Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-whNEDBBLvjmWJlRSDUTOhke2sE.roa
File: 1-whNEDBBLvjmWJlRSDUTOhke2sE.roa (raw, json)
Hash identifier: 5p4dAK7jWkZ2SmYbZNKuOA74s1y3nw0vVR1YiUydBLw=
Subject key identifier: FB:08:4D:10:30:41:2E:F8:E6:58:99:51:48:35:13:3A:19:1E:DA:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D587D8E1FAA0F0A84422BEE26A65CD766
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-whNEDBBLvjmWJlRSDUTOhke2sE.roa
Signing time: Tue 30 Jan 2024 03:50:39 +0000
ROA not before: Tue 30 Jan 2024 03:50:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.87.66.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 05:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:58:7d:8e:1f:aa:0f:0a:84:42:2b:ee:26:a6:5c:d7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 03:50:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb084d1030412ef8e65899514835133a191edac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6f:22:cb:47:aa:61:5a:e3:5c:36:40:82:f7:
d5:20:15:46:7b:7c:8a:3b:61:7d:30:16:78:aa:84:
51:72:97:b1:d4:1d:8b:ae:5e:e6:9b:52:4d:38:72:
d4:72:0d:2b:15:64:de:bc:fb:58:19:d0:8f:d0:a2:
61:1e:91:5f:79:53:bf:f6:8f:b8:47:45:e6:78:d5:
bd:74:2e:5c:48:12:ab:75:68:7b:f3:43:98:ce:d0:
9f:92:f3:fa:b0:0e:04:c2:e0:2b:72:35:49:c7:2e:
7d:20:5e:9a:95:52:bf:b6:ee:c2:01:b9:2a:5a:18:
45:33:73:ea:d6:31:26:cc:e4:74:60:81:bc:77:fa:
18:b5:9a:cf:cb:dd:da:1f:41:fe:ce:dd:10:15:6f:
ac:bf:08:84:9d:41:e8:09:cd:a6:94:b4:85:99:a7:
ef:1a:09:e2:18:7f:d2:29:17:63:52:bd:fa:be:8d:
37:f7:38:a9:d4:af:79:70:71:81:a2:c5:c5:96:7a:
f1:d0:3d:06:9d:07:4e:dd:de:d9:d4:8b:83:48:ef:
09:87:80:4e:6e:7a:20:08:af:f4:71:9f:7c:88:78:
9c:93:fc:30:93:be:7c:34:18:ce:9a:40:70:2f:90:
e6:ee:7c:2d:43:6c:4a:8c:98:06:6b:30:e6:67:05:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:08:4D:10:30:41:2E:F8:E6:58:99:51:48:35:13:3A:19:1E:DA:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-whNEDBBLvjmWJlRSDUTOhke2sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.66.0/24
194.135.30.0/24
195.58.35.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:15:4d:37:be:aa:14:cb:d3:d5:d6:14:ba:05:5f:25:d9:4b:
93:07:eb:44:20:51:29:33:5a:d3:79:2e:6f:a3:f2:bb:10:5d:
ff:6c:94:4f:31:02:54:3b:89:91:c0:c1:c5:06:78:46:c7:61:
77:36:94:f6:8d:e7:1e:f4:82:6c:17:b9:29:ec:3f:cf:7e:a4:
de:08:2c:f3:5c:4f:bd:d7:30:69:2c:54:fd:bf:49:97:b1:8d:
f1:09:a0:18:cd:ec:38:75:f5:11:1b:2b:80:fb:ed:77:40:8d:
7a:84:3b:2e:0c:9a:c6:a0:49:45:d1:06:cc:11:ae:1b:a2:2a:
03:71:36:62:fc:78:e1:f4:3a:4a:e5:eb:51:d6:ab:e6:5b:13:
4a:de:2a:fc:a5:29:1c:4f:13:10:0b:8e:ea:84:ab:6b:d2:3f:
fd:85:da:06:c2:c1:f5:6d:ad:72:b2:ab:73:52:2d:bc:01:c6:
78:67:c4:c3:46:a3:58:6f:dd:da:51:a4:b0:f8:cf:a1:83:54:
b9:67:02:f2:e1:54:f2:69:6d:3c:a8:e7:27:b7:c2:e5:8f:a6:
00:f6:47:4d:b0:ae:d1:e0:f8:f6:77:f5:59:a5:01:e7:7b:b9:
e3:bb:5f:b0:53:50:42:ce:e7:14:2b:51:05:f7:c7:30:c9:da:
17:2a:e2:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY1YfY4fqg8KhEIr7iamXNdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTMwMDM1MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA4NGQxMDMwNDEyZWY4ZTY1ODk5NTE0ODM1MTMzYTE5MWVkYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG8iy0eqYVrjXDZAgvfVIBVGe3yK
O2F9MBZ4qoRRcpex1B2Lrl7mm1JNOHLUcg0rFWTevPtYGdCP0KJhHpFfeVO/9o+4
R0XmeNW9dC5cSBKrdWh780OYztCfkvP6sA4EwuArcjVJxy59IF6alVK/tu7CAbkq
WhhFM3Pq1jEmzOR0YIG8d/oYtZrPy93aH0H+zt0QFW+svwiEnUHoCc2mlLSFmafv
GgniGH/SKRdjUr36vo039zip1K95cHGBosXFlnrx0D0GnQdO3d7Z1IuDSO8Jh4BO
bnogCK/0cZ98iHick/wwk758NBjOmkBwL5Dm7nwtQ2xKjJgGazDmZwWaxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsITRAwQS745liZUUg1EzoZHtrBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS13aE5FREJCTHZqbVdKbFJTRFVUT2hrZTJzRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAMJXQgME
AMKHHgMEAMM6IwMEAsOFKAMEANTA/jANBgkqhkiG9w0BAQsFAAOCAQEAGxVNN76q
FMvT1dYUugVfJdlLkwfrRCBRKTNa03kub6PyuxBd/2yUTzECVDuJkcDBxQZ4Rsdh
dzaU9o3nHvSCbBe5Kew/z36k3ggs81xPvdcwaSxU/b9Jl7GN8QmgGM3sOHX1ERsr
gPvtd0CNeoQ7LgyaxqBJRdEGzBGuG6IqA3E2Yvx44fQ6SuXrUdar5lsTSt4q/KUp
HE8TEAuO6oSra9I//YXaBsLB9W2tcrKrc1ItvAHGeGfEw0ajWG/d2lGksPjPoYNU
uWcC8uFU8mltPKjnJ7fC5Y+mAPZHTbCu0eD49nf1WaUB53u547tfsFNQQs7nFCtR
BffHMMnaFyriEw==
-----END CERTIFICATE-----
Generated at Wed Feb 14 09:35:28 2024 by rpki-client on console-fra.rpki-client.org