Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/92e46a-4b9f-4f83-b111-ef00198b4342/1/h6J8ZXoXYjQl0XoQYqMN0cjLBrY.roa
File: h6J8ZXoXYjQl0XoQYqMN0cjLBrY.roa (raw, json)
Hash identifier: h8LWGKh1ey5cIzDj/TpEnAb+V9d1lVnKz5Y0o9bQaGw=
Subject key identifier: 87:A2:7C:65:7A:17:62:34:25:D1:7A:10:62:A3:0D:D1:C8:CB:06:B6
Certificate issuer: /CN=0fde97eed4d8e845eb9f8e7ff326e3fe524800fa
Certificate serial: 018CC26D06D8AA75991C31CEE3BD02716CCF
Authority key identifier: 0F:DE:97:EE:D4:D8:E8:45:EB:9F:8E:7F:F3:26:E3:FE:52:48:00:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D96X7tTY6EXrn45_8ybj_lJIAPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/92e46a-4b9f-4f83-b111-ef00198b4342/1/h6J8ZXoXYjQl0XoQYqMN0cjLBrY.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45015
IP address blocks: 194.35.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:06:d8:aa:75:99:1c:31:ce:e3:bd:02:71:6c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fde97eed4d8e845eb9f8e7ff326e3fe524800fa
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a27c657a17623425d17a1062a30dd1c8cb06b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1f:94:6f:35:ea:a4:e3:61:83:00:e3:66:fc:
f5:71:ff:a7:28:82:94:46:00:2f:9b:35:cd:7e:88:
26:5a:6e:02:39:3e:a4:a1:1e:96:a3:9c:ef:04:0d:
84:e8:c4:91:03:5f:5a:15:bd:f5:89:a7:28:8e:d2:
6d:2f:29:95:cb:e0:b5:62:4b:a7:ae:1b:33:c1:4c:
69:9e:12:93:eb:5a:58:e7:35:b6:61:3d:02:48:d1:
98:2e:24:49:62:4d:a8:50:53:c6:d0:ac:80:a4:82:
99:1e:f4:48:dc:ef:f4:c9:c0:55:39:84:05:27:f7:
5c:9f:0a:d9:6d:27:51:e9:3f:ed:35:a2:c0:bb:4e:
0c:64:2a:88:76:d2:da:f4:6f:a9:fc:2e:1b:f9:27:
77:57:bc:4d:b0:b8:2b:25:40:4c:27:7e:03:4d:9c:
fa:74:13:9a:dd:eb:6f:63:35:47:26:83:d6:dd:70:
69:57:62:a0:e9:33:64:cb:6b:73:31:97:c1:ba:fb:
c3:82:4b:a8:af:2b:02:e8:01:a4:4a:78:96:f5:a1:
9e:48:25:c5:1d:29:52:c3:ec:8c:4e:50:d1:1a:e2:
5a:91:00:d6:8c:9b:b6:d1:73:b4:21:55:55:f0:7e:
f1:67:c2:1f:7c:84:b3:b2:77:81:56:d9:ea:8a:0f:
02:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A2:7C:65:7A:17:62:34:25:D1:7A:10:62:A3:0D:D1:C8:CB:06:B6
X509v3 Authority Key Identifier:
keyid:0F:DE:97:EE:D4:D8:E8:45:EB:9F:8E:7F:F3:26:E3:FE:52:48:00:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D96X7tTY6EXrn45_8ybj_lJIAPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/92e46a-4b9f-4f83-b111-ef00198b4342/1/h6J8ZXoXYjQl0XoQYqMN0cjLBrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/92e46a-4b9f-4f83-b111-ef00198b4342/1/D96X7tTY6EXrn45_8ybj_lJIAPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.176.0/22
Signature Algorithm: sha256WithRSAEncryption
89:fd:d9:ac:e5:3e:4d:71:dd:7a:f7:56:54:b6:e9:8b:47:00:
be:9c:73:95:b8:cb:2e:a6:3b:34:85:91:69:87:60:4c:09:97:
a7:2d:c8:bb:83:ad:d6:82:c8:f2:4d:cc:b3:29:6c:11:6c:ae:
9a:53:43:1c:d4:44:cb:65:a0:05:c1:70:96:9a:d1:d2:34:04:
39:3c:7d:5d:1d:07:52:96:ca:03:f7:c2:4c:32:53:be:84:f2:
e8:7e:6c:48:66:bb:f7:3a:e9:af:70:48:f3:f8:c7:da:98:fd:
52:c4:02:cd:45:84:44:ca:44:09:f2:3e:41:11:f0:fd:87:a7:
41:ca:70:94:50:86:a2:c0:66:71:86:d1:de:28:06:d9:a5:09:
b4:09:c9:9b:a3:59:17:80:12:d6:28:87:e0:08:eb:a8:5f:c6:
66:85:4e:b9:98:68:f3:d4:63:8f:11:7b:6e:32:42:b8:64:5d:
00:df:aa:a0:35:db:68:3e:88:5f:15:13:a4:c9:db:b0:1a:c1:
e0:9d:ea:ac:aa:f1:3b:e3:67:23:10:31:ca:f6:60:e4:83:39:
8a:1c:6d:6b:db:5a:40:6c:b8:e8:8a:ac:39:79:e6:d2:16:c2:
bf:01:f8:e2:b7:ec:ba:89:e4:14:8c:9b:34:ba:79:3d:21:7c:
b6:3f:24:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQbYqnWZHDHO470CcWzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGU5N2VlZDRkOGU4NDVlYjlmOGU3ZmYzMjZlM2ZlNTI0
ODAwZmEwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2EyN2M2NTdhMTc2MjM0MjVkMTdhMTA2MmEzMGRkMWM4Y2IwNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR+UbzXqpONhgwDjZvz1cf+nKIKU
RgAvmzXNfogmWm4COT6koR6Wo5zvBA2E6MSRA19aFb31iacojtJtLymVy+C1Ykun
rhszwUxpnhKT61pY5zW2YT0CSNGYLiRJYk2oUFPG0KyApIKZHvRI3O/0ycBVOYQF
J/dcnwrZbSdR6T/tNaLAu04MZCqIdtLa9G+p/C4b+Sd3V7xNsLgrJUBMJ34DTZz6
dBOa3etvYzVHJoPW3XBpV2Kg6TNky2tzMZfBuvvDgkuorysC6AGkSniW9aGeSCXF
HSlSw+yMTlDRGuJakQDWjJu20XO0IVVV8H7xZ8IffISzsneBVtnqig8CAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeifGV6F2I0JdF6EGKjDdHIywa2MB8GA1UdIwQY
MBaAFA/el+7U2OhF65+Of/Mm4/5SSAD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDk2WDd0VFk2RVhybjQ1Xzh5YmpfbEpJQVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85MmU0NmEtNGI5Zi00ZjgzLWIxMTEt
ZWYwMDE5OGI0MzQyLzEvaDZKOFpYb1hZalFsMFhvUVlxTU4wY2pMQnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85MmU0NmEtNGI5Zi00ZjgzLWIxMTEtZWYwMDE5OGI0MzQy
LzEvRDk2WDd0VFk2RVhybjQ1Xzh5YmpfbEpJQVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ/dms5T5Ncd1691ZUtumLRwC+nHOVuMsupjs0hZFp
h2BMCZenLci7g63WgsjyTcyzKWwRbK6aU0Mc1ETLZaAFwXCWmtHSNAQ5PH1dHQdS
lsoD98JMMlO+hPLofmxIZrv3OumvcEjz+MfamP1SxALNRYREykQJ8j5BEfD9h6dB
ynCUUIaiwGZxhtHeKAbZpQm0Ccmbo1kXgBLWKIfgCOuoX8ZmhU65mGjz1GOPEXtu
MkK4ZF0A36qgNdtoPohfFROkyduwGsHgneqsqvE742cjEDHK9mDkgzmKHG1r21pA
bLjoiqw5eebSFsK/Afjit+y6ieQUjJs0unk9IXy2PyRj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:52 2025 by rpki-client