Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5tmMK-8y2YXZs_-UVesa67qo-r8.roa
File: 5tmMK-8y2YXZs_-UVesa67qo-r8.roa (raw, json)
Hash identifier: qshRxZazpSGFZK8bOax2uCUuLJr2aeQd70R5qQsutsI=
Subject key identifier: E6:D9:8C:2B:EF:32:D9:85:D9:B3:FF:94:55:EB:1A:EB:BA:A8:FA:BF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191C9034F12E8F49691E11EE304FEB933E7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5tmMK-8y2YXZs_-UVesa67qo-r8.roa
Signing time: Fri 06 Sep 2024 20:25:22 +0000
ROA not before: Fri 06 Sep 2024 20:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.58.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 07 Sep 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c9:03:4f:12:e8:f4:96:91:e1:1e:e3:04:fe:b9:33:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 20:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d98c2bef32d985d9b3ff9455eb1aebbaa8fabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3e:24:f5:55:1c:f0:da:4b:e1:f4:27:e8:19:
c2:73:a7:98:05:f5:60:3d:8c:35:87:be:7f:de:10:
c1:12:44:9f:a0:dd:b7:15:b9:2e:d1:7f:0e:6b:d4:
fd:a0:0d:0e:57:67:41:31:b8:8f:1e:a9:bc:fc:e2:
80:90:82:31:c6:30:6d:ea:1b:9d:2e:96:d5:ef:98:
b5:1e:c9:b8:f1:be:7a:3c:b8:b3:24:a5:cc:6c:7a:
64:01:7e:63:54:18:6a:f5:73:36:59:2b:04:47:98:
ad:52:43:7b:52:fc:cd:dd:6d:86:5f:8b:90:f5:0f:
06:c8:99:84:ad:6a:f6:fd:77:1d:82:5d:a4:bc:95:
a3:c0:67:e7:e0:a8:3c:3a:33:21:8a:11:a3:1c:b5:
cf:f7:5e:1b:c4:01:4e:11:05:cf:ed:1e:d3:34:3f:
b0:91:06:1d:b2:7a:e8:4e:e5:29:10:93:59:14:8e:
c2:7e:63:3d:ee:87:f7:6d:25:87:24:23:dc:ba:e6:
f2:0d:fd:72:48:ed:c4:54:ea:c5:48:d8:c3:93:27:
4d:12:d3:ee:fd:18:79:2b:93:6d:87:2b:58:64:80:
b1:24:1e:59:dc:9b:00:20:b9:24:9a:f7:2b:2a:7d:
3e:23:c1:b4:be:e4:d8:3b:98:95:7a:64:90:21:04:
25:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D9:8C:2B:EF:32:D9:85:D9:B3:FF:94:55:EB:1A:EB:BA:A8:FA:BF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5tmMK-8y2YXZs_-UVesa67qo-r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
194.58.155.0/24
194.87.29.0/24
194.87.58.0/23
194.87.169.0/24
195.133.24.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.192.208.0/24
212.193.25.0-212.193.27.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
67:91:b4:68:74:c6:a6:51:5c:e6:94:f7:3a:39:eb:27:7e:1f:
66:13:bd:ba:ca:55:37:1a:4c:34:7f:b1:b9:c9:05:f4:96:4a:
28:d6:17:8a:48:56:b7:e8:7d:dc:a9:23:a1:b2:26:da:f3:06:
27:4f:fc:13:ca:7e:53:98:31:9d:62:c6:e6:ce:1d:45:28:46:
96:48:d9:07:9b:b5:bc:e5:e2:32:21:6b:df:a7:58:2d:dc:b3:
2b:08:bd:0a:b3:83:d5:a6:af:2a:1e:c0:79:30:fb:0a:67:c5:
54:e1:08:e0:84:cf:4a:6d:d9:ad:63:25:64:2e:9d:42:19:16:
51:22:f2:74:ac:51:e6:dc:d6:d6:2d:7b:84:b9:2c:42:d8:c8:
b8:81:9b:a5:a1:63:5e:da:fc:57:4d:d9:b7:8e:97:ec:e5:8f:
b6:f3:1f:af:e3:ff:25:39:36:09:9d:96:15:e2:b4:d3:b0:60:
db:37:1a:b5:e5:e1:95:02:76:b0:ea:8d:88:38:50:c6:4b:45:
13:b5:85:3d:44:9e:7e:f8:50:c6:8b:19:ae:cc:d4:64:6a:98:
cd:23:d1:dc:84:c1:c7:19:60:1a:03:eb:79:a9:7f:ef:82:8b:
6d:37:0a:f3:28:37:43:a1:9a:28:31:ee:88:b0:e8:19:c1:32:
4f:f9:a6:a3
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZHJA08S6PSWkeEe4wT+uTPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA2MjAyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ5OGMyYmVmMzJkOTg1ZDliM2ZmOTQ1NWViMWFlYmJhYThmYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD4k9VUc8NpL4fQn6BnCc6eYBfVg
PYw1h75/3hDBEkSfoN23Fbku0X8Oa9T9oA0OV2dBMbiPHqm8/OKAkIIxxjBt6hud
LpbV75i1Hsm48b56PLizJKXMbHpkAX5jVBhq9XM2WSsER5itUkN7UvzN3W2GX4uQ
9Q8GyJmErWr2/Xcdgl2kvJWjwGfn4Kg8OjMhihGjHLXP914bxAFOEQXP7R7TND+w
kQYdsnroTuUpEJNZFI7CfmM97of3bSWHJCPcuubyDf1ySO3EVOrFSNjDkydNEtPu
/Rh5K5NthytYZICxJB5Z3JsAILkkmvcrKn0+I8G0vuTYO5iVemSQIQQliQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFObZjCvvMtmF2bP/lFXrGuu6qPq/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNXRtTUstOHkyWVhac18tVVZlc2E2N3FvLXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQAwHysAwQA
wjqbAwQAwlcdAwQBwlc6AwQAwlepAwQBw4UYAwQBw4UyAwQBw4VcAwQA1MABAwQA
1MDQMAwDBADUwRkDBALUwRgwFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3
DQEBCwUAA4IBAQBnkbRodMamUVzmlPc6Oesnfh9mE726ylU3Gkw0f7G5yQX0lkoo
1heKSFa36H3cqSOhsiba8wYnT/wTyn5TmDGdYsbmzh1FKEaWSNkHm7W85eIyIWvf
p1gt3LMrCL0Ks4PVpq8qHsB5MPsKZ8VU4QjghM9KbdmtYyVkLp1CGRZRIvJ0rFHm
3NbWLXuEuSxC2Mi4gZuloWNe2vxXTdm3jpfs5Y+28x+v4/8lOTYJnZYV4rTTsGDb
Nxq15eGVAnaw6o2IOFDGS0UTtYU9RJ5++FDGixmuzNRkapjNI9HchMHHGWAaA+t5
qX/vgottNwrzKDdDoZooMe6IsOgZwTJP+aaj
-----END CERTIFICATE-----
Generated at Sat Sep 7 12:34:16 2024 by rpki-client on console-fra.rpki-client.org