:e1:81:97:59:58:e3:a1:5f:
78:34:6c:e5:79:94:ae:35:f4:a6:25:80:74:4c:79:0d:00:01:
ad:54:5c:3a:cf:b6:2e:e3:7c:8c:30:b4:d5:22:a9:68:22:87:
18:46:b7:ee:b0:bd:04:63:b9:5c:c7:d8:7b:05:2d:8a:e7:a5:
78:ac:ce:25:39:1c:b5:d8:82:ae:6f:e8:c6:bf:d8:b1:89:c8:
18:cd:bf:91:fa:38:e8:fa:43:5c:6a:69:88:d5:f7:1e:c5:50:
32:71:d7:40:62:74:80:57:3e:25:18:6c:63:60:fb:61:4c:20:
3f:d9:80:9e:96:de:d5:15:f4:a8:eb:d1:e1:ad:28:12:4b:64:
df:6d:13:06:7a:f1:dd:9f:7f:4d:0b:8d:86:7e:5b:b5:2d:97:
a1:96:18:04:03:37:ad:df:80:da:63:5c:c4:b3:bb:ed:dc:66:
21:d9:d7:df:39:73:5e:6d:b0:dd:60:19:49:37:ce:fa:31:02:
a9:95:ae:26:34:45:df:30:30:0e:75:cf:de:f5:75:c8:ac:12:
1d:a8:f5:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSL/gIOXKS2Z6GKoGxwlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGYzMDFlNTkwYjgzZWFhMzhmYzEyMWI2NjA5ZmY2ZmU1
MmI4NjgwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZlOTgwNDM1ZTVmNjc5MzFjM2VlYjQ0N2FmOGYxMmRhNmI3OGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ePPrmP5M9IYfKVvNMHoY7ffxQb4
zgBeAKhKWtyMw/Two++9uCq5z/1j2e0oTnALt3irxIbFcRFm8sCQ4d9SHqVBYw+j
vtKGYjXd+gj1yHJAaYWXyglH0iaQnXdTDwkEZXioW+1kHtXmavJeHEPqv6N6vxSR
O1sm7EJzgEyNT+UGzuBJvuAv92ubNHrzDKmsso4aHVEoMPXerrZczZpDw49euy2A
x5Ic3DbVtVwfuUnuPKMFdKK9x+q0j2u1r6LDm8FS/R4oeshyqJLBuXXdegUig0Tl
cJYvp8ijajoNg5wafkpdviwm6/ShumucbtAm5L0pqo8pYB6NFx40OJGEYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/+mAQ15fZ5McPutEevjxLaa3j+MB8GA1UdIwQY
MBaAFIZPMB5ZC4Pqo4/BIbZgn/b+UrhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGs4d0hsa0xnLXFqajhFaHRtQ2Y5djVTdUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82MjRmNjQtMGE0YS00ZDI1LWFmY2Ut
MGYzOWM0YjM0MzFkLzEvTF82WUJEWGw5bmt4dy02MFI2LVBFdHByZVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82MjRmNjQtMGE0YS00ZDI1LWFmY2UtMGYzOWM0YjM0MzFk
LzEvaGs4d0hsa0xnLXFqajhFaHRtQ2Y5djVTdUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiNKMA0G
CSqGSIb3DQEBCwUAA4IBAQAXa3oe3j4q/xK7o48pxFzy6ACrpb1Bo37YJDk/Wb1U
A/Vx3WEE6Yn1WICjuHfA4YGXWVjjoV94NGzleZSuNfSmJYB0THkNAAGtVFw6z7Yu
43yMMLTVIqloIocYRrfusL0EY7lcx9h7BS2K56V4rM4lORy12IKub+jGv9ixicgY
zb+R+jjo+kNcammI1fcexVAycddAYnSAVz4lGGxjYPthTCA/2YCelt7VFfSo69Hh
rSgSS2TfbRMGevHdn39NC42Gflu1LZehlhgEAzet34DaY1zEs7vt3GYh2dffOXNe
bbDdYBlJN876MQKpla4mNEXfMDAOdc/e9XXIrBIdqPVw
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:14 2025 by rpki-client