Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7LGsUSfH_1PgqN7Hly3Fy_e-1u4.roa
File: 7LGsUSfH_1PgqN7Hly3Fy_e-1u4.roa (raw, json)
Hash identifier: oKSZnCwr19cD5AXZf6hiQwNDolQQJA0rZ+OjsPGHZ4k=
Subject key identifier: EC:B1:AC:51:27:C7:FF:53:E0:A8:DE:C7:97:2D:C5:CB:F7:BE:D6:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F58707822A074FCF6D36FA0D81E38DC23
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7LGsUSfH_1PgqN7Hly3Fy_e-1u4.roa
Signing time: Wed 08 May 2024 13:41:56 +0000
ROA not before: Wed 08 May 2024 13:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 11 May 2024 09:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:70:78:22:a0:74:fc:f6:d3:6f:a0:d8:1e:38:dc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 8 13:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecb1ac5127c7ff53e0a8dec7972dc5cbf7bed6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cc:d6:ce:a6:08:1d:32:fc:f2:13:c3:b6:fa:
8a:6d:60:52:7b:69:cb:92:ce:b0:35:05:eb:71:a6:
87:e4:03:1b:4c:cc:40:ab:5f:a9:7f:d9:fc:7b:d6:
69:2b:ed:66:36:dd:3c:54:4f:05:fb:a2:58:be:cd:
09:f0:a0:de:7e:3f:c5:84:61:ea:69:ec:ff:1e:f4:
bf:cd:ac:a5:43:ea:55:46:d8:e3:19:f1:5d:d4:23:
d8:ed:1e:5d:ff:29:83:d6:c9:ae:46:d7:0b:38:96:
a3:16:37:09:c8:06:f7:3c:b3:7d:14:81:e6:1d:be:
4f:f7:84:5a:4f:3f:78:f8:49:95:17:cc:03:5b:92:
5d:5c:a7:a6:aa:03:a4:75:cb:c7:05:71:19:5b:6f:
90:29:f5:ea:47:9b:dd:81:1d:4b:e6:62:95:cf:d0:
98:77:62:3c:51:8d:a2:4e:10:11:66:8e:5c:4f:77:
a5:42:5b:dd:2a:db:3d:17:56:a0:ff:4b:69:cf:a9:
b1:a5:36:14:76:d3:77:a1:c2:09:38:3b:db:db:d2:
95:3d:1b:a8:bb:43:65:52:c9:08:6f:42:92:9c:3a:
ba:51:de:71:9f:e1:64:30:3f:1a:27:f3:c1:39:e0:
81:4f:e8:b0:38:24:b4:6f:bd:9e:5c:f2:75:61:27:
99:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B1:AC:51:27:C7:FF:53:E0:A8:DE:C7:97:2D:C5:CB:F7:BE:D6:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7LGsUSfH_1PgqN7Hly3Fy_e-1u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
195.133.38.0/24
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
82:3d:36:d5:c7:05:24:9e:28:e3:c2:74:61:a3:73:28:da:8e:
87:62:12:2c:77:28:34:58:a4:d3:67:2d:91:6b:45:f8:7c:73:
ad:1f:36:f8:39:cd:51:7c:7d:17:de:7c:20:c4:94:40:3e:3a:
09:ea:87:72:6a:76:2b:37:41:69:56:ee:77:f7:f1:0f:77:5b:
30:b3:e3:a9:d2:56:a5:10:94:9c:69:11:2e:1f:3c:8e:a1:45:
b1:05:4e:48:ee:b9:f2:42:fc:16:ba:fb:6b:c4:ab:06:3e:bf:
a2:12:5b:68:cd:e8:c4:05:be:5f:0b:2e:d6:87:ed:e0:d4:1d:
52:96:51:0f:ab:ce:e8:af:04:7b:63:bb:e7:74:5b:a0:be:d3:
10:7a:a0:ac:8f:b3:e9:c8:7f:43:17:b1:32:c0:5e:f1:b4:d0:
4f:d0:ac:09:a6:bf:c3:80:3d:91:33:1c:79:99:5e:4f:49:ea:
37:b8:fc:b3:c3:e7:c7:6d:27:4b:18:35:8c:ed:a0:fd:c4:d9:
46:8e:b8:b0:aa:38:64:90:19:38:6b:29:bb:24:e9:87:87:78:
fa:99:bf:76:1a:87:5e:d7:11:97:fd:36:82:99:02:a3:57:da:
5c:1b:2d:0f:79:30:2a:79:d0:85:b7:b6:8a:e2:2c:4b:dc:c8:
06:e2:d0:cc
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY9YcHgioHT89tNvoNgeONwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTA4MTM0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IxYWM1MTI3YzdmZjUzZTBhOGRlYzc5NzJkYzVjYmY3YmVkNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqszWzqYIHTL88hPDtvqKbWBSe2nL
ks6wNQXrcaaH5AMbTMxAq1+pf9n8e9ZpK+1mNt08VE8F+6JYvs0J8KDefj/FhGHq
aez/HvS/zaylQ+pVRtjjGfFd1CPY7R5d/ymD1smuRtcLOJajFjcJyAb3PLN9FIHm
Hb5P94RaTz94+EmVF8wDW5JdXKemqgOkdcvHBXEZW2+QKfXqR5vdgR1L5mKVz9CY
d2I8UY2iThARZo5cT3elQlvdKts9F1ag/0tpz6mxpTYUdtN3ocIJODvb29KVPRuo
u0NlUskIb0KSnDq6Ud5xn+FkMD8aJ/PBOeCBT+iwOCS0b72eXPJ1YSeZ/wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOyxrFEnx/9T4Kjex5ctxcv3vtbuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0xHc1VTZkhfMVBncU43SGx5M0Z5X2UtMXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQBwjo4AwQA
wleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQAw4UmAwQA1MABAwQA1MEEMBQE
AgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAgj021ccFJJ4o
48J0YaNzKNqOh2ISLHcoNFik02ctkWtF+HxzrR82+DnNUXx9F958IMSUQD46CeqH
cmp2KzdBaVbud/fxD3dbMLPjqdJWpRCUnGkRLh88jqFFsQVOSO658kL8Frr7a8Sr
Bj6/ohJbaM3oxAW+Xwsu1oft4NQdUpZRD6vO6K8Ee2O753RboL7TEHqgrI+z6ch/
QxexMsBe8bTQT9CsCaa/w4A9kTMceZleT0nqN7j8s8Pnx20nSxg1jO2g/cTZRo64
sKo4ZJAZOGspuyTph4d4+pm/dhqHXtcRl/02gpkCo1faXBstD3kwKnnQhbe2iuIs
S9zIBuLQzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org