Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/03drsA8QvVsUbhusZm3DYFNeEJM.roa
File: 03drsA8QvVsUbhusZm3DYFNeEJM.roa (raw, json)
Hash identifier: pP0HY5CYmoiwfdA+x/Z+x1HzneQKlN8FgSftDZXchXc=
Subject key identifier: D3:77:6B:B0:0F:10:BD:5B:14:6E:1B:AC:66:6D:C3:60:53:5E:10:93
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019103E06C17A380CAB5FD2A8146A50E9FFE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/03drsA8QvVsUbhusZm3DYFNeEJM.roa
Signing time: Tue 30 Jul 2024 13:42:04 +0000
ROA not before: Tue 30 Jul 2024 13:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 193.124.35.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Aug 2024 09:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:e0:6c:17:a3:80:ca:b5:fd:2a:81:46:a5:0e:9f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 30 13:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3776bb00f10bd5b146e1bac666dc360535e1093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:5a:60:08:bf:35:99:9c:9c:16:e0:31:c0:
62:1b:e7:1f:4b:11:8e:7b:da:a3:59:d2:fe:fb:1a:
de:9a:af:a6:fa:34:c8:68:8f:a8:3f:e7:4c:0c:66:
c1:c1:a9:07:56:65:ee:bb:fa:f7:4f:45:87:f9:0a:
dd:c8:08:a4:ed:61:69:27:63:ec:e7:d5:06:eb:f0:
23:d0:e0:26:ef:02:a1:71:6e:62:4f:6b:9f:d2:85:
5b:71:fd:42:b6:77:3e:40:da:54:61:52:9e:3f:e2:
3d:66:44:df:17:52:9f:8e:e9:a7:5d:df:95:7f:5a:
b6:cf:38:bc:4a:6c:7d:c0:1f:18:d0:ac:3c:68:ff:
b5:5c:64:32:63:4b:c0:ee:3f:50:8e:12:22:05:a7:
66:c1:b5:ee:3b:1b:8a:79:ee:fa:35:72:44:83:78:
00:ce:50:f7:2d:58:37:fd:0d:be:ca:28:14:5f:92:
6a:53:98:30:31:ba:f7:2d:f5:04:ef:03:91:b9:09:
3d:cb:2c:a1:f2:92:93:6f:4a:2b:7d:f1:35:dc:b8:
97:9a:93:c4:e0:9a:16:e1:0d:2b:0a:83:59:48:27:
67:3e:d6:3e:de:2a:df:8d:6d:9a:c5:45:63:c0:78:
b4:a6:cc:24:2f:e0:d6:6a:b9:fd:d8:1f:84:b8:c7:
81:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:77:6B:B0:0F:10:BD:5B:14:6E:1B:AC:66:6D:C3:60:53:5E:10:93
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/03drsA8QvVsUbhusZm3DYFNeEJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
193.124.133.0/24
194.87.246.0/24
195.133.50.0/24
195.133.76.0/24
212.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
42:df:02:6c:14:6a:ac:79:67:c6:30:9e:04:e0:51:5f:71:42:
d0:7f:67:5c:05:76:48:fc:bd:40:fa:e7:44:f9:fb:47:0d:96:
54:30:a4:5e:be:a9:8a:d9:81:db:41:c6:51:d0:99:f3:6f:e1:
9a:85:95:af:a9:6a:d9:a6:e1:02:3f:5f:2f:a1:b9:c9:a6:e1:
c3:6c:ab:fb:8f:01:e1:6a:71:12:bc:59:9c:2f:c5:e6:d2:b9:
cd:39:01:c3:4b:25:fe:76:45:a5:b0:d4:66:66:5b:cd:5e:19:
a3:ce:29:4a:50:20:49:ed:2c:51:2c:c7:40:6d:6e:d4:7e:4b:
cd:17:65:9d:86:43:80:24:94:19:aa:4d:84:23:5c:3f:8a:48:
0f:d3:2d:06:20:3f:f2:d9:36:07:4e:45:cb:10:5e:04:0b:ae:
42:52:64:44:c5:8d:bd:91:f8:cf:97:e7:e0:03:bc:74:e2:de:
e0:ba:32:c9:bc:db:77:f5:00:ee:fc:c6:bd:de:b3:33:96:3f:
f8:4d:25:fb:31:a6:5a:77:8d:aa:bb:f0:94:78:ab:c9:49:17:
be:af:17:31:05:4d:45:e8:f5:7b:e7:af:40:f3:ab:b6:89:10:
eb:42:85:3f:f6:6d:49:5b:94:e0:55:cd:bd:5e:43:10:c2:75:
22:01:8f:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZED4GwXo4DKtf0qgUalDp/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzMwMTM0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc3NmJiMDBmMTBiZDViMTQ2ZTFiYWM2NjZkYzM2MDUzNWUxMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc9aYAi/NZmcnBbgMcBiG+cfSxGO
e9qjWdL++xremq+m+jTIaI+oP+dMDGbBwakHVmXuu/r3T0WH+QrdyAik7WFpJ2Ps
59UG6/Aj0OAm7wKhcW5iT2uf0oVbcf1Ctnc+QNpUYVKeP+I9ZkTfF1KfjumnXd+V
f1q2zzi8Smx9wB8Y0Kw8aP+1XGQyY0vA7j9QjhIiBadmwbXuOxuKee76NXJEg3gA
zlD3LVg3/Q2+yigUX5JqU5gwMbr3LfUE7wORuQk9yyyh8pKTb0orffE13LiXmpPE
4JoW4Q0rCoNZSCdnPtY+3irfjW2axUVjwHi0pswkL+DWarn92B+EuMeBBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNN3a7APEL1bFG4brGZtw2BTXhCTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMDNkcnNBOFF2VnNVYmh1c1ptM0RZRk5lRUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwjAwQA
wXyFAwQAwlf2AwQAw4UyAwQAw4VMAwQA1MEEMA0GCSqGSIb3DQEBCwUAA4IBAQBC
3wJsFGqseWfGMJ4E4FFfcULQf2dcBXZI/L1A+udE+ftHDZZUMKRevqmK2YHbQcZR
0Jnzb+GahZWvqWrZpuECP18vobnJpuHDbKv7jwHhanESvFmcL8Xm0rnNOQHDSyX+
dkWlsNRmZlvNXhmjzilKUCBJ7SxRLMdAbW7UfkvNF2WdhkOAJJQZqk2EI1w/ikgP
0y0GID/y2TYHTkXLEF4EC65CUmRExY29kfjPl+fgA7x04t7gujLJvNt39QDu/Ma9
3rMzlj/4TSX7MaZad42qu/CUeKvJSRe+rxcxBU1F6PV7569A86u2iRDrQoU/9m1J
W5TgVc29XkMQwnUiAY9E
-----END CERTIFICATE-----
Generated at Sat Aug 10 11:06:56 2024 by rpki-client on console-fra.rpki-client.org