Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9669ZsRrc8WnR-kaCr0V8x8f3ME.roa
File: 9669ZsRrc8WnR-kaCr0V8x8f3ME.roa (raw, json)
Hash identifier: F6lXR2xQYU7nzaLS/o1u5hjhbR5NMOzIGk5kaqQ9HmQ=
Subject key identifier: F7:AE:BD:66:C4:6B:73:C5:A7:47:E9:1A:0A:BD:15:F3:1F:1F:DC:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018FDE7DA6FFE1F9171C0FCC3B3D58DD171F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9669ZsRrc8WnR-kaCr0V8x8f3ME.roa
Signing time: Mon 03 Jun 2024 14:25:27 +0000
ROA not before: Mon 03 Jun 2024 14:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.134.0/23 maxlen: 23
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 15:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:7d:a6:ff:e1:f9:17:1c:0f:cc:3b:3d:58:dd:17:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 3 14:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7aebd66c46b73c5a747e91a0abd15f31f1fdcc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:2a:30:81:0c:26:21:4f:dc:e3:04:08:fb:
00:eb:ca:10:e5:e3:b5:de:e6:f3:ad:6a:9e:32:00:
de:d5:12:cb:c0:09:74:ac:3b:dd:e6:09:32:72:0b:
b6:e8:a5:67:6e:97:0a:ee:37:38:f7:f0:60:5c:a9:
58:5d:d4:6f:c0:56:9b:01:6e:1f:92:79:b4:65:1d:
59:fa:77:db:d9:27:3d:bb:84:f1:99:ee:fe:0a:0a:
ba:73:3e:4c:f3:e4:49:ac:0f:d2:f1:66:ae:34:53:
41:4e:0f:87:fe:b8:39:d0:63:70:cd:cd:2c:ac:ec:
57:99:b6:16:db:a4:1c:11:c5:6a:6a:d4:9e:4b:87:
f9:b1:c5:27:8b:01:98:f2:0a:20:0c:33:fc:fc:20:
3a:9f:fe:00:7e:c7:f9:99:02:64:a4:0f:9e:7f:90:
07:de:16:37:72:94:b7:98:43:3e:33:f7:67:01:2c:
d6:dc:13:6a:d8:6e:e0:70:ca:99:ce:24:fe:d3:31:
4a:b8:7a:1b:9f:e7:21:e0:d5:a7:cc:0e:93:3f:70:
d5:92:a1:97:44:7d:11:68:e8:24:4c:72:e5:25:6c:
f5:7f:aa:2c:8f:78:6f:b5:69:fb:5a:25:f2:a9:4d:
0f:22:ee:15:58:29:d2:8b:fb:cd:7f:dd:5f:dd:9f:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AE:BD:66:C4:6B:73:C5:A7:47:E9:1A:0A:BD:15:F3:1F:1F:DC:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9669ZsRrc8WnR-kaCr0V8x8f3ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.11.0/24
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.114.0/23
194.87.134.0/23
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:7a:92:b8:70:74:1b:5c:23:19:da:b7:78:a1:70:af:b8:10:
c4:bc:de:02:c0:28:09:48:de:5a:80:49:89:09:f0:51:92:7a:
48:e1:a3:7f:bb:58:57:4a:b1:eb:27:7c:3e:90:0d:1c:d9:89:
7e:af:e9:c1:18:3d:9b:6e:9d:3b:60:e5:83:6a:6d:6e:a7:d2:
a3:05:2c:b6:cc:40:01:9f:a2:a1:ce:a3:b6:e6:4f:18:08:b2:
4b:98:15:ab:29:d9:7e:79:eb:16:84:aa:d6:71:fa:88:c1:1f:
90:a8:c6:6b:7f:54:b5:fd:b1:c3:ea:cf:b9:76:f5:bc:c2:b7:
d5:c8:b2:d8:d5:68:06:0e:83:06:52:76:ed:4a:c7:c5:eb:a9:
80:e5:15:8b:5e:f6:37:b1:82:b7:a6:5c:ac:29:c5:0e:9d:ee:
dd:e9:f1:6b:1e:0c:05:70:02:2e:74:ae:bc:96:06:2c:29:f2:
ce:69:61:a1:9b:a0:ca:2a:57:99:b6:ee:4e:4a:9f:0f:62:1b:
c4:61:e0:12:cd:ae:16:bc:0b:7d:11:54:60:0e:60:d9:d6:5d:
66:24:ca:93:80:8e:b1:b5:7a:b7:52:38:a6:34:89:92:c0:73:
4e:02:f0:31:6d:91:8d:83:4a:fc:bc:97:11:83:e2:32:8b:7d:
3a:ac:0d:f9
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY/efab/4fkXHA/MOz1Y3RcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjAzMTQyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FlYmQ2NmM0NmI3M2M1YTc0N2U5MWEwYWJkMTVmMzFmMWZkY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G4qMIEMJiFP3OMECPsA68oQ5eO1
3ubzrWqeMgDe1RLLwAl0rDvd5gkycgu26KVnbpcK7jc49/BgXKlYXdRvwFabAW4f
knm0ZR1Z+nfb2Sc9u4Txme7+Cgq6cz5M8+RJrA/S8WauNFNBTg+H/rg50GNwzc0s
rOxXmbYW26QcEcVqatSeS4f5scUniwGY8gogDDP8/CA6n/4Afsf5mQJkpA+ef5AH
3hY3cpS3mEM+M/dnASzW3BNq2G7gcMqZziT+0zFKuHobn+ch4NWnzA6TP3DVkqGX
RH0RaOgkTHLlJWz1f6osj3hvtWn7WiXyqU0PIu4VWCnSi/vNf91f3Z9f3wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPeuvWbEa3PFp0fpGgq9FfMfH9zBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTY2OVpzUnJjOFduUi1rYUNyMFY4eDhmM01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwHyyAwQA
wXxQAwQAwXyFAwQAwjovAwQAwlcLAwQAwlcSAwQAwlcVAwQAwlceAwQBwldyAwQB
wleGAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA1MDeMA0GCSqGSIb3DQEBCwUA
A4IBAQBbepK4cHQbXCMZ2rd4oXCvuBDEvN4CwCgJSN5agEmJCfBRknpI4aN/u1hX
SrHrJ3w+kA0c2Yl+r+nBGD2bbp07YOWDam1up9KjBSy2zEABn6KhzqO25k8YCLJL
mBWrKdl+eesWhKrWcfqIwR+QqMZrf1S1/bHD6s+5dvW8wrfVyLLY1WgGDoMGUnbt
SsfF66mA5RWLXvY3sYK3plysKcUOne7d6fFrHgwFcAIudK68lgYsKfLOaWGhm6DK
KleZtu5OSp8PYhvEYeASza4WvAt9EVRgDmDZ1l1mJMqTgI6xtXq3UjimNImSwHNO
AvAxbZGNg0r8vJcRg+Iyi306rA35
-----END CERTIFICATE-----
Generated at Tue Jun 18 20:03:10 2024 by rpki-client on console-fra.rpki-client.org