Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/522j_7IvxgjfSrXBRINy3VJGW60.roa
File: 522j_7IvxgjfSrXBRINy3VJGW60.roa (raw, json)
Hash identifier: 6CTIuqNS/ZMZKh8Dia8cr+7/N3asg3FFDJsieMN6wDQ=
Subject key identifier: E7:6D:A3:FF:B2:2F:C6:08:DF:4A:B5:C1:44:83:72:DD:52:46:5B:AD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D22C069DD5439F956C16F04AE51C3B5AE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/522j_7IvxgjfSrXBRINy3VJGW60.roa
Signing time: Fri 19 Jan 2024 17:24:11 +0000
ROA not before: Fri 19 Jan 2024 17:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 193.124.5.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:c0:69:dd:54:39:f9:56:c1:6f:04:ae:51:c3:b5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 17:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e76da3ffb22fc608df4ab5c1448372dd52465bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d9:b7:da:79:49:52:f3:07:a9:fd:5f:b9:d8:
3c:15:89:c2:72:93:57:10:9d:27:0f:d3:a4:41:99:
69:83:a3:0e:77:4b:95:80:a9:e1:03:58:d3:ec:64:
5b:f1:7d:c3:d1:80:54:99:e1:69:29:1a:fe:b5:92:
16:59:c3:dd:75:c3:47:e2:68:0d:f4:2d:4d:8b:29:
4d:55:0d:aa:2f:61:15:8f:5c:a5:77:35:22:e8:40:
2c:55:b9:ca:f9:c0:5b:94:69:d6:a9:81:2a:51:53:
d3:be:4e:3a:7b:c4:3b:65:31:5d:d4:07:a4:7b:bc:
69:fd:90:f6:1f:17:ce:5d:d9:4e:01:71:31:e2:f6:
71:1b:20:32:e1:d1:52:b9:63:fd:4e:e1:fb:1d:7b:
b1:c2:ef:24:62:e9:ae:7f:c9:9b:9a:f4:6f:af:db:
25:09:d3:df:15:8d:3e:32:5e:1a:0f:52:7f:d8:cd:
70:2a:7c:32:b7:26:b2:14:3a:cc:26:17:1e:1c:2c:
d0:43:c1:b3:80:40:b6:53:96:9b:e0:43:91:7b:80:
8e:af:ed:57:5d:a6:c7:4c:f8:96:90:7e:4f:0c:30:
36:c0:3e:61:df:18:fa:69:b3:ce:8c:f4:17:77:51:
5d:2b:4a:5e:94:fc:94:13:a5:1c:91:39:88:b9:1f:
d6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:6D:A3:FF:B2:2F:C6:08:DF:4A:B5:C1:44:83:72:DD:52:46:5B:AD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/522j_7IvxgjfSrXBRINy3VJGW60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.135.18.0/24
194.135.32.0/24
Signature Algorithm: sha256WithRSAEncryption
36:d5:4b:31:30:5c:50:cc:3f:61:02:98:4f:f2:03:7f:f2:1e:
83:9f:69:2d:c9:ce:51:7f:72:4d:d3:4f:35:1f:86:c9:bf:8b:
bb:aa:2e:03:44:22:bc:e0:cb:cd:06:f5:6c:dd:0b:cc:ca:bd:
c2:35:37:7c:a9:8f:0b:7b:8b:f7:30:ca:2a:c2:c8:e7:06:93:
8b:5a:13:20:b7:8c:9a:8e:a6:e0:9c:78:4e:0e:a2:22:35:35:
b9:dd:d5:4a:b5:ca:73:66:9c:c7:0d:49:bc:27:66:6d:ce:c4:
be:c2:79:b3:ee:06:68:90:92:70:fb:97:40:d2:1a:30:80:68:
dc:c8:ea:a9:ab:8f:df:3f:70:7a:84:0f:de:82:67:79:1d:6e:
7e:5b:e1:f7:57:00:f8:d8:cb:c4:4e:45:2a:6f:36:38:d9:fe:
95:cd:26:1b:74:26:33:5b:5c:1c:0c:eb:dd:67:76:ba:a2:78:
ed:50:3e:17:17:f1:5c:6d:e4:0c:93:6f:e1:47:82:62:cb:45:
7b:f3:a5:48:38:cb:99:ac:b7:0d:89:8f:b1:29:f1:ff:9b:8d:
d4:8f:6f:f1:26:11:40:51:f9:42:5e:a2:43:f4:5e:f5:83:2c:
23:a3:d1:7b:ef:75:b1:b3:2e:25:83:07:85:d9:f1:36:7e:52:
14:bb:05:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0iwGndVDn5VsFvBK5Rw7WuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE5MTcyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzZkYTNmZmIyMmZjNjA4ZGY0YWI1YzE0NDgzNzJkZDUyNDY1YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtm32nlJUvMHqf1fudg8FYnCcpNX
EJ0nD9OkQZlpg6MOd0uVgKnhA1jT7GRb8X3D0YBUmeFpKRr+tZIWWcPddcNH4mgN
9C1NiylNVQ2qL2EVj1yldzUi6EAsVbnK+cBblGnWqYEqUVPTvk46e8Q7ZTFd1Aek
e7xp/ZD2HxfOXdlOAXEx4vZxGyAy4dFSuWP9TuH7HXuxwu8kYumuf8mbmvRvr9sl
CdPfFY0+Ml4aD1J/2M1wKnwytyayFDrMJhceHCzQQ8GzgEC2U5ab4EORe4COr+1X
XabHTPiWkH5PDDA2wD5h3xj6abPOjPQXd1FdK0pelPyUE6UckTmIuR/WZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOdto/+yL8YI30q1wUSDct1SRlutMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNTIyal83SXZ4Z2pmU3JYQlJJTnkzVkpHVzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwFAwQA
wocSAwQAwocgMA0GCSqGSIb3DQEBCwUAA4IBAQA21UsxMFxQzD9hAphP8gN/8h6D
n2ktyc5Rf3JN0081H4bJv4u7qi4DRCK84MvNBvVs3QvMyr3CNTd8qY8Le4v3MMoq
wsjnBpOLWhMgt4yajqbgnHhODqIiNTW53dVKtcpzZpzHDUm8J2ZtzsS+wnmz7gZo
kJJw+5dA0howgGjcyOqpq4/fP3B6hA/egmd5HW5+W+H3VwD42MvETkUqbzY42f6V
zSYbdCYzW1wcDOvdZ3a6onjtUD4XF/FcbeQMk2/hR4Jiy0V786VIOMuZrLcNiY+x
KfH/m43Uj2/xJhFAUflCXqJD9F71gywjo9F773Wxsy4lgweF2fE2flIUuwVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org