Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/96wbxySEZRf2AoLOJgot0CRCWj8.roa
File: 96wbxySEZRf2AoLOJgot0CRCWj8.roa (raw, json)
Hash identifier: YIAv1QL+n8pBfoH7/mEu1ODGvgYT/ctQNlGBULJI0M4=
Subject key identifier: F7:AC:1B:C7:24:84:65:17:F6:02:82:CE:26:0A:2D:D0:24:42:5A:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AC665D68F3F9B8387704DDAABE6A4DC64
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/96wbxySEZRf2AoLOJgot0CRCWj8.roa
Signing time: Sun 24 Sep 2023 08:54:37 +0000
ROA not before: Sun 24 Sep 2023 08:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.87.220.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
195.133.10.0/23 maxlen: 23
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.13.0/24 maxlen: 24
195.133.56.0/23 maxlen: 23
195.133.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 29 Sep 2023 15:56:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:65:d6:8f:3f:9b:83:87:70:4d:da:ab:e6:a4:dc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 24 08:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7ac1bc724846517f60282ce260a2dd024425a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:ba:c5:dd:7b:7c:83:28:35:e6:5d:0a:1b:
db:3a:79:a0:bc:82:bf:02:ac:2f:41:2a:5c:f9:aa:
20:82:4a:e8:ac:a3:f2:5d:77:18:a3:9b:5d:4e:23:
76:44:b2:cc:e5:55:6b:0c:77:d2:bc:81:65:96:89:
96:1b:11:c9:68:ac:74:91:dc:3c:95:46:96:12:37:
e1:39:66:74:c2:75:99:be:9e:25:6a:f3:85:dc:64:
28:1c:da:c0:80:f7:06:a6:17:28:71:e3:cd:09:f7:
69:34:35:55:25:7b:e8:30:bd:6d:b1:55:68:22:ed:
4d:92:4a:5f:5b:fb:e5:38:0b:f8:7d:e9:38:d2:52:
92:da:2d:ce:8c:ec:ec:6d:db:2c:c2:dc:86:52:89:
25:4e:02:be:39:db:2c:40:a0:a5:b6:14:03:30:4a:
c9:3a:cf:c2:85:34:8b:d8:62:b2:ca:6b:65:32:36:
3c:a8:f3:20:72:09:e1:90:8f:be:4d:f7:e2:db:dc:
01:a4:0c:79:31:88:88:6a:93:db:ec:a7:dd:1e:95:
7a:50:11:0f:92:8a:ae:c4:3a:36:26:b6:f1:01:c8:
18:57:3f:4e:f2:fb:da:93:dd:55:d1:05:74:89:35:
0b:5b:ca:d9:c9:f5:5f:61:9b:56:65:2f:0a:8a:a7:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AC:1B:C7:24:84:65:17:F6:02:82:CE:26:0A:2D:D0:24:42:5A:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/96wbxySEZRf2AoLOJgot0CRCWj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
193.124.254.0/24
194.87.118.0/23
194.87.220.0/24
194.135.32.0/24
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.56.0/23
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:dd:c8:87:e3:35:ec:32:58:19:84:71:cf:31:9e:95:d6:89:
70:03:57:41:d3:62:cf:48:a2:f7:35:95:ab:18:f6:52:7e:ba:
6d:d9:4b:36:d4:89:d0:80:12:e0:33:4b:a1:31:2f:e6:8e:50:
70:d7:23:c3:76:f6:89:2d:a5:14:a8:bb:d5:88:6c:0a:80:2b:
40:96:a5:c9:33:00:5b:fb:38:6d:c3:d5:1f:3e:60:a5:c2:41:
ab:44:79:db:bb:77:0c:0e:bf:d7:64:72:22:0d:e3:13:55:8d:
db:cd:b8:a8:09:4f:d9:95:1f:2d:39:03:dd:ab:29:01:40:11:
d7:c2:0f:87:f3:d0:19:6b:8b:ba:42:3a:3f:82:dd:19:e9:91:
4c:66:6e:93:d5:1a:21:22:a8:d9:07:e3:a6:ed:46:c8:df:ac:
a1:c9:f3:ee:de:40:de:25:37:16:f1:24:3d:bd:19:cb:b3:60:
ca:4a:72:45:1a:d1:7e:6f:7d:7e:60:77:d8:ec:98:d4:b8:48:
e0:40:bb:83:68:d8:74:e8:43:d7:79:93:fb:a4:bc:f3:d9:c4:
1c:b7:2b:48:fc:a3:89:4b:9c:44:90:3c:f6:db:b7:37:20:0c:
2f:e0:22:35:c4:3b:5a:23:e6:21:92:8a:19:07:8d:ab:2f:51:
b8:2c:97:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYrGZdaPP5uDh3BN2qvmpNxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI0MDg1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FjMWJjNzI0ODQ2NTE3ZjYwMjgyY2UyNjBhMmRkMDI0NDI1YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRO6xd17fIMoNeZdChvbOnmgvIK/
AqwvQSpc+aoggkrorKPyXXcYo5tdTiN2RLLM5VVrDHfSvIFllomWGxHJaKx0kdw8
lUaWEjfhOWZ0wnWZvp4lavOF3GQoHNrAgPcGphcocePNCfdpNDVVJXvoML1tsVVo
Iu1NkkpfW/vlOAv4fek40lKS2i3OjOzsbdsswtyGUoklTgK+OdssQKClthQDMErJ
Os/ChTSL2GKyymtlMjY8qPMgcgnhkI++Tffi29wBpAx5MYiIapPb7KfdHpV6UBEP
koquxDo2JrbxAcgYVz9O8vvak91V0QV0iTULW8rZyfVfYZtWZS8Kiqd1VwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPesG8ckhGUX9gKCziYKLdAkQlo/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTZ3Ynh5U0VaUmYyQW9MT0pnb3QwQ1JDV2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAuUgKAwQA
wXz+AwQBwld2AwQAwlfcAwQAwocgAwQBw4UKAwQBw4UaAwQBw4U0AwQBw4U4AwQA
1MANMA0GCSqGSIb3DQEBCwUAA4IBAQCK3ciH4zXsMlgZhHHPMZ6V1olwA1dB02LP
SKL3NZWrGPZSfrpt2Us21InQgBLgM0uhMS/mjlBw1yPDdvaJLaUUqLvViGwKgCtA
lqXJMwBb+zhtw9UfPmClwkGrRHnbu3cMDr/XZHIiDeMTVY3bzbioCU/ZlR8tOQPd
qykBQBHXwg+H89AZa4u6Qjo/gt0Z6ZFMZm6T1RohIqjZB+Om7UbI36yhyfPu3kDe
JTcW8SQ9vRnLs2DKSnJFGtF+b31+YHfY7JjUuEjgQLuDaNh06EPXeZP7pLzz2cQc
tytI/KOJS5xEkDz227c3IAwv4CI1xDtaI+YhkooZB42rL1G4LJcJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org