Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Aghi6l8MA6zzQr6uKCUsuRb_WA.roa
File: 7Aghi6l8MA6zzQr6uKCUsuRb_WA.roa (raw, json)
Hash identifier: HziJo7Tx0lQb99Fn5VJ/7kiD7f55zyIuAdJr56xHPEw=
Subject key identifier: EC:08:21:8B:A9:7C:30:0E:B3:CD:0A:FA:B8:A0:94:B2:E4:5B:FD:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018824AA40B4FE2DF285843E2588A2EF2911
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Aghi6l8MA6zzQr6uKCUsuRb_WA.roa
Signing time: Tue 16 May 2023 13:05:17 +0000
ROA not before: Tue 16 May 2023 13:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Jun 2023 17:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:aa:40:b4:fe:2d:f2:85:84:3e:25:88:a2:ef:29:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 16 13:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec08218ba97c300eb3cd0afab8a094b2e45bfd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d7:10:e5:aa:7c:03:2b:6f:1e:f5:d9:57:25:
ac:26:61:3c:14:7a:9d:ae:29:01:db:06:c8:13:23:
dc:d1:36:08:4a:cc:25:2e:83:4e:9f:68:80:7a:d0:
da:dd:d9:55:84:3e:05:7e:c6:57:f6:6c:fa:a8:ad:
e7:78:f4:36:64:24:1e:d3:7c:4b:fd:11:5d:d8:58:
98:10:c2:da:e3:cb:83:a3:08:4e:78:9b:28:1a:e2:
1c:15:5c:db:a8:8e:94:c3:76:36:77:9f:c9:d1:df:
a7:22:07:47:19:cb:cc:9d:f7:9e:c6:63:fe:3f:88:
d8:9c:ae:49:a1:fb:20:25:40:8f:d3:2c:9d:d7:d9:
9d:ad:75:c6:16:9f:9e:eb:a7:97:49:a1:43:7c:09:
62:3e:95:70:fb:5f:d7:f3:6b:16:31:8d:cd:79:41:
d1:27:b3:46:30:24:eb:9f:21:39:0d:49:45:ef:15:
10:45:5b:c5:aa:76:5c:c3:79:de:ad:4f:f7:3a:9d:
56:67:a7:80:fe:5d:cf:d9:25:e0:6e:b8:6b:fa:ec:
94:a5:3f:d4:7d:93:72:ac:f1:d9:ba:b9:0b:a9:f2:
91:b3:69:58:2d:08:a2:5d:e2:8d:72:91:f1:07:d6:
91:bc:30:ba:a9:f1:27:0b:b5:b2:5e:40:1f:25:62:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:08:21:8B:A9:7C:30:0E:B3:CD:0A:FA:B8:A0:94:B2:E4:5B:FD:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7Aghi6l8MA6zzQr6uKCUsuRb_WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.85.0/24
194.87.87.0/24
194.87.151.0/24
195.133.38.0/24
212.192.242.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
92:87:2c:f6:9f:b1:ff:61:9d:9e:03:35:03:b7:15:ea:3f:8e:
c9:57:3c:79:40:a3:82:dd:eb:6b:f1:9a:e2:0c:03:64:8f:f5:
ab:53:1d:f4:4d:99:58:32:9a:05:0a:bc:4a:a0:e2:b5:7e:30:
ab:3f:99:3a:a1:1c:93:e6:79:aa:44:eb:5d:84:b8:82:98:af:
fa:e8:8c:a5:d0:35:f8:7c:f5:3b:70:3f:1e:bf:88:4a:9e:44:
00:8d:7c:a5:4a:d6:91:e6:35:3e:f4:b4:24:92:3a:3b:a6:1d:
15:c0:64:2e:fc:be:a6:34:03:ee:54:5b:58:b2:81:c7:53:3d:
7a:c3:41:88:a0:85:6d:f0:25:79:d0:8f:38:f5:82:81:f9:03:
4c:04:2a:61:14:71:2d:a2:61:15:0d:59:9e:1d:45:5f:1d:3f:
20:2e:d2:09:96:a1:eb:f4:78:43:8a:e9:3f:ba:21:71:59:47:
7b:bf:72:16:1d:7b:d9:2b:36:06:c6:c3:b8:12:fd:bd:f7:10:
9d:cd:ef:f6:71:ee:b0:b2:69:a2:01:09:b2:d8:f7:43:9d:ff:
89:0b:62:76:19:d5:46:a5:d5:7d:6f:51:25:dc:53:a2:d1:4f:
09:18:0f:0d:c6:a9:3c:d1:7c:71:ad:43:aa:a4:77:17:d8:66:
ee:71:8d:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgkqkC0/i3yhYQ+JYii7ykRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE2MTMwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzA4MjE4YmE5N2MzMDBlYjNjZDBhZmFiOGEwOTRiMmU0NWJmZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitcQ5ap8AytvHvXZVyWsJmE8FHqd
rikB2wbIEyPc0TYISswlLoNOn2iAetDa3dlVhD4FfsZX9mz6qK3nePQ2ZCQe03xL
/RFd2FiYEMLa48uDowhOeJsoGuIcFVzbqI6Uw3Y2d5/J0d+nIgdHGcvMnfeexmP+
P4jYnK5JofsgJUCP0yyd19mdrXXGFp+e66eXSaFDfAliPpVw+1/X82sWMY3NeUHR
J7NGMCTrnyE5DUlF7xUQRVvFqnZcw3nerU/3Op1WZ6eA/l3P2SXgbrhr+uyUpT/U
fZNyrPHZurkLqfKRs2lYLQiiXeKNcpHxB9aRvDC6qfEnC7WyXkAfJWIdTQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOwIIYupfDAOs80K+riglLLkW/1gMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0FnaGk2bDhNQTZ6elFyNnVLQ1VzdVJiX1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwldVAwQA
wldXAwQAwleXAwQAw4UmAwQA1MDyAwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQCS
hyz2n7H/YZ2eAzUDtxXqP47JVzx5QKOC3etr8ZriDANkj/WrUx30TZlYMpoFCrxK
oOK1fjCrP5k6oRyT5nmqROtdhLiCmK/66Iyl0DX4fPU7cD8ev4hKnkQAjXylStaR
5jU+9LQkkjo7ph0VwGQu/L6mNAPuVFtYsoHHUz16w0GIoIVt8CV50I849YKB+QNM
BCphFHEtomEVDVmeHUVfHT8gLtIJlqHr9HhDiuk/uiFxWUd7v3IWHXvZKzYGxsO4
Ev299xCdze/2ce6wsmmiAQmy2PdDnf+JC2J2GdVGpdV9b1El3FOi0U8JGA8Nxqk8
0XxxrUOqpHcX2GbucY08
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org