Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/34eJkbS7VVl-cWlW2ODvg-5AsSA.roa
File: 34eJkbS7VVl-cWlW2ODvg-5AsSA.roa (raw, json)
Hash identifier: nVJYYIy+ZcHjapvWaf6iyclpAbv4vRx+Kg2Q85cveOU=
Subject key identifier: DF:87:89:91:B4:BB:55:59:7E:71:69:56:D8:E0:EF:83:EE:40:B1:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F51CF16261478B36E2E74D9D3CA28EDAF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/34eJkbS7VVl-cWlW2ODvg-5AsSA.roa
Signing time: Tue 07 May 2024 06:47:57 +0000
ROA not before: Tue 07 May 2024 06:47:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 May 2024 15:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:cf:16:26:14:78:b3:6e:2e:74:d9:d3:ca:28:ed:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 7 06:47:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df878991b4bb55597e716956d8e0ef83ee40b120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7e:0d:11:6b:e4:07:dd:84:fe:9a:ee:51:3e:
69:b1:ac:af:53:25:0e:5a:55:e4:32:7d:55:fd:5a:
1b:81:28:cb:99:6c:f8:be:ea:ec:3e:47:c7:20:f4:
01:4f:c5:a8:53:1c:57:be:2d:fa:8b:4d:9b:40:3c:
c9:11:db:01:6f:0b:e7:5b:58:ef:af:ed:1d:c2:36:
68:48:58:5a:6d:b8:5e:02:dc:94:c3:60:c6:c4:ef:
35:7e:a8:d6:55:4f:54:37:a7:0f:0c:c9:d5:0c:21:
20:cd:d2:0a:27:ab:72:15:f4:89:06:e6:21:15:93:
43:06:f5:48:79:9c:9c:35:0c:40:87:94:27:fd:8c:
36:8d:37:54:9f:33:ab:63:5b:89:36:e0:ad:85:bb:
0f:37:44:30:9d:73:1b:e0:bc:09:89:69:08:cb:4c:
65:7d:c3:16:a7:a4:1a:af:8f:50:69:41:2f:6d:24:
1c:a1:da:46:dd:10:83:79:ed:a0:ac:fd:8f:e7:9f:
f4:65:c0:3c:6c:09:25:ae:de:9f:af:55:69:d8:c5:
8d:d8:20:c9:76:63:60:03:d2:6a:e7:36:6d:7e:1a:
13:f4:1d:1a:47:cb:b9:86:a8:ea:03:72:64:7c:99:
b5:b3:9b:4a:51:0d:86:d2:11:21:eb:3d:44:b5:48:
e4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:87:89:91:B4:BB:55:59:7E:71:69:56:D8:E0:EF:83:EE:40:B1:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/34eJkbS7VVl-cWlW2ODvg-5AsSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
195.133.25.0/24
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:d5:7b:13:0e:38:83:a8:79:2a:82:27:6b:6c:2d:d4:d2:2f:
fc:fd:b3:ce:43:e6:b3:be:68:1e:b2:b5:b9:f9:32:57:1d:f0:
02:79:eb:fb:1c:20:d0:df:e3:fa:ff:48:50:3e:7c:6e:86:09:
f9:ae:d6:82:4c:a3:5c:50:1b:52:2a:44:2d:cb:18:af:9f:52:
54:8d:99:5c:fd:d9:ff:5d:c5:64:0d:08:d5:92:1b:ee:a0:7d:
59:6d:77:ed:5a:21:33:d8:8a:6e:87:bb:29:22:1d:8f:30:4e:
72:d5:65:53:97:14:32:ce:4f:79:2c:dd:ae:20:c7:fc:55:e0:
d0:a5:51:9c:5e:43:2f:17:a4:a8:36:ec:02:1f:93:54:4e:ad:
42:4a:d4:54:b0:cb:7c:56:71:d3:25:7b:39:e0:1f:6e:da:70:
a3:af:f7:b6:de:51:55:e7:bb:b9:2c:65:8a:ed:6f:85:5b:6f:
08:40:c4:28:10:91:0f:c5:4b:c0:36:8a:42:b4:d3:6e:2a:f5:
80:90:c4:3e:25:04:48:84:3f:ea:9d:80:33:1b:ff:78:f7:44:
5d:ce:c7:b1:ac:f8:90:cb:ce:e8:60:90:ab:2e:61:94:59:d5:
ec:18:1f:44:62:ed:f9:6a:37:40:6a:58:e4:7b:c1:c0:ce:7f:
e5:75:46:d0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY9RzxYmFHizbi502dPKKO2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTA3MDY0NzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg3ODk5MWI0YmI1NTU5N2U3MTY5NTZkOGUwZWY4M2VlNDBiMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX4NEWvkB92E/pruUT5psayvUyUO
WlXkMn1V/VobgSjLmWz4vursPkfHIPQBT8WoUxxXvi36i02bQDzJEdsBbwvnW1jv
r+0dwjZoSFhabbheAtyUw2DGxO81fqjWVU9UN6cPDMnVDCEgzdIKJ6tyFfSJBuYh
FZNDBvVIeZycNQxAh5Qn/Yw2jTdUnzOrY1uJNuCthbsPN0QwnXMb4LwJiWkIy0xl
fcMWp6Qar49QaUEvbSQcodpG3RCDee2grP2P55/0ZcA8bAklrt6fr1Vp2MWN2CDJ
dmNgA9Jq5zZtfhoT9B0aR8u5hqjqA3JkfJm1s5tKUQ2G0hEh6z1EtUjkTwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFN+HiZG0u1VZfnFpVtjg74PuQLEgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzRlSmtiUzdWVmwtY1dsVzJPRHZnLTVBc1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQBwjo4AwQA
wleNAwQAwlepAwQAwlfGAwQAw4UZAwQA1MABAwQA1MEEMBQEAgACMA4DBQMqAVfA
AwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAfdV7Ew44g6h5KoIna2wt1NIv/P2z
zkPms75oHrK1ufkyVx3wAnnr+xwg0N/j+v9IUD58boYJ+a7WgkyjXFAbUipELcsY
r59SVI2ZXP3Z/13FZA0I1ZIb7qB9WW137VohM9iKboe7KSIdjzBOctVlU5cUMs5P
eSzdriDH/FXg0KVRnF5DLxekqDbsAh+TVE6tQkrUVLDLfFZx0yV7OeAfbtpwo6/3
tt5RVee7uSxliu1vhVtvCEDEKBCRD8VLwDaKQrTTbir1gJDEPiUESIQ/6p2AMxv/
ePdEXc7Hsaz4kMvO6GCQqy5hlFnV7BgfRGLt+Wo3QGpY5HvBwM5/5XVG0A==
-----END CERTIFICATE-----
Generated at Tue May 7 20:08:24 2024 by rpki-client on console-fra.rpki-client.org