Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4GX0HiPOyShowf5xHLUZozx3pWw.roa
File: 4GX0HiPOyShowf5xHLUZozx3pWw.roa (raw, json)
Hash identifier: NI1PJ5EDQHTBLsCrEB4ip/XYCdyIVcG3pAezCAbT1qY=
Subject key identifier: E0:65:F4:1E:23:CE:C9:28:68:C1:FE:71:1C:B5:19:A3:3C:77:A5:6C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D846432ED762635DE348B27BDD93A9642
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4GX0HiPOyShowf5xHLUZozx3pWw.roa
Signing time: Wed 07 Feb 2024 16:26:15 +0000
ROA not before: Wed 07 Feb 2024 16:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 13:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:64:32:ed:76:26:35:de:34:8b:27:bd:d9:3a:96:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 7 16:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e065f41e23cec92868c1fe711cb519a33c77a56c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f1:b8:e0:8a:dc:ae:ae:dc:7c:00:80:b2:be:
68:28:a2:59:cc:1c:84:9b:52:16:36:a3:8b:df:fb:
8f:0d:23:35:ee:78:4a:d7:12:54:56:14:01:d0:12:
66:a6:19:ac:be:65:72:c4:28:76:b4:f5:0b:de:bc:
b0:8a:7f:07:cf:a1:cf:bc:db:3a:49:55:ca:0e:98:
57:b8:b7:e1:9f:fb:7d:2e:f3:4a:6d:42:4c:2b:40:
b0:c5:ed:bd:6f:18:fd:69:cd:11:6f:27:aa:6a:6c:
4f:eb:de:8d:e9:a4:81:c7:ca:d7:83:60:db:c5:54:
78:5a:63:6f:b0:95:c2:17:15:a5:1f:9c:e7:a3:fc:
5c:20:a9:e3:3a:21:7d:1e:d1:9b:ef:d4:4e:d8:a3:
8d:96:dc:c0:97:cb:55:2e:8e:7a:69:61:d4:12:07:
54:73:f7:8b:de:e3:ac:15:3b:fd:a7:9d:f1:1e:5e:
29:35:cc:f5:96:94:3f:1e:d6:7c:3a:22:85:ef:6c:
6b:d4:46:47:8e:9b:06:0c:d3:57:28:f2:b6:3d:f2:
b6:bb:94:31:bb:56:2f:2a:db:ed:0b:c6:da:4f:93:
a2:b1:7f:47:57:c0:77:7b:4b:1e:13:1c:cc:1e:57:
55:44:96:f7:7f:5d:48:df:70:34:58:c9:00:e2:2c:
13:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:65:F4:1E:23:CE:C9:28:68:C1:FE:71:1C:B5:19:A3:3C:77:A5:6C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4GX0HiPOyShowf5xHLUZozx3pWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
193.124.7.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
193.124.207.0/24
194.87.22.0/24
194.87.32.0/24
194.87.81.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.201.0/24
194.135.18.0/24
195.58.54.0/24
195.58.60.0/24
195.133.2.0/24
195.133.25.0/24
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
01:c9:c0:21:1c:34:14:e2:9b:8e:74:a3:49:2e:99:c3:9d:55:
59:54:d8:9c:85:38:4f:e7:b4:f4:0f:a3:72:ef:03:c7:9a:f3:
9c:4b:1d:18:15:b2:03:de:a1:40:f2:cf:27:7d:cb:13:17:6f:
1d:79:03:66:70:b9:f5:cb:b3:28:a7:86:7d:02:e3:69:4b:83:
03:98:d2:96:2e:82:11:a2:eb:17:6d:e6:d8:61:5e:a9:b1:bf:
fc:fb:aa:5d:23:d6:3e:5e:06:95:23:50:ff:1d:fc:98:7e:1f:
b0:97:20:9f:3e:fb:15:c8:0e:38:5a:3c:86:eb:9b:69:40:e4:
b9:30:86:d6:70:e8:8d:7e:12:1e:89:b6:ce:dc:40:4d:27:e5:
f2:3b:bd:0d:61:e1:5b:3c:a0:e1:fa:54:8d:d4:86:65:15:7a:
24:32:70:21:e8:89:81:44:2c:17:93:6f:0b:f2:28:d7:f1:b9:
12:d0:07:88:35:84:7d:34:ff:5c:a0:66:bf:32:0f:51:65:85:
a9:fb:f3:73:8d:b8:a4:03:93:b6:cf:72:4d:0d:38:00:05:30:
40:31:4b:40:24:5f:22:98:45:2d:e9:85:ac:ba:70:58:28:bf:
4e:28:40:d9:e1:71:9a:97:31:d8:57:59:fc:0e:69:54:19:92:
57:bf:4a:8e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY2EZDLtdiY13jSLJ73ZOpZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA3MTYyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY1ZjQxZTIzY2VjOTI4NjhjMWZlNzExY2I1MTlhMzNjNzdhNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/G44Ircrq7cfACAsr5oKKJZzByE
m1IWNqOL3/uPDSM17nhK1xJUVhQB0BJmphmsvmVyxCh2tPUL3rywin8Hz6HPvNs6
SVXKDphXuLfhn/t9LvNKbUJMK0Cwxe29bxj9ac0RbyeqamxP696N6aSBx8rXg2Db
xVR4WmNvsJXCFxWlH5zno/xcIKnjOiF9HtGb79RO2KONltzAl8tVLo56aWHUEgdU
c/eL3uOsFTv9p53xHl4pNcz1lpQ/HtZ8OiKF72xr1EZHjpsGDNNXKPK2PfK2u5Qx
u1YvKtvtC8baT5OisX9HV8B3e0seExzMHldVRJb3f11I33A0WMkA4iwT3wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFOBl9B4jzskoaMH+cRy1GaM8d6VsMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNEdYMEhpUE95U2hvd2Y1eEhMVVpvengzcFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBADB
fAUDBADBfAcDBADBfF8DBADBfMgDBADBfMoDBADBfM8DBADCVxYDBADCVyADBADC
V1EDBADCV5UDBADCV6oDBADCV6wDBADCV8kDBADChxIDBADDOjYDBADDOjwDBADD
hQIDBADDhRkDBADDhUgDBADDhVUDBADDhcADBADUwAEDBADUwQ0wDQYJKoZIhvcN
AQELBQADggEBAAHJwCEcNBTim450o0kumcOdVVlU2JyFOE/ntPQPo3LvA8ea85xL
HRgVsgPeoUDyzyd9yxMXbx15A2ZwufXLsyinhn0C42lLgwOY0pYughGi6xdt5thh
Xqmxv/z7ql0j1j5eBpUjUP8d/Jh+H7CXIJ8++xXIDjhaPIbrm2lA5LkwhtZw6I1+
Eh6Jts7cQE0n5fI7vQ1h4Vs8oOH6VI3UhmUVeiQycCHoiYFELBeTbwvyKNfxuRLQ
B4g1hH00/1ygZr8yD1Flhan783ONuKQDk7bPck0NOAAFMEAxS0AkXyKYRS3phay6
cFgov04oQNnhcZqXMdhXWfwOaVQZkle/So4=
-----END CERTIFICATE-----
Generated at Mon Feb 12 18:24:45 2024 by rpki-client on console-ams.rpki-client.org