Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2jB8ZNmOLz-5kw5OnxZjPrjcxzo.roa
File: 2jB8ZNmOLz-5kw5OnxZjPrjcxzo.roa (raw, json)
Hash identifier: igT4Ea+G1/A33LMUk0uMHTDl709Kk0TZezA+TSxYNwo=
Subject key identifier: DA:30:7C:64:D9:8E:2F:3F:B9:93:0E:4E:9F:16:63:3E:B8:DC:C7:3A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191B2515FE3C2949F18A4DB0217347321A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2jB8ZNmOLz-5kw5OnxZjPrjcxzo.roa
Signing time: Mon 02 Sep 2024 10:39:22 +0000
ROA not before: Mon 02 Sep 2024 10:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 193.124.203.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 08:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:51:5f:e3:c2:94:9f:18:a4:db:02:17:34:73:21:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 2 10:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da307c64d98e2f3fb9930e4e9f16633eb8dcc73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a0:cf:f1:05:69:f2:ed:01:49:dc:8c:f4:0f:
8a:5e:66:5f:36:c9:3b:77:71:8b:dc:0c:82:a2:90:
37:57:c5:f3:39:1a:9b:a0:f3:00:dd:4f:90:32:91:
d7:28:f6:e1:f5:6c:c5:9d:d3:c7:10:4d:61:a0:ac:
00:f0:d1:b2:38:78:ca:70:d7:4f:aa:1f:94:3c:c1:
9c:71:6d:f1:f3:5f:24:6b:ef:bc:05:6a:92:dc:79:
df:37:ad:96:37:26:c5:39:0a:3b:74:2c:63:8a:65:
ae:4c:0c:d7:46:8f:42:e9:66:57:b7:18:2e:8b:77:
b8:48:9e:d2:3d:ab:8b:80:76:f3:34:db:0c:1b:b3:
5f:da:02:0e:84:fa:17:97:56:4f:5e:ce:0f:56:30:
e2:68:fc:07:e0:bf:4a:2a:73:e2:58:f6:e6:df:e0:
9a:ef:03:0a:f3:20:86:ec:04:91:ad:47:2d:af:8f:
0a:d9:a7:89:5a:25:92:fb:bb:76:00:d0:05:f3:c7:
9c:c6:c2:bd:e4:f9:b5:b5:e6:bc:f0:ca:e7:90:c2:
62:67:67:13:1c:c2:af:ec:c7:6b:1a:c6:55:97:63:
bb:4f:ee:08:8f:16:f7:2d:b2:fb:d9:5a:4e:15:db:
f0:ab:fb:0d:eb:de:46:cf:91:17:21:19:a8:fd:f9:
52:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:30:7C:64:D9:8E:2F:3F:B9:93:0E:4E:9F:16:63:3E:B8:DC:C7:3A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2jB8ZNmOLz-5kw5OnxZjPrjcxzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
195.133.28.0/24
195.133.40.0/23
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6e:b2:64:de:3a:13:63:f7:c5:01:4f:ff:97:80:f5:78:19:
1e:93:71:8d:5a:46:62:20:ce:17:bf:cb:5c:fd:be:f4:9e:95:
35:f0:1b:38:3e:83:e2:39:32:a7:3d:25:b5:14:05:a9:75:7d:
30:c3:f1:85:3f:22:54:df:ab:aa:7e:dc:9e:b7:a7:31:b0:57:
2e:7a:16:9d:80:91:84:0e:f1:4e:f8:f5:73:a4:62:2f:ba:fd:
eb:05:2f:8c:13:f9:d7:70:ab:9d:f2:42:7f:7b:a8:ab:98:08:
42:b3:ce:fc:da:b3:7b:82:17:9a:8b:04:f0:15:c0:7d:f3:63:
b9:5d:e6:ac:58:8b:89:5f:24:88:6f:02:6b:26:1b:24:43:7c:
2b:7e:8f:a1:d1:c3:08:87:03:75:de:03:16:8e:d1:71:ee:4f:
f2:d3:4e:80:73:48:fe:06:51:76:ad:9a:95:7a:59:d6:64:66:
33:27:ea:61:36:c7:8e:5f:fd:db:90:cb:20:5c:86:11:ec:2f:
e1:de:bb:af:aa:02:6b:fd:9c:22:e8:87:8a:ce:7c:64:aa:3e:
72:0f:35:4e:dc:57:67:f8:3e:fb:e2:30:3f:79:8f:fc:c8:68:
2e:3f:51:fc:96:65:45:64:bf:ab:9b:6f:d6:d7:49:96:3e:c2:
e3:12:bb:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGyUV/jwpSfGKTbAhc0cyGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMTAzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMwN2M2NGQ5OGUyZjNmYjk5MzBlNGU5ZjE2NjMzZWI4ZGNjNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76DP8QVp8u0BSdyM9A+KXmZfNsk7
d3GL3AyCopA3V8XzORqboPMA3U+QMpHXKPbh9WzFndPHEE1hoKwA8NGyOHjKcNdP
qh+UPMGccW3x818ka++8BWqS3HnfN62WNybFOQo7dCxjimWuTAzXRo9C6WZXtxgu
i3e4SJ7SPauLgHbzNNsMG7Nf2gIOhPoXl1ZPXs4PVjDiaPwH4L9KKnPiWPbm3+Ca
7wMK8yCG7ASRrUctr48K2aeJWiWS+7t2ANAF88ecxsK95Pm1tea88MrnkMJiZ2cT
HMKv7MdrGsZVl2O7T+4Ijxb3LbL72VpOFdvwq/sN695Gz5EXIRmo/flSGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNowfGTZji8/uZMOTp8WYz643Mc6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMmpCOFpObU9Mei01a3c1T254WmpQcmpjeHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzLAwQA
w4UcAwQBw4UoAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQCZbrJk3joTY/fFAU//
l4D1eBkek3GNWkZiIM4Xv8tc/b70npU18Bs4PoPiOTKnPSW1FAWpdX0ww/GFPyJU
36uqftyet6cxsFcuehadgJGEDvFO+PVzpGIvuv3rBS+ME/nXcKud8kJ/e6irmAhC
s8782rN7gheaiwTwFcB982O5XeasWIuJXySIbwJrJhskQ3wrfo+h0cMIhwN13gMW
jtFx7k/y006Ac0j+BlF2rZqVelnWZGYzJ+phNseOX/3bkMsgXIYR7C/h3ruvqgJr
/Zwi6IeKznxkqj5yDzVO3Fdn+D774jA/eY/8yGguP1H8lmVFZL+rm2/W10mWPsLj
Eru5
-----END CERTIFICATE-----
Generated at Fri Sep 6 10:58:44 2024 by rpki-client on console-fra.rpki-client.org