Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7ae1xX_QeQpnbxC1ATYHp48Y2y0.roa
File: 7ae1xX_QeQpnbxC1ATYHp48Y2y0.roa (raw, json)
Hash identifier: 35MTS0E9i275JtlQXdS6SdOPuK4/P3mFXNss0aetBYU=
Subject key identifier: ED:A7:B5:C5:7F:D0:79:0A:67:6F:10:B5:01:36:07:A7:8F:18:DB:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192852D9D1485D9A88D766976ECCB3125A4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7ae1xX_QeQpnbxC1ATYHp48Y2y0.roa
Signing time: Sun 13 Oct 2024 09:20:11 +0000
ROA not before: Sun 13 Oct 2024 09:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 194.87.246.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 20:26:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:85:2d:9d:14:85:d9:a8:8d:76:69:76:ec:cb:31:25:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 13 09:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eda7b5c57fd0790a676f10b5013607a78f18db2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fe:8b:13:8b:08:3d:7e:1e:b8:7b:e5:7a:9e:
23:6b:a6:7b:b9:e8:53:9c:f5:7c:5e:b4:65:f7:45:
43:57:f3:62:38:79:aa:73:94:27:e8:4f:99:10:ba:
ff:59:99:43:6c:7b:f8:d3:df:e1:20:00:65:d0:43:
31:42:2f:13:57:b2:60:70:43:c0:e7:95:38:dc:2f:
f9:73:3d:8d:f4:21:dd:31:b9:3c:71:78:aa:89:47:
19:88:84:da:15:a8:3b:ce:c4:1f:83:eb:07:dc:86:
6b:d9:44:11:d8:3b:dc:8e:07:90:cb:56:8f:e0:ff:
a9:5b:78:d0:44:73:90:62:95:b2:50:62:de:91:dc:
b2:69:9a:d2:21:a6:67:df:91:84:f5:2d:f8:4d:52:
46:db:b6:a4:a3:dc:2c:35:35:27:c8:7c:b0:67:0d:
19:1a:ed:f2:20:73:54:5b:bc:71:a8:68:9c:e6:78:
95:2a:ef:6e:cd:69:fa:1b:ec:c2:0e:58:de:b0:7c:
f4:55:8d:c8:9f:77:36:28:01:dd:3f:74:c3:13:f1:
4e:3d:a0:f0:2f:87:26:ad:ac:7c:57:59:74:b9:d1:
9b:94:9c:70:be:e9:ba:2f:72:2e:13:bc:6a:69:de:
a3:68:f0:df:a6:70:e7:30:c7:f6:bc:ed:94:dd:51:
46:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A7:B5:C5:7F:D0:79:0A:67:6F:10:B5:01:36:07:A7:8F:18:DB:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7ae1xX_QeQpnbxC1ATYHp48Y2y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b3:4b:71:73:4e:bc:ce:c0:2f:04:5b:f4:84:ff:3d:e7:54:
89:10:ad:46:48:47:da:91:20:f2:42:37:77:6d:0b:c3:24:19:
fe:55:0e:df:28:bf:8b:e6:ef:9f:30:5e:d2:6b:cb:aa:c5:42:
a3:0b:58:c4:31:e6:5f:cc:49:e3:a9:0e:4c:ff:02:54:f2:19:
5e:45:5b:ed:8b:95:37:ce:64:04:10:84:cf:c3:42:a7:e1:d7:
00:76:08:de:9f:ed:aa:68:7e:0a:87:70:48:68:e8:71:14:cb:
12:5f:b8:84:6e:1d:42:ba:df:3c:5e:0e:d5:e8:ca:8b:80:cf:
3b:d6:42:a8:01:e6:93:92:71:0d:6e:ee:fa:35:0b:2a:94:45:
c9:c0:a4:b9:4b:c5:e1:3b:b5:05:73:a0:f9:7a:90:01:72:38:
42:90:91:15:bd:71:d9:72:bb:e4:f2:29:e1:d3:18:1a:95:94:
e6:94:25:57:cb:ea:1b:1e:fb:ca:65:76:6e:52:fa:69:54:fc:
70:be:5c:bc:c4:0f:a1:79:bd:14:5b:fb:ee:0f:60:27:73:11:
7e:a3:da:35:99:fe:b9:25:61:bb:80:8b:2b:0b:79:8c:c9:74:
47:91:3d:41:5b:71:7d:72:c7:e0:57:5f:91:dd:3a:d9:94:0b:
d5:6a:32:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKFLZ0UhdmojXZpduzLMSWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDEzMDkyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE3YjVjNTdmZDA3OTBhNjc2ZjEwYjUwMTM2MDdhNzhmMThkYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/6LE4sIPX4euHvlep4ja6Z7uehT
nPV8XrRl90VDV/NiOHmqc5Qn6E+ZELr/WZlDbHv409/hIABl0EMxQi8TV7JgcEPA
55U43C/5cz2N9CHdMbk8cXiqiUcZiITaFag7zsQfg+sH3IZr2UQR2DvcjgeQy1aP
4P+pW3jQRHOQYpWyUGLekdyyaZrSIaZn35GE9S34TVJG27ako9wsNTUnyHywZw0Z
Gu3yIHNUW7xxqGic5niVKu9uzWn6G+zCDljesHz0VY3In3c2KAHdP3TDE/FOPaDw
L4cmrax8V1l0udGblJxwvum6L3IuE7xqad6jaPDfpnDnMMf2vO2U3VFGtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO2ntcV/0HkKZ28QtQE2B6ePGNstMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN2FlMXhYX1FlUXBuYnhDMUFUWUhwNDhZMnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlf2AwQA
w4VWMA0GCSqGSIb3DQEBCwUAA4IBAQAOs0txc068zsAvBFv0hP8951SJEK1GSEfa
kSDyQjd3bQvDJBn+VQ7fKL+L5u+fMF7Sa8uqxUKjC1jEMeZfzEnjqQ5M/wJU8hle
RVvti5U3zmQEEITPw0Kn4dcAdgjen+2qaH4Kh3BIaOhxFMsSX7iEbh1Cut88Xg7V
6MqLgM871kKoAeaTknENbu76NQsqlEXJwKS5S8XhO7UFc6D5epABcjhCkJEVvXHZ
crvk8inh0xgalZTmlCVXy+obHvvKZXZuUvppVPxwvly8xA+heb0UW/vuD2AncxF+
o9o1mf65JWG7gIsrC3mMyXRHkT1BW3F9csfgV1+R3TrZlAvVajKa
-----END CERTIFICATE-----
Generated at Tue Nov 5 21:35:35 2024 by rpki-client on console-fra.rpki-client.org