Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2fhl9O8Bf6Kpbb6LIMmcvnvhx_0.roa
File: 2fhl9O8Bf6Kpbb6LIMmcvnvhx_0.roa (raw, json)
Hash identifier: hp1ldREPRZkWdhUJEb4dL1O+jO3e5M5lutHyGO/sB8c=
Subject key identifier: D9:F8:65:F4:EF:01:7F:A2:A9:6D:BE:8B:20:C9:9C:BE:7B:E1:C7:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01907BF16F3DACCD03A3F13F7D0416FF99A8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2fhl9O8Bf6Kpbb6LIMmcvnvhx_0.roa
Signing time: Thu 04 Jul 2024 04:12:18 +0000
ROA not before: Thu 04 Jul 2024 04:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 194.87.246.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 04:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:f1:6f:3d:ac:cd:03:a3:f1:3f:7d:04:16:ff:99:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 4 04:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9f865f4ef017fa2a96dbe8b20c99cbe7be1c7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:99:d8:07:c1:91:f5:34:8e:4a:ca:61:e0:65:
89:aa:6e:c1:85:5e:92:cb:17:82:5b:cb:d0:cb:9f:
0b:1e:f4:12:bb:e0:18:b4:84:1d:41:0f:eb:39:3f:
82:fe:91:22:86:ff:58:0f:14:1f:1a:08:dd:d2:ca:
58:f0:d4:70:37:74:6e:71:4b:73:f3:7a:be:f9:8d:
ab:42:80:cd:57:9b:ae:19:e3:8b:96:80:5b:44:9c:
dd:68:4c:c8:e7:48:13:6d:02:28:18:80:cf:cf:05:
75:51:8e:ad:0c:03:f8:77:c2:ce:0a:be:9b:de:1d:
05:2b:1d:46:5f:0c:8e:cf:f8:23:20:20:4c:7f:52:
96:c6:7e:62:2e:5f:af:04:9e:10:9a:44:1a:18:ec:
ed:7c:73:fd:16:56:23:a3:c8:92:e9:b7:a3:3a:77:
a7:9e:86:db:15:73:a8:dc:79:35:6a:e2:c8:ec:b1:
fa:88:11:da:e2:cc:e6:d0:80:5a:74:00:b4:a9:f9:
c6:44:ad:3d:3b:c4:84:1f:8f:f0:5c:c0:a3:6e:57:
b1:13:bb:07:5d:7c:79:dc:5e:70:d4:0d:94:7a:32:
c2:93:e2:61:5a:1f:c7:74:97:52:85:0e:b1:b7:bd:
b3:ed:97:bc:35:9f:6f:07:f7:8a:bc:23:5b:43:9c:
02:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F8:65:F4:EF:01:7F:A2:A9:6D:BE:8B:20:C9:9C:BE:7B:E1:C7:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2fhl9O8Bf6Kpbb6LIMmcvnvhx_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
195.58.39.0/24
195.133.50.0/24
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9a:eb:aa:5d:ed:5c:c2:c0:ad:21:e4:58:81:92:c3:82:85:
af:02:c2:92:cc:9a:ec:c7:35:d3:e6:94:64:9a:47:f2:c1:5b:
42:ea:41:58:1c:d1:63:64:2d:c8:7e:67:a7:8d:34:f1:d6:8e:
59:cb:a7:8a:67:8e:b4:fd:e4:f9:5b:e9:2e:05:1b:cb:41:50:
af:93:76:ac:d9:86:6d:65:93:b8:f1:ed:80:eb:eb:37:b7:a1:
9c:ae:30:1f:6e:9b:dc:11:72:cb:b5:a1:28:c0:1b:7c:c5:d3:
9c:36:b5:48:5b:a5:45:91:09:97:e7:0a:ce:61:7f:da:c4:c6:
53:26:47:65:c1:1d:03:89:eb:0f:94:2f:5a:bc:a4:e3:af:28:
e1:78:06:5f:11:f1:64:1c:c8:0e:6e:fa:08:74:4c:f8:5b:4d:
fb:70:b3:3f:b9:82:c2:44:6e:75:75:d7:0b:82:49:88:40:c5:
ce:6e:a8:a5:72:5c:b7:86:73:fa:92:fa:80:76:05:43:ee:0b:
48:f7:7f:65:86:8a:62:b8:34:81:22:45:b3:e6:6b:ed:d1:92:
a4:47:05:ea:ea:10:58:80:37:c5:01:62:b2:05:8c:b7:c1:dc:
23:dc:ee:b5:9a:be:c3:99:ee:d4:a8:77:60:02:a1:88:72:69:
1a:fe:37:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB78W89rM0Do/E/fQQW/5moMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzA0MDQxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY4NjVmNGVmMDE3ZmEyYTk2ZGJlOGIyMGM5OWNiZTdiZTFjN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JnYB8GR9TSOSsph4GWJqm7BhV6S
yxeCW8vQy58LHvQSu+AYtIQdQQ/rOT+C/pEihv9YDxQfGgjd0spY8NRwN3RucUtz
83q++Y2rQoDNV5uuGeOLloBbRJzdaEzI50gTbQIoGIDPzwV1UY6tDAP4d8LOCr6b
3h0FKx1GXwyOz/gjICBMf1KWxn5iLl+vBJ4QmkQaGOztfHP9FlYjo8iS6bejOnen
nobbFXOo3Hk1auLI7LH6iBHa4szm0IBadAC0qfnGRK09O8SEH4/wXMCjblexE7sH
XXx53F5w1A2UejLCk+JhWh/HdJdShQ6xt72z7Ze8NZ9vB/eKvCNbQ5wCpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNn4ZfTvAX+iqW2+iyDJnL574cf9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMmZobDlPOEJmNktwYmI2TElNbWN2bnZoeF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlf2AwQA
wzonAwQAw4UyAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQA7muuqXe1cwsCtIeRY
gZLDgoWvAsKSzJrsxzXT5pRkmkfywVtC6kFYHNFjZC3IfmenjTTx1o5Zy6eKZ460
/eT5W+kuBRvLQVCvk3as2YZtZZO48e2A6+s3t6GcrjAfbpvcEXLLtaEowBt8xdOc
NrVIW6VFkQmX5wrOYX/axMZTJkdlwR0DiesPlC9avKTjryjheAZfEfFkHMgObvoI
dEz4W037cLM/uYLCRG51ddcLgkmIQMXObqilcly3hnP6kvqAdgVD7gtI939lhopi
uDSBIkWz5mvt0ZKkRwXq6hBYgDfFAWKyBYy3wdwj3O61mr7Dme7UqHdgAqGIcmka
/jdD
-----END CERTIFICATE-----
Generated at Wed Jul 10 05:45:13 2024 by rpki-client on console-fra.rpki-client.org