Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7BNBtAiw9WZt4W52CGAenXFJeew.roa
File: 7BNBtAiw9WZt4W52CGAenXFJeew.roa (raw, json)
Hash identifier: PaRoVlHhr+KkLniXFh1Uc3oHWKr7bcZfKnU/lbcP3Qg=
Subject key identifier: EC:13:41:B4:08:B0:F5:66:6D:E1:6E:76:08:60:1E:9D:71:49:79:EC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C7CA3EA2345E95BF042BA42177EA80921
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7BNBtAiw9WZt4W52CGAenXFJeew.roa
Signing time: Mon 18 Dec 2023 11:16:06 +0000
ROA not before: Mon 18 Dec 2023 11:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 62.76.227.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.66.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 18:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:a3:ea:23:45:e9:5b:f0:42:ba:42:17:7e:a8:09:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 18 11:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec1341b408b0f5666de16e7608601e9d714979ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3d:41:45:c0:3e:6a:60:b0:bf:29:a6:b3:e9:
85:a6:71:bf:78:9c:32:1c:90:f4:83:15:d9:0d:8c:
32:b9:88:bf:72:4c:5f:f6:b7:ee:c6:f0:ac:90:00:
11:ab:26:74:f8:2a:69:f3:e1:a2:c4:fc:d8:67:69:
ee:d0:02:05:0c:5f:e3:93:f2:9d:89:8e:7c:15:dd:
32:ac:44:da:de:39:ed:93:9b:d7:36:9d:37:ea:30:
aa:7a:ad:5f:cc:50:29:5c:2d:a6:aa:39:73:53:ba:
7a:49:24:27:31:bb:a3:9b:a5:c5:e1:34:31:fe:16:
64:40:2f:d2:a3:9f:1b:85:84:d3:96:d1:40:0d:a7:
6c:3f:9a:54:27:39:20:31:a2:ee:a4:d5:ed:43:00:
44:ac:6b:c3:0a:0c:c7:5a:2f:64:3f:55:ea:b3:dd:
b8:b9:a5:fe:86:88:07:28:95:8c:99:33:8f:f3:51:
92:51:13:63:d6:a8:64:dd:fa:fb:aa:41:08:fe:20:
0c:bb:f3:7d:d9:d5:df:f0:59:b2:23:f8:8b:51:3f:
a0:e6:34:dd:f9:f7:90:7c:a0:cf:27:58:78:83:8c:
7d:9f:fd:e8:3d:e6:5b:00:17:ed:5d:a3:b8:b5:b4:
b6:b5:ad:7e:09:36:76:f1:2e:be:75:46:3d:a5:0e:
6e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:41:B4:08:B0:F5:66:6D:E1:6E:76:08:60:1E:9D:71:49:79:EC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7BNBtAiw9WZt4W52CGAenXFJeew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.58.66.0/24
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.58.38.0/24
195.133.25.0/24
195.133.27.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
12:79:46:24:22:75:16:c0:bd:e3:e0:8f:a5:2a:20:50:75:b7:
e8:ec:a4:8a:71:39:61:8a:e2:e8:f0:0a:63:50:45:27:e4:91:
69:d7:e3:5f:01:36:07:d5:24:a3:99:67:d7:1f:7e:1d:00:f2:
a9:a4:cd:36:89:bc:42:33:88:82:40:c8:2f:25:57:e0:4d:a5:
0f:52:46:fa:bb:2a:ba:cd:4d:12:77:9a:90:19:15:22:5b:3c:
04:1a:1c:16:e0:84:03:85:14:49:f6:da:34:fe:c2:8f:4e:84:
40:b7:19:83:94:16:8f:de:45:1a:df:92:7b:0c:90:1c:83:27:
12:ef:b8:1a:84:ce:44:64:6e:23:53:01:3b:af:16:c5:79:13:
fb:e0:da:8f:b5:e5:71:6e:a3:95:b0:e9:5b:89:a3:47:b8:41:
a2:6d:14:23:21:4b:59:77:87:3a:89:b6:44:b0:83:f2:7f:05:
a2:3e:a1:6f:3c:db:f4:27:dd:b4:06:ae:5f:b7:b3:c9:71:ca:
65:ae:0a:f2:a9:f1:d3:31:63:63:c3:ea:5f:65:23:2a:f3:46:
05:95:bb:30:38:9c:ae:57:fc:f2:ea:e2:1e:e0:bf:bb:da:73:
0b:b5:11:6a:6a:28:a1:58:bc:98:7f:7c:8a:34:0d:dc:ad:5e:
3c:40:da:90
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYx8o+ojRelb8EK6Qhd+qAkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE4MTExNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzNDFiNDA4YjBmNTY2NmRlMTZlNzYwODYwMWU5ZDcxNDk3OWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij1BRcA+amCwvymms+mFpnG/eJwy
HJD0gxXZDYwyuYi/ckxf9rfuxvCskAARqyZ0+Cpp8+GixPzYZ2nu0AIFDF/jk/Kd
iY58Fd0yrETa3jntk5vXNp036jCqeq1fzFApXC2mqjlzU7p6SSQnMbujm6XF4TQx
/hZkQC/So58bhYTTltFADadsP5pUJzkgMaLupNXtQwBErGvDCgzHWi9kP1Xqs924
uaX+hogHKJWMmTOP81GSURNj1qhk3fr7qkEI/iAMu/N92dXf8FmyI/iLUT+g5jTd
+feQfKDPJ1h4g4x9n/3oPeZbABftXaO4tbS2ta1+CTZ28S6+dUY9pQ5uBQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOwTQbQIsPVmbeFudghgHp1xSXnsMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0JOQnRBaXc5V1p0NFc1MkNHQWVuWEZKZWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkzjAwQA
wjpCAwQAwlcoAwQAwldCAwQAwzojAwQAwzomAwQAw4UZAwQAw4UbAwQA1MD+MA0G
CSqGSIb3DQEBCwUAA4IBAQASeUYkInUWwL3j4I+lKiBQdbfo7KSKcTlhiuLo8Apj
UEUn5JFp1+NfATYH1SSjmWfXH34dAPKppM02ibxCM4iCQMgvJVfgTaUPUkb6uyq6
zU0Sd5qQGRUiWzwEGhwW4IQDhRRJ9to0/sKPToRAtxmDlBaP3kUa35J7DJAcgycS
77gahM5EZG4jUwE7rxbFeRP74NqPteVxbqOVsOlbiaNHuEGibRQjIUtZd4c6ibZE
sIPyfwWiPqFvPNv0J920Bq5ft7PJccplrgryqfHTMWNjw+pfZSMq80YFlbswOJyu
V/zy6uIe4L+72nMLtRFqaiihWLyYf3yKNA3crV48QNqQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org