Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4MRfISTBQZ4t926D1OW6Of7OkUI.roa
File: 4MRfISTBQZ4t926D1OW6Of7OkUI.roa (raw, json)
Hash identifier: TCl14iJxoVAqH3fuc/vGNWbEMG0r7j2U7NPd6DyfEY0=
Subject key identifier: E0:C4:5F:21:24:C1:41:9E:2D:F7:6E:83:D4:E5:BA:39:FE:CE:91:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DB065DBE65C0E4AF2C2FD73C02EFE5C4A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4MRfISTBQZ4t926D1OW6Of7OkUI.roa
Signing time: Fri 16 Feb 2024 05:31:21 +0000
ROA not before: Fri 16 Feb 2024 05:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 17:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:65:db:e6:5c:0e:4a:f2:c2:fd:73:c0:2e:fe:5c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 16 05:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c45f2124c1419e2df76e83d4e5ba39fece9142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:4a:84:c5:19:ac:59:bb:53:d3:92:75:27:
12:9e:c0:74:9a:03:b1:61:f2:18:50:4f:c2:ab:c9:
cb:28:66:e1:66:e0:46:81:c5:fd:9d:34:60:61:7d:
2e:7a:6d:fb:c5:e6:48:fd:89:d8:36:0f:7f:c2:e9:
24:d2:c5:58:ba:cc:87:41:fb:36:11:47:ca:7a:2f:
d3:04:bd:9f:69:f6:6f:2b:d4:6c:13:0b:53:8e:dc:
00:14:c2:b6:68:cf:f6:71:62:4e:95:c5:8e:d4:77:
74:e6:4b:36:f5:ef:34:97:6d:84:84:e8:7f:d0:ce:
ef:40:51:8c:97:c7:06:e4:1d:e3:8b:f9:4f:66:ec:
a8:c3:8d:75:99:6a:ff:75:3c:ec:4d:ed:b4:b3:55:
e6:10:d4:d1:d3:4a:74:f6:d5:80:d0:7c:73:73:ff:
e0:f5:e9:6b:68:ed:d7:07:f5:01:8d:bc:cd:5e:76:
92:a1:25:0c:6e:b1:a6:9d:fe:91:d4:57:b1:c9:40:
56:51:d9:ad:d7:be:b7:48:89:4c:2e:1d:47:e5:53:
ff:9f:30:e3:3f:be:0d:bd:b2:5f:a5:d8:a0:af:87:
fc:fc:46:96:55:1a:0a:5b:42:16:73:1d:15:7c:e5:
b1:4e:99:7b:e6:14:85:0b:c6:fc:5a:1f:b8:2b:81:
f1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C4:5F:21:24:C1:41:9E:2D:F7:6E:83:D4:E5:BA:39:FE:CE:91:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4MRfISTBQZ4t926D1OW6Of7OkUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
193.124.7.0/24
194.87.22.0/24
194.87.32.0/24
194.87.201.0/24
195.133.6.0/24
195.133.25.0/24
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
46:64:cd:e3:ff:35:6d:51:14:44:7f:7d:7c:01:47:2d:af:a7:
7f:f6:ce:8d:4a:e4:88:31:33:89:8c:f2:d6:c6:24:fb:f7:9c:
7e:26:2f:3c:45:92:6a:a4:b4:25:5a:96:bf:f2:45:63:dc:a3:
e1:6b:31:6a:fe:5b:8b:1a:20:d0:37:85:1f:ac:9f:83:6e:4c:
e7:7b:21:fa:e8:61:03:45:16:6a:69:b9:78:83:05:a7:08:10:
e2:f8:dd:1f:c3:40:43:2e:78:e2:7d:e8:2f:48:7f:66:54:c1:
89:e8:fb:de:db:c1:cf:0d:3d:8b:cf:c0:0f:c2:13:03:58:b6:
89:59:2b:c0:7a:bd:da:f6:82:5f:30:8d:49:d4:f1:f7:cd:0a:
56:ea:65:09:2a:28:1a:1c:6e:33:bb:93:a1:a2:8d:f2:11:17:
aa:7d:36:0d:a8:60:e1:d0:5c:a8:f2:2a:fc:52:2c:36:9f:42:
7c:10:6b:05:5f:67:13:e2:c1:59:ad:39:3d:6b:f0:71:b0:04:
1b:5b:27:3d:f0:45:c2:91:dd:0a:29:29:ce:15:5b:03:33:56:
5b:c6:29:96:74:82:1b:14:58:03:22:4b:31:0e:ef:1b:a1:b2:
bb:64:66:26:27:ba:70:d4:e9:9c:4b:6b:4a:69:f7:26:55:b8:
b3:5f:94:cc
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY2wZdvmXA5K8sL9c8Au/lxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE2MDUzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM0NWYyMTI0YzE0MTllMmRmNzZlODNkNGU1YmEzOWZlY2U5MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlslKhMUZrFm7U9OSdScSnsB0mgOx
YfIYUE/Cq8nLKGbhZuBGgcX9nTRgYX0uem37xeZI/YnYNg9/wukk0sVYusyHQfs2
EUfKei/TBL2fafZvK9RsEwtTjtwAFMK2aM/2cWJOlcWO1Hd05ks29e80l22EhOh/
0M7vQFGMl8cG5B3ji/lPZuyow411mWr/dTzsTe20s1XmENTR00p09tWA0Hxzc//g
9elraO3XB/UBjbzNXnaSoSUMbrGmnf6R1FexyUBWUdmt1763SIlMLh1H5VP/nzDj
P74NvbJfpdigr4f8/EaWVRoKW0IWcx0VfOWxTpl75hSFC8b8Wh+4K4HxKQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFODEXyEkwUGeLfdug9Tlujn+zpFCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNE1SZklTVEJRWjR0OTI2RDFPVzZPZjdPa1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXwFAwQA
wXwHAwQAwlcWAwQAwlcgAwQAwlfJAwQAw4UGAwQAw4UZAwQAw4VIAwQAw4VVAwQA
w4XAAwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQBGZM3j/zVtURREf318AUctr6d/
9s6NSuSIMTOJjPLWxiT795x+Ji88RZJqpLQlWpa/8kVj3KPhazFq/luLGiDQN4Uf
rJ+DbkzneyH66GEDRRZqabl4gwWnCBDi+N0fw0BDLnjifegvSH9mVMGJ6Pve28HP
DT2Lz8APwhMDWLaJWSvAer3a9oJfMI1J1PH3zQpW6mUJKigaHG4zu5Ohoo3yEReq
fTYNqGDh0Fyo8ir8Uiw2n0J8EGsFX2cT4sFZrTk9a/BxsAQbWyc98EXCkd0KKSnO
FVsDM1ZbximWdIIbFFgDIksxDu8bobK7ZGYmJ7pw1OmcS2tKafcmVbizX5TM
-----END CERTIFICATE-----
Generated at Mon Feb 19 21:07:41 2024 by rpki-client on console-fra.rpki-client.org