Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6y0QlVhGn_BxhOz8utZYrPlrIMs.roa
File: 6y0QlVhGn_BxhOz8utZYrPlrIMs.roa (raw, json)
Hash identifier: Oh3tTjoMxShGY7rP9wAZL5nL8zUO1Dx6pfqn8JSWzr8=
Subject key identifier: EB:2D:10:95:58:46:9F:F0:71:84:EC:FC:BA:D6:58:AC:F9:6B:20:CB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A4C7F1AF8B7C26DE39DAF23134536447
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6y0QlVhGn_BxhOz8utZYrPlrIMs.roa
Signing time: Thu 12 Jan 2023 07:00:44 +0000
ROA not before: Thu 12 Jan 2023 07:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 195.133.73.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 09:44:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a4:c7:f1:af:8b:7c:26:de:39:da:f2:31:34:53:64:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 07:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb2d109558469ff07184ecfcbad658acf96b20cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dd:0a:74:06:7b:23:71:4f:2b:40:5f:aa:d9:
60:81:66:35:e9:b6:b5:f8:c7:a5:a1:cd:23:0e:a2:
c3:54:45:b0:d9:ef:bd:34:a9:38:00:55:ce:0e:25:
ec:5c:0b:00:eb:71:0d:39:ab:19:71:af:b1:d3:03:
51:37:39:0a:b5:4a:53:49:78:98:a2:b5:75:f2:56:
58:ce:d6:97:bb:f6:49:99:fe:57:99:4e:f1:40:a9:
c3:da:3f:30:35:19:71:34:be:39:49:08:a1:b4:5f:
2f:80:6d:2c:93:54:49:80:d0:db:fb:48:a9:2a:aa:
76:b9:71:68:64:f6:d0:27:f8:5c:66:1d:d2:22:b2:
b2:00:ea:c4:a2:3b:66:8d:07:9e:30:9e:3b:c9:ea:
1d:a7:9c:91:05:95:ed:1e:e2:01:a4:89:9a:77:23:
33:20:45:90:14:8f:09:f9:9e:bd:b3:d4:f0:80:8d:
b4:95:d6:cb:5e:26:d0:57:b5:1a:b8:b3:c3:21:1e:
30:d4:92:a9:e6:6e:f3:a1:8c:0d:77:69:55:f0:da:
81:77:58:2e:f7:49:7f:cc:b2:db:ea:b1:d0:37:1c:
53:42:43:63:f6:d4:c4:88:6c:e0:9a:eb:a5:6d:8c:
86:c1:56:69:ba:b6:76:6f:f4:04:96:d7:f9:0a:0c:
d4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2D:10:95:58:46:9F:F0:71:84:EC:FC:BA:D6:58:AC:F9:6B:20:CB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6y0QlVhGn_BxhOz8utZYrPlrIMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.47.0/24
194.87.162.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c7:94:22:8e:81:fc:f1:4b:98:6a:fe:a9:75:a1:ec:9e:86:
f1:c1:93:78:62:c6:7a:c1:5d:14:28:68:f4:78:19:02:05:bc:
bb:05:a8:26:ea:8b:86:37:f2:41:5c:42:b7:a1:f2:92:a9:34:
b7:f5:5d:c5:20:61:c7:94:c5:66:56:03:4d:8b:44:b6:6e:93:
76:be:54:93:4e:65:dc:18:7a:b6:6d:cd:f1:0d:96:d6:79:a7:
f4:b7:70:ff:fd:5f:7b:2f:bb:49:4d:3d:77:a7:a3:1a:a6:6e:
d9:69:24:1f:62:73:17:11:b0:8d:53:87:e9:e6:84:51:ba:be:
03:91:85:cb:f8:29:cc:91:cb:07:5c:14:76:9a:45:01:54:61:
35:1e:dc:66:8f:0f:ea:4b:eb:49:50:39:e3:a1:bc:ad:19:a6:
67:08:0a:d5:eb:69:9a:94:2c:92:21:eb:e5:9f:32:9a:cb:74:
0f:ef:03:78:f7:ba:4f:33:95:0f:e9:40:b7:12:31:ca:dd:17:
03:d0:ca:1e:49:06:2f:35:87:09:91:32:17:d3:17:5d:ad:22:
fa:50:4e:fd:46:15:e7:0c:97:07:fb:3a:28:97:07:eb:8a:f2:
e9:23:07:eb:32:da:13:e4:09:7d:5c:da:ed:d3:43:5c:ab:06:
7a:c9:ab:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWkx/Gvi3wm3jna8jE0U2RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMDcwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJkMTA5NTU4NDY5ZmYwNzE4NGVjZmNiYWQ2NThhY2Y5NmIyMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht0KdAZ7I3FPK0BfqtlggWY16ba1
+Meloc0jDqLDVEWw2e+9NKk4AFXODiXsXAsA63ENOasZca+x0wNRNzkKtUpTSXiY
orV18lZYztaXu/ZJmf5XmU7xQKnD2j8wNRlxNL45SQihtF8vgG0sk1RJgNDb+0ip
Kqp2uXFoZPbQJ/hcZh3SIrKyAOrEojtmjQeeMJ47yeodp5yRBZXtHuIBpImadyMz
IEWQFI8J+Z69s9TwgI20ldbLXibQV7UauLPDIR4w1JKp5m7zoYwNd2lV8NqBd1gu
90l/zLLb6rHQNxxTQkNj9tTEiGzgmuulbYyGwVZpurZ2b/QEltf5CgzUxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOstEJVYRp/wcYTs/LrWWKz5ayDLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNnkwUWxWaEduX0J4aE96OHV0WllyUGxySU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwvAwQA
wleiAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQAux5QijoH88UuYav6p
daHsnobxwZN4YsZ6wV0UKGj0eBkCBby7Bagm6ouGN/JBXEK3ofKSqTS39V3FIGHH
lMVmVgNNi0S2bpN2vlSTTmXcGHq2bc3xDZbWeaf0t3D//V97L7tJTT13p6Mapm7Z
aSQfYnMXEbCNU4fp5oRRur4DkYXL+CnMkcsHXBR2mkUBVGE1Htxmjw/qS+tJUDnj
obytGaZnCArV62malCySIevlnzKay3QP7wN497pPM5UP6UC3EjHK3RcD0MoeSQYv
NYcJkTIX0xddrSL6UE79RhXnDJcH+zoolwfrivLpIwfrMtoT5Al9XNrt00NcqwZ6
yavo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org