Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2xLsKAlcXkO7dTgkJRl39sly7vY.roa
File: 2xLsKAlcXkO7dTgkJRl39sly7vY.roa (raw, json)
Hash identifier: OyzLpMJdN0Vy2nth+sGRyRf/w26sQFdM8pf/fVZ5JWw=
Subject key identifier: DB:12:EC:28:09:5C:5E:43:BB:75:38:24:25:19:77:F6:C9:72:EE:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018FF23F06C2F32AB4CCB7B8F77028423AF9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2xLsKAlcXkO7dTgkJRl39sly7vY.roa
Signing time: Fri 07 Jun 2024 10:29:27 +0000
ROA not before: Fri 07 Jun 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.134.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Jun 2024 15:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:3f:06:c2:f3:2a:b4:cc:b7:b8:f7:70:28:42:3a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 7 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db12ec28095c5e43bb753824251977f6c972eef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:61:ad:a8:84:03:9d:02:77:37:a6:5e:2c:
61:42:f0:41:73:47:4d:84:90:ef:1b:cc:40:bf:72:
4f:41:44:1e:cd:60:4c:ce:7b:0d:f0:b0:2a:5c:eb:
9b:97:96:a6:68:fa:c1:81:0d:2d:b8:ac:ea:1c:c4:
e9:cf:db:ac:38:d0:e2:7f:71:50:d4:56:03:ca:4f:
43:b4:2b:4d:e0:d1:5f:17:ca:eb:8d:da:8b:11:68:
bb:ad:18:44:fb:6f:33:e6:8f:bf:58:d6:07:25:e2:
58:14:31:05:ed:7b:d5:ad:66:7d:64:e6:04:04:eb:
40:16:c9:66:e3:31:02:e1:29:ae:39:df:dc:c4:57:
d9:66:e4:8a:f0:e1:ad:6b:8f:be:51:e0:c3:f4:74:
6e:80:58:6e:c6:fd:dc:98:27:fa:3e:23:af:3c:71:
ab:d6:c2:10:ff:be:98:74:73:d9:0e:84:81:7d:d3:
e8:fe:6d:51:56:ad:bc:3c:a2:60:54:c7:24:6f:bc:
16:d0:ee:ac:ec:ea:55:11:f9:8f:19:36:0f:0a:19:
8d:36:d1:77:06:24:a7:db:15:88:23:08:60:35:0c:
25:80:f7:43:b0:dd:89:91:5a:8e:8f:58:5f:4f:9b:
7f:a2:e4:ad:0d:40:b6:99:b1:59:91:fe:c7:2a:f4:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:12:EC:28:09:5C:5E:43:BB:75:38:24:25:19:77:F6:C9:72:EE:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2xLsKAlcXkO7dTgkJRl39sly7vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.134.0/24
194.87.141.0/24
194.87.169.0/24
195.58.39.0/24
195.133.17.0/24
195.133.25.0/24
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
75:18:73:de:ef:48:dc:7c:63:e6:b9:f8:db:d9:24:54:cd:7b:
f4:e4:b5:fa:ef:c3:d6:86:0b:f7:ee:ba:a1:9f:67:2f:bd:2e:
9a:8f:f3:b8:6e:7c:f8:40:fc:f4:95:63:28:26:79:3e:a3:c5:
6a:b5:28:5a:09:27:4b:ab:65:59:9d:da:ad:42:84:69:d6:9e:
70:c4:69:fb:c8:c7:a3:32:de:95:3b:d7:b9:5b:9e:bb:db:16:
43:05:ef:83:ed:bb:60:0f:a8:fe:68:ee:71:7b:4a:6b:86:8b:
63:af:06:92:69:81:84:5d:99:68:73:8f:cd:b0:6d:ac:e5:6f:
d2:58:fe:bf:21:5f:1a:7a:d8:d8:7c:fb:7d:5b:8a:f9:0f:41:
a3:3b:19:89:60:77:5f:49:ca:af:ab:40:cb:d0:18:6f:ff:d0:
65:81:f1:89:a5:23:36:9a:41:b6:b7:36:79:c1:3c:42:3b:61:
9b:1d:99:2e:16:15:31:45:0d:62:e1:a2:a1:a4:97:f7:d2:70:
01:22:c7:9f:53:7b:8f:9c:50:6e:5e:0d:dc:39:6a:59:31:e7:
5f:33:a0:3b:19:71:ae:e4:7b:99:d0:b3:66:6e:3f:1a:6e:5f:
96:58:e9:ff:37:98:6b:04:ec:ef:ee:e5:4c:bc:1c:9f:c2:51:
95:7e:2a:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY/yPwbC8yq0zLe493AoQjr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjA3MTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjEyZWMyODA5NWM1ZTQzYmI3NTM4MjQyNTE5NzdmNmM5NzJlZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqithraiEA50CdzemXixhQvBBc0dN
hJDvG8xAv3JPQUQezWBMznsN8LAqXOubl5amaPrBgQ0tuKzqHMTpz9usONDif3FQ
1FYDyk9DtCtN4NFfF8rrjdqLEWi7rRhE+28z5o+/WNYHJeJYFDEF7XvVrWZ9ZOYE
BOtAFslm4zEC4SmuOd/cxFfZZuSK8OGta4++UeDD9HRugFhuxv3cmCf6PiOvPHGr
1sIQ/76YdHPZDoSBfdPo/m1RVq28PKJgVMckb7wW0O6s7OpVEfmPGTYPChmNNtF3
BiSn2xWIIwhgNQwlgPdDsN2JkVqOj1hfT5t/ouStDUC2mbFZkf7HKvQhMwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNsS7CgJXF5Du3U4JCUZd/bJcu72MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMnhMc0tBbGNYa083ZFRna0pSbDM5c2x5N3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQBwjo4AwQA
wleGAwQAwleNAwQAwlepAwQAwzonAwQAw4URAwQAw4UZAwQBw4UyAwQBw4VcAwQA
1MABAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOC
AQEAdRhz3u9I3Hxj5rn429kkVM179OS1+u/D1oYL9+66oZ9nL70umo/zuG58+ED8
9JVjKCZ5PqPFarUoWgknS6tlWZ3arUKEadaecMRp+8jHozLelTvXuVueu9sWQwXv
g+27YA+o/mjucXtKa4aLY68GkmmBhF2ZaHOPzbBtrOVv0lj+vyFfGnrY2Hz7fVuK
+Q9BozsZiWB3X0nKr6tAy9AYb//QZYHxiaUjNppBtrc2ecE8Qjthmx2ZLhYVMUUN
YuGioaSX99JwASLHn1N7j5xQbl4N3DlqWTHnXzOgOxlxruR7mdCzZm4/Gm5flljp
/zeYawTs7+7lTLwcn8JRlX4q3A==
-----END CERTIFICATE-----
Generated at Sat Jun 15 16:18:54 2024 by rpki-client on console-fra.rpki-client.org