Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8zqABkfBa09QIm5J86y6m8OL4sw.roa
File: 8zqABkfBa09QIm5J86y6m8OL4sw.roa (raw, json)
Hash identifier: KQ2MTzZLhPHQgFuZKPgjkUfm1v08+LkstcuG5/G4XVM=
Subject key identifier: F3:3A:80:06:47:C1:6B:4F:50:22:6E:49:F3:AC:BA:9B:C3:8B:E2:CC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192943AC3FFFA056254A9111C2F97448BD7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8zqABkfBa09QIm5J86y6m8OL4sw.roa
Signing time: Wed 16 Oct 2024 07:28:52 +0000
ROA not before: Wed 16 Oct 2024 07:28:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.85.251.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.119.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 15:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:3a:c3:ff:fa:05:62:54:a9:11:1c:2f:97:44:8b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 16 07:28:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f33a800647c16b4f50226e49f3acba9bc38be2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:e1:4c:68:d3:d7:13:10:ae:30:65:3c:63:
d3:0f:d8:f7:98:fa:4a:83:b9:8b:a7:7d:d9:c4:e5:
50:c8:f3:fd:4a:e2:05:e9:83:aa:d4:6b:f0:13:d9:
0d:81:f3:3a:15:57:bd:e0:9f:60:27:d0:51:86:bc:
aa:1f:37:3f:52:b2:5e:74:e0:94:3d:cc:98:71:10:
40:24:15:13:99:ff:47:1f:a7:a5:8e:62:56:3e:5f:
ea:a7:5b:07:0d:2c:83:31:f3:27:7b:fe:e8:8c:6c:
1b:34:05:13:66:e1:88:22:08:1e:db:90:a1:61:7b:
75:83:14:2a:28:80:21:72:c5:dc:a0:1e:35:67:92:
d0:ca:85:9b:b2:a5:5f:35:7e:25:d1:89:b0:8a:d3:
a5:a6:4c:d9:4c:4d:50:3a:8d:dc:4e:29:9e:21:78:
74:da:2b:b1:8b:be:fe:08:3b:5a:3f:50:e2:68:37:
e0:c5:d0:17:69:eb:47:49:71:2a:53:5e:c4:b8:bc:
13:51:80:b5:92:b4:44:3b:0c:13:54:33:34:e3:5b:
8d:ee:2d:0a:1d:7c:f4:50:fb:85:e8:14:2b:1b:87:
73:19:5f:c5:53:fc:25:f9:58:71:46:78:73:21:f6:
2e:c5:ae:c0:15:f3:82:9f:87:20:d2:93:45:16:47:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3A:80:06:47:C1:6B:4F:50:22:6E:49:F3:AC:BA:9B:C3:8B:E2:CC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8zqABkfBa09QIm5J86y6m8OL4sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.251.0/24
194.87.21.0/24
194.87.114.0/23
194.87.119.0/24
194.87.134.0/23
194.87.168.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:9d:6b:7f:01:c8:33:03:6c:b8:9c:ab:44:dc:ad:ce:3f:a2:
99:a7:1f:b2:eb:93:42:06:20:ed:4b:02:7f:17:dd:df:65:5a:
e6:95:3b:64:ea:16:ec:70:cb:3a:0b:04:dc:33:70:0f:8a:f0:
40:f7:ec:c8:d8:dc:8c:8e:b5:91:d7:01:a9:34:1a:2f:be:44:
7d:75:ee:11:16:65:dd:57:8b:d2:89:19:88:4d:ce:fc:f4:3e:
dc:0a:65:fb:5c:d2:17:a2:30:47:69:8b:ec:7a:82:3c:65:eb:
b0:e9:02:ad:b6:06:af:4a:2d:d9:bf:c0:2e:0a:30:88:dd:55:
ec:c1:22:04:20:8f:2b:de:2f:1b:96:ae:20:6c:8a:d0:10:b8:
d8:c9:cb:8c:06:37:ca:39:70:4e:a1:34:52:d5:6b:b6:21:76:
27:a5:d1:78:c6:ae:dd:3a:46:a8:6d:22:a9:aa:78:79:7d:b9:
45:d6:ad:cf:74:f4:db:49:da:b4:6b:ee:39:4f:ed:ea:14:6e:
eb:ed:e9:33:07:0d:20:01:3a:a7:8d:95:de:b1:0a:80:18:b5:
bf:b9:33:16:42:ca:9d:cb:2a:ce:e8:5d:48:fb:58:f8:e4:24:
16:76:18:22:65:6b:4f:a2:e7:77:8d:02:43:3f:f4:6c:ed:cd:
6b:ae:db:93
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZKUOsP/+gViVKkRHC+XRIvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE2MDcyODUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNhODAwNjQ3YzE2YjRmNTAyMjZlNDlmM2FjYmE5YmMzOGJlMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSnhTGjT1xMQrjBlPGPTD9j3mPpK
g7mLp33ZxOVQyPP9SuIF6YOq1GvwE9kNgfM6FVe94J9gJ9BRhryqHzc/UrJedOCU
PcyYcRBAJBUTmf9HH6eljmJWPl/qp1sHDSyDMfMne/7ojGwbNAUTZuGIIgge25Ch
YXt1gxQqKIAhcsXcoB41Z5LQyoWbsqVfNX4l0YmwitOlpkzZTE1QOo3cTimeIXh0
2iuxi77+CDtaP1DiaDfgxdAXaetHSXEqU17EuLwTUYC1krREOwwTVDM041uN7i0K
HXz0UPuF6BQrG4dzGV/FU/wl+VhxRnhzIfYuxa7AFfOCn4cg0pNFFkdvJQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPM6gAZHwWtPUCJuSfOsupvDi+LMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOHpxQUJrZkJhMDlRSW01Sjg2eTZtOE9MNHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwlX7AwQA
wlcVAwQBwldyAwQAwld3AwQBwleGAwQAwleoAwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4VUAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQALnWt/AcgzA2y4nKtE3K3OP6KZ
px+y65NCBiDtSwJ/F93fZVrmlTtk6hbscMs6CwTcM3APivBA9+zI2NyMjrWR1wGp
NBovvkR9de4RFmXdV4vSiRmITc789D7cCmX7XNIXojBHaYvseoI8Zeuw6QKttgav
Si3Zv8AuCjCI3VXswSIEII8r3i8blq4gbIrQELjYycuMBjfKOXBOoTRS1Wu2IXYn
pdF4xq7dOkaobSKpqnh5fblF1q3PdPTbSdq0a+45T+3qFG7r7ekzBw0gATqnjZXe
sQqAGLW/uTMWQsqdyyrO6F1I+1j45CQWdhgiZWtPoud3jQJDP/Rs7c1rrtuT
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:39:21 2024 by rpki-client on console-fra.rpki-client.org