Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5SNuhvFUl9RmF2KYLWlpgk5B-ds.roa
File: 5SNuhvFUl9RmF2KYLWlpgk5B-ds.roa (raw, json)
Hash identifier: WFPb+5UukubcL+uPZhqBVIux/Bkc/lC6/c95BrLaHSQ=
Subject key identifier: E5:23:6E:86:F1:54:97:D4:66:17:62:98:2D:69:69:82:4E:41:F9:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187FB7FBCD21A8DF385016E607C54903E3E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5SNuhvFUl9RmF2KYLWlpgk5B-ds.roa
Signing time: Mon 08 May 2023 13:14:25 +0000
ROA not before: Mon 08 May 2023 13:14:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 13:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:7f:bc:d2:1a:8d:f3:85:01:6e:60:7c:54:90:3e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 8 13:14:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5236e86f15497d4661762982d6969824e41f9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f2:5c:70:e3:48:68:01:22:79:fd:bb:b8:37:
91:c9:b3:21:2d:f1:8f:a6:62:0f:8a:fb:51:b4:fd:
da:90:79:f0:ff:3a:eb:20:79:1e:20:d1:33:49:1e:
ff:94:07:e5:33:17:88:73:1b:4a:8d:08:ad:cd:ee:
5d:e4:a0:ff:cf:9d:fc:4d:88:41:49:a8:82:7e:d8:
bc:9f:61:a3:e1:9d:39:a8:04:05:ec:c9:77:67:5a:
37:dc:a0:80:69:37:0d:39:e4:29:5c:de:f6:f3:b0:
2c:04:24:53:aa:9c:91:a1:43:81:e9:47:c1:6c:8c:
6a:f1:99:a6:28:bc:c2:b0:90:37:66:d7:72:f4:13:
15:3f:90:00:5d:21:3c:25:69:fd:22:db:bb:62:61:
53:49:b7:2f:47:24:c0:e6:5c:2b:8f:39:8b:f0:15:
23:31:6e:c3:59:89:cc:21:d0:fe:c2:b6:46:6e:5d:
89:a3:83:0f:3f:ab:d3:b3:9b:8c:95:6f:77:88:94:
46:e0:b5:a7:6a:58:59:46:75:fb:af:ac:90:35:3d:
af:b6:b6:54:2b:76:78:a5:56:27:69:0a:7e:b1:86:
47:2c:18:b8:56:d7:f4:33:d5:0a:8a:b8:83:ab:2f:
b0:3b:5b:55:b8:be:9a:d6:1f:5b:59:ff:ae:c3:13:
2e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:23:6E:86:F1:54:97:D4:66:17:62:98:2D:69:69:82:4E:41:F9:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5SNuhvFUl9RmF2KYLWlpgk5B-ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.249.0-194.85.250.255
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
63:68:ca:0b:e7:27:a9:47:cd:aa:df:9c:6c:5e:a5:a0:86:52:
66:8b:c5:61:5d:13:63:90:f9:d9:53:44:3b:ea:5d:b6:9f:9c:
78:0f:fa:8c:7a:03:2d:27:f0:d3:a9:ec:f2:c2:75:fe:72:5a:
45:8a:e7:88:86:9c:d9:c1:75:4b:57:a4:65:2c:7a:b6:39:d8:
cc:94:0b:a4:c7:20:09:54:5e:13:98:cc:05:b7:5d:ba:bc:b3:
47:00:83:ac:e9:fd:8e:94:d7:fa:00:77:04:17:e5:1e:a4:c3:
4e:fb:75:5f:fe:f2:06:17:b9:b5:ed:f7:46:fa:d9:fd:16:71:
ed:60:e4:c7:c1:56:9c:f7:e5:c5:ef:ee:4f:5b:ca:e5:df:ff:
db:32:42:5c:22:a3:ca:97:8e:07:f3:6c:31:a7:c2:31:6c:20:
eb:ff:bd:30:d1:81:4a:aa:30:cb:5c:b5:22:38:15:2c:b4:6d:
90:3b:97:b7:c7:58:19:10:55:16:f6:53:6e:4e:ac:ff:2d:7e:
83:54:9b:a7:7a:af:95:1f:98:99:fa:32:21:96:84:85:02:1c:
ab:2e:a6:83:0d:b9:f7:aa:7b:4f:d8:9b:a0:3f:8c:95:be:9f:
02:31:e9:e3:fe:cd:69:06:b1:5d:de:a4:1f:9a:31:03:bb:3c:
ff:0e:82:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYf7f7zSGo3zhQFuYHxUkD4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTA4MTMxNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIzNmU4NmYxNTQ5N2Q0NjYxNzYyOTgyZDY5Njk4MjRlNDFmOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvJccONIaAEief27uDeRybMhLfGP
pmIPivtRtP3akHnw/zrrIHkeINEzSR7/lAflMxeIcxtKjQitze5d5KD/z538TYhB
SaiCfti8n2Gj4Z05qAQF7Ml3Z1o33KCAaTcNOeQpXN7287AsBCRTqpyRoUOB6UfB
bIxq8ZmmKLzCsJA3Ztdy9BMVP5AAXSE8JWn9Itu7YmFTSbcvRyTA5lwrjzmL8BUj
MW7DWYnMIdD+wrZGbl2Jo4MPP6vTs5uMlW93iJRG4LWnalhZRnX7r6yQNT2vtrZU
K3Z4pVYnaQp+sYZHLBi4Vtf0M9UKiriDqy+wO1tVuL6a1h9bWf+uwxMuHwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOUjbobxVJfUZhdimC1paYJOQfnbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNVNOdWh2RlVsOVJtRjJLWUxXbHBnazVCLWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBADCVfkD
BADCVfoDBADDhScwDAMEANTA9QMEANTA9jANBgkqhkiG9w0BAQsFAAOCAQEAY2jK
C+cnqUfNqt+cbF6loIZSZovFYV0TY5D52VNEO+pdtp+ceA/6jHoDLSfw06ns8sJ1
/nJaRYrniIac2cF1S1ekZSx6tjnYzJQLpMcgCVReE5jMBbdduryzRwCDrOn9jpTX
+gB3BBflHqTDTvt1X/7yBhe5te33RvrZ/RZx7WDkx8FWnPflxe/uT1vK5d//2zJC
XCKjypeOB/NsMafCMWwg6/+9MNGBSqowy1y1IjgVLLRtkDuXt8dYGRBVFvZTbk6s
/y1+g1Sbp3qvlR+YmfoyIZaEhQIcqy6mgw2596p7T9iboD+Mlb6fAjHp4/7NaQax
Xd6kH5oxA7s8/w6Cpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org