Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9ewQXhrK-yg5n9DBwaMJW6AD8fk.roa
File: 9ewQXhrK-yg5n9DBwaMJW6AD8fk.roa (raw, json)
Hash identifier: R7Yt/yPdDV0u6WX+fZ1ROTh4v4fSJjuZb+TbawHgNec=
Subject key identifier: F5:EC:10:5E:1A:CA:FB:28:39:9F:D0:C1:C1:A3:09:5B:A0:03:F1:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018943510A31A5290CF003D6B76692CC479F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9ewQXhrK-yg5n9DBwaMJW6AD8fk.roa
Signing time: Tue 11 Jul 2023 04:58:51 +0000
ROA not before: Tue 11 Jul 2023 04:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207084
IP address blocks: 194.87.202.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 11:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:51:0a:31:a5:29:0c:f0:03:d6:b7:66:92:cc:47:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 04:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5ec105e1acafb28399fd0c1c1a3095ba003f1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:89:c7:d3:a8:f5:26:18:1e:6d:85:79:ef:d6:
54:b7:5d:f9:76:26:20:3a:a9:51:12:25:e3:4e:bf:
98:56:a1:1a:9b:81:4a:3c:50:66:39:76:0f:88:1d:
0c:e1:a2:e9:ef:76:96:df:37:57:9e:65:df:ac:e2:
13:9f:f7:eb:77:9e:99:60:06:3b:42:b8:8e:a5:8a:
dd:32:0d:f9:83:98:62:07:b4:3f:a6:d5:33:fd:e5:
84:11:f1:f8:71:88:2c:e9:08:26:8f:80:fe:6a:15:
04:fa:63:87:c2:58:68:24:1b:72:2a:17:44:83:19:
96:ac:92:d8:8b:9a:ae:48:29:f4:82:32:92:8f:8b:
61:99:99:cb:c4:68:da:a6:b3:ef:3b:9c:69:15:85:
1c:d0:05:c2:c2:5c:49:cb:9e:90:48:dc:ff:8a:f7:
88:ae:23:9e:7f:27:ff:02:87:27:db:02:03:11:23:
3c:53:85:ed:9f:01:00:32:c0:b5:0a:3c:3c:b5:64:
15:46:12:a2:1a:34:ec:87:f3:b0:1d:4a:19:75:ac:
2b:34:91:34:81:a4:a3:19:43:3e:29:25:12:28:5b:
5a:0b:45:b9:95:4e:1f:5b:fd:42:eb:3e:12:de:e3:
e7:70:9d:d4:2f:aa:fa:01:11:60:4b:71:cb:ba:aa:
cd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:10:5E:1A:CA:FB:28:39:9F:D0:C1:C1:A3:09:5B:A0:03:F1:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9ewQXhrK-yg5n9DBwaMJW6AD8fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
194.87.6.0/24
194.87.25.0/24
194.87.33.0/24
194.87.118.0/24
194.87.138.0/24
194.87.182.0/24
194.87.202.0/24
195.58.53.0/24
195.133.19.0/24
195.133.41.0/24
195.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:11:39:b0:66:1e:20:49:11:af:f0:93:19:53:01:e6:81:b0:
40:b7:80:7d:5f:3e:5a:9e:7d:da:a0:63:ab:ec:c6:9e:89:ed:
92:53:fd:94:e5:5b:93:8f:d3:ad:fe:fc:9b:92:06:74:1d:36:
22:06:b7:ec:8b:08:88:d8:a9:e3:55:36:1d:79:ed:cc:f6:68:
79:0b:60:36:bd:70:b7:5d:9a:a3:be:98:09:23:e1:ff:28:cf:
7d:4e:61:f6:ba:61:cd:60:d4:9a:fc:d3:78:45:ef:9a:de:4f:
94:db:d5:57:d8:56:05:8e:db:90:99:d0:67:99:5a:29:e2:37:
5c:01:64:a4:88:2b:7a:ac:2a:b2:88:bd:cf:3b:91:87:e5:14:
90:9c:41:93:2a:ce:28:86:fd:3d:89:b5:c8:8e:83:4e:b2:ea:
62:5b:43:72:41:be:f2:99:f3:32:a8:58:36:8e:f1:1f:18:ea:
c4:95:c7:d1:22:11:8b:46:bc:cd:c6:a2:50:b1:5f:7c:60:f8:
eb:5b:5f:c3:d9:b6:28:02:a9:85:c1:d5:52:2d:ee:16:9b:14:
fe:88:5f:16:ed:f2:d8:9e:5e:4a:29:d8:04:0e:2a:e8:8e:9e:
fc:70:5f:f4:4a:6b:94:57:ed:c5:12:8f:1b:0e:fe:20:69:b6:
02:d5:db:45
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYlDUQoxpSkM8APWt2aSzEefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMDQ1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWVjMTA1ZTFhY2FmYjI4Mzk5ZmQwYzFjMWEzMDk1YmEwMDNmMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYnH06j1JhgebYV579ZUt135diYg
OqlREiXjTr+YVqEam4FKPFBmOXYPiB0M4aLp73aW3zdXnmXfrOITn/frd56ZYAY7
QriOpYrdMg35g5hiB7Q/ptUz/eWEEfH4cYgs6Qgmj4D+ahUE+mOHwlhoJBtyKhdE
gxmWrJLYi5quSCn0gjKSj4thmZnLxGjaprPvO5xpFYUc0AXCwlxJy56QSNz/iveI
riOefyf/Aocn2wIDESM8U4XtnwEAMsC1Cjw8tWQVRhKiGjTsh/OwHUoZdawrNJE0
gaSjGUM+KSUSKFtaC0W5lU4fW/1C6z4S3uPncJ3UL6r6ARFgS3HLuqrNUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPXsEF4ayvsoOZ/QwcGjCVugA/H5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOWV3UVhocksteWc1bjlEQndhTUpXNkFEOGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwRAwQA
wlcGAwQAwlcZAwQAwlchAwQAwld2AwQAwleKAwQAwle2AwQAwlfKAwQAwzo1AwQA
w4UTAwQAw4UpAwQAw4VQMA0GCSqGSIb3DQEBCwUAA4IBAQCMETmwZh4gSRGv8JMZ
UwHmgbBAt4B9Xz5ann3aoGOr7Maeie2SU/2U5VuTj9Ot/vybkgZ0HTYiBrfsiwiI
2KnjVTYdee3M9mh5C2A2vXC3XZqjvpgJI+H/KM99TmH2umHNYNSa/NN4Re+a3k+U
29VX2FYFjtuQmdBnmVop4jdcAWSkiCt6rCqyiL3PO5GH5RSQnEGTKs4ohv09ibXI
joNOsupiW0NyQb7ymfMyqFg2jvEfGOrElcfRIhGLRrzNxqJQsV98YPjrW1/D2bYo
AqmFwdVSLe4WmxT+iF8W7fLYnl5KKdgEDirojp78cF/0SmuUV+3FEo8bDv4gabYC
1dtF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org