Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-711SzY5HwStvs-yIi4cFAu8VSI.roa
File: 1-711SzY5HwStvs-yIi4cFAu8VSI.roa (raw, json)
Hash identifier: wSjVJpVHO+dI+oekCfw+zx/qgjzLNl2kYrSohggsrWg=
Subject key identifier: FB:BD:75:4B:36:39:1F:04:AD:BE:CF:B2:22:2E:1C:14:0B:BC:55:22
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D0375140B37038E9E5716494F5F552309
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-711SzY5HwStvs-yIi4cFAu8VSI.roa
Signing time: Sat 13 Jan 2024 15:33:40 +0000
ROA not before: Sat 13 Jan 2024 15:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 04:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:03:75:14:0b:37:03:8e:9e:57:16:49:4f:5f:55:23:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 13 15:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbbd754b36391f04adbecfb2222e1c140bbc5522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:28:3a:5b:d0:dd:20:9f:24:39:05:2b:2c:68:
44:42:5a:b1:45:0c:c6:70:30:53:e6:42:26:a7:60:
84:aa:c9:b1:a5:89:7e:f0:50:41:59:9b:3f:c4:b2:
81:91:a3:90:dc:9a:a4:a0:6e:9f:d4:61:94:e6:4f:
9e:d7:81:da:c1:ee:b0:dd:80:92:68:55:46:01:de:
40:a7:8d:f9:6e:0c:41:86:fb:6b:c2:ec:1f:0c:e3:
38:71:63:e1:2a:f9:de:7f:6b:6a:5d:70:4d:fe:16:
0b:53:d7:a7:04:7f:11:69:c1:e5:f5:cb:14:cd:a5:
e6:13:d1:91:c9:28:7d:11:58:7d:8e:c3:9c:45:bf:
e1:b5:71:66:5f:d1:01:04:2c:04:8c:97:56:05:d2:
29:6e:04:d1:e0:33:44:1c:68:d7:6d:83:db:55:be:
4d:5f:cd:b1:25:15:83:1f:25:3f:5e:50:a4:a0:b5:
71:30:c5:ad:ff:e7:de:37:36:16:0a:44:20:b8:a3:
2d:6c:fa:8e:5b:63:6a:9b:61:a8:a7:e1:cd:60:16:
b2:0a:5d:67:18:20:3a:8e:63:15:33:22:d6:3d:17:
59:ed:66:06:e0:58:21:64:2c:6e:fd:f9:e1:2c:78:
2e:92:25:cb:b5:47:7e:09:6a:29:cf:c3:0f:04:93:
d5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:75:4B:36:39:1F:04:AD:BE:CF:B2:22:2E:1C:14:0B:BC:55:22
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-711SzY5HwStvs-yIi4cFAu8VSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.90.0/24
193.124.200.0/24
194.58.154.0/24
195.58.34.0/24
195.133.6.0/24
195.133.85.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6c:22:a8:ab:ca:82:77:40:71:ad:6c:e6:70:3d:95:6e:74:
33:9f:c6:63:9b:70:b2:ee:fc:35:00:33:5a:0b:4d:cc:c4:85:
4e:29:75:fd:65:d6:11:89:d9:4c:a3:fd:9e:d8:fc:31:ad:1e:
74:54:63:5d:86:78:0e:c4:6a:77:99:1d:c0:3d:84:b2:5a:86:
ab:69:80:96:65:9e:fd:f4:09:f9:f2:aa:e2:0a:b3:dd:17:7c:
8c:97:4f:9c:23:c9:7b:4f:a3:85:a5:96:24:49:94:67:23:ea:
b1:a9:dd:28:0c:18:22:c7:15:e4:6f:21:77:7c:1d:ed:eb:5d:
c1:4c:1c:7b:31:f9:aa:f3:6e:2d:3e:1a:02:d3:0e:86:e1:42:
09:15:d8:37:d7:7f:e6:e1:66:07:71:6e:6c:c6:f0:61:db:0a:
0e:cf:85:16:bd:92:40:1a:5b:9f:d2:02:6b:d0:52:1e:dc:ec:
44:cf:7a:79:fc:e9:7c:74:fd:03:40:88:df:07:08:e7:da:b2:
1b:78:fa:68:34:18:5c:a0:09:ad:43:8e:23:3e:9f:19:65:1b:
f4:be:79:59:9d:1e:b4:38:9b:24:06:68:31:a1:5d:b3:02:1c:
7d:cf:7c:a5:92:5b:ec:a7:7e:34:66:cf:32:e2:5f:dd:ea:53:
c0:22:ae:3e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY0DdRQLNwOOnlcWSU9fVSMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEzMTUzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkNzU0YjM2MzkxZjA0YWRiZWNmYjIyMjJlMWMxNDBiYmM1NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyig6W9DdIJ8kOQUrLGhEQlqxRQzG
cDBT5kImp2CEqsmxpYl+8FBBWZs/xLKBkaOQ3JqkoG6f1GGU5k+e14Hawe6w3YCS
aFVGAd5Ap435bgxBhvtrwuwfDOM4cWPhKvnef2tqXXBN/hYLU9enBH8RacHl9csU
zaXmE9GRySh9EVh9jsOcRb/htXFmX9EBBCwEjJdWBdIpbgTR4DNEHGjXbYPbVb5N
X82xJRWDHyU/XlCkoLVxMMWt/+feNzYWCkQguKMtbPqOW2Nqm2Gop+HNYBayCl1n
GCA6jmMVMyLWPRdZ7WYG4FghZCxu/fnhLHgukiXLtUd+CWopz8MPBJPVzwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPu9dUs2OR8Erb7PsiIuHBQLvFUiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS03MTFTelk1SHdTdHZzLXlJaTRjRkF1OFZTSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAMF8BwME
AMF8WgMEAMF8yAMEAMI6mgMEAMM6IgMEAMOFBgMEAMOFVTANBgkqhkiG9w0BAQsF
AAOCAQEACWwiqKvKgndAca1s5nA9lW50M5/GY5twsu78NQAzWgtNzMSFTil1/WXW
EYnZTKP9ntj8Ma0edFRjXYZ4DsRqd5kdwD2EslqGq2mAlmWe/fQJ+fKq4gqz3Rd8
jJdPnCPJe0+jhaWWJEmUZyPqsandKAwYIscV5G8hd3wd7etdwUwcezH5qvNuLT4a
AtMOhuFCCRXYN9d/5uFmB3FubMbwYdsKDs+FFr2SQBpbn9ICa9BSHtzsRM96efzp
fHT9A0CI3wcI59qyG3j6aDQYXKAJrUOOIz6fGWUb9L55WZ0etDibJAZoMaFdswIc
fc98pZJb7Kd+NGbPMuJf3epTwCKuPg==
-----END CERTIFICATE-----
Generated at Wed Jan 17 06:10:11 2024 by rpki-client on console-ams.rpki-client.org