Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sOZWhDIlaFTm4EiVtezv8Z2Df0.roa
File: 4sOZWhDIlaFTm4EiVtezv8Z2Df0.roa (raw, json)
Hash identifier: K/9kkfHTG+RtHsjQlAjRf82Tw9y4WgQ2Ivd7AhDAABk=
Subject key identifier: E2:C3:99:5A:10:C8:95:A1:53:9B:81:22:56:D7:B3:BF:C6:76:0D:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190EEEE2DAAD7B5424956890BDE37F70F13
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sOZWhDIlaFTm4EiVtezv8Z2Df0.roa
Signing time: Fri 26 Jul 2024 12:05:04 +0000
ROA not before: Fri 26 Jul 2024 12:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 193.124.17.0/24 maxlen: 24
194.58.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 07:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:ee:2d:aa:d7:b5:42:49:56:89:0b:de:37:f7:0f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 26 12:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c3995a10c895a1539b812256d7b3bfc6760dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:48:83:22:60:7d:e6:3c:08:ea:52:46:51:67:
cc:ff:70:59:fd:c5:1e:b1:6f:8d:4e:51:e4:b9:92:
51:31:16:aa:6d:12:1e:6a:8e:4b:34:1d:b0:36:8e:
ef:48:da:b2:3c:37:b7:1c:f6:fc:6a:5b:49:60:6a:
21:98:39:5b:25:3a:23:8c:8c:6d:45:88:a3:e5:3f:
da:9c:2d:62:79:09:05:76:b9:30:cf:0d:ee:93:3e:
7f:20:2b:6a:fb:a9:5e:5b:ce:25:fb:1a:89:b8:3a:
f0:05:ad:3e:08:58:9a:3b:3a:f7:9d:bf:44:8b:ca:
ed:f3:df:95:28:b6:44:7a:24:da:2c:f4:8c:7b:26:
93:90:6c:ba:6a:d7:ec:4d:99:f7:7d:4b:ed:e1:2f:
8b:47:40:da:c2:76:6f:3f:a0:3d:72:75:7e:de:ac:
92:3e:ae:75:00:7b:7f:77:87:c0:54:6e:7f:70:db:
bb:cc:87:0b:79:57:1e:f2:c8:2a:2d:f6:65:28:c1:
a7:1a:ce:4f:7e:a2:79:f0:2b:ec:61:35:75:a7:fb:
f5:21:13:66:5e:cb:80:df:2c:0d:7c:4f:f0:33:da:
de:5e:a5:9f:92:71:63:18:e4:aa:24:93:03:cd:23:
98:01:43:1e:f0:e8:a8:e6:1c:9e:30:7e:c4:5c:a7:
18:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C3:99:5A:10:C8:95:A1:53:9B:81:22:56:D7:B3:BF:C6:76:0D:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4sOZWhDIlaFTm4EiVtezv8Z2Df0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.58.56.0/24
194.58.154.0/23
194.87.1.0/24
194.87.51.0/24
194.87.122.0/24
194.87.128.0/24
194.87.179.0/24
Signature Algorithm: sha256WithRSAEncryption
72:db:a8:7c:88:d8:36:3e:3c:f9:b1:78:90:c1:a7:51:55:ec:
3d:62:35:65:66:2e:f4:97:f8:85:bd:2d:bb:35:8b:0a:15:b1:
99:af:16:f6:18:7d:b9:98:62:7e:54:55:3a:e8:2f:e2:45:2c:
58:b3:44:e0:4d:40:a2:74:4a:29:0d:ed:47:2c:eb:74:fd:54:
9d:65:f1:dc:f7:b8:e2:de:9b:d9:4a:27:cb:93:3d:e9:7b:02:
a0:2b:01:63:a3:a4:d3:69:5f:e5:50:79:8b:8a:28:09:9f:0b:
a6:af:3d:f5:ad:64:42:4c:ef:04:86:1b:ec:5d:a3:ce:3e:e4:
8c:9a:29:4d:12:31:b8:9d:c6:ab:d4:b7:2f:12:a1:a9:18:17:
b8:ff:c4:90:c4:87:b9:90:f2:a8:2f:29:f5:ae:11:d3:cd:ea:
af:f7:50:d9:32:6c:ad:f7:a5:a0:80:24:16:2e:6d:23:2e:ea:
11:a1:d2:16:0b:d4:29:99:f9:96:d9:d1:01:a1:eb:02:5f:26:
a7:d5:a8:6a:f5:f6:dd:7d:4f:b7:50:ae:cb:33:0e:78:c2:65:
05:ca:ef:64:d0:be:bd:0a:84:47:bf:6e:e0:dc:a4:41:53:7f:
0c:4d:86:8a:75:67:30:ca:36:f7:93:ff:fb:09:39:b9:88:d1:
a9:89:0b:ff
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZDu7i2q17VCSVaJC9439w8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzI2MTIwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMzOTk1YTEwYzg5NWExNTM5YjgxMjI1NmQ3YjNiZmM2NzYwZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEiDImB95jwI6lJGUWfM/3BZ/cUe
sW+NTlHkuZJRMRaqbRIeao5LNB2wNo7vSNqyPDe3HPb8altJYGohmDlbJTojjIxt
RYij5T/anC1ieQkFdrkwzw3ukz5/ICtq+6leW84l+xqJuDrwBa0+CFiaOzr3nb9E
i8rt89+VKLZEeiTaLPSMeyaTkGy6atfsTZn3fUvt4S+LR0DawnZvP6A9cnV+3qyS
Pq51AHt/d4fAVG5/cNu7zIcLeVce8sgqLfZlKMGnGs5PfqJ58CvsYTV1p/v1IRNm
XsuA3ywNfE/wM9reXqWfknFjGOSqJJMDzSOYAUMe8Oio5hyeMH7EXKcYCwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOLDmVoQyJWhU5uBIlbXs7/Gdg39MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHNPWldoRElsYUZUbTRFaVZ0ZXp2OFoyRGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwRAwQA
wjo4AwQBwjqaAwQAwlcBAwQAwlczAwQAwld6AwQAwleAAwQAwlezMA0GCSqGSIb3
DQEBCwUAA4IBAQBy26h8iNg2Pjz5sXiQwadRVew9YjVlZi70l/iFvS27NYsKFbGZ
rxb2GH25mGJ+VFU66C/iRSxYs0TgTUCidEopDe1HLOt0/VSdZfHc97ji3pvZSifL
kz3pewKgKwFjo6TTaV/lUHmLiigJnwumrz31rWRCTO8EhhvsXaPOPuSMmilNEjG4
ncar1LcvEqGpGBe4/8SQxIe5kPKoLyn1rhHTzeqv91DZMmyt96WggCQWLm0jLuoR
odIWC9QpmfmW2dEBoesCXyan1ahq9fbdfU+3UK7LMw54wmUFyu9k0L69CoRHv27g
3KRBU38MTYaKdWcwyjb3k//7CTm5iNGpiQv/
-----END CERTIFICATE-----
Generated at Thu Aug 1 10:17:14 2024 by rpki-client on console-fra.rpki-client.org