Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qiWiVKaHSVW24G-qOvvWAcHoYg.roa
File: 9qiWiVKaHSVW24G-qOvvWAcHoYg.roa (raw, json)
Hash identifier: aHw43NsqH/QJq6ZiGKEUX9mkW25ZXq0+Z8tdQnsGvuk=
Subject key identifier: F6:A8:96:89:52:9A:1D:25:56:DB:81:BE:A8:EB:EF:58:07:07:A1:88
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D265D19A0AA6F591F142C12E8F3534654
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qiWiVKaHSVW24G-qOvvWAcHoYg.roa
Signing time: Sat 20 Jan 2024 10:14:12 +0000
ROA not before: Sat 20 Jan 2024 10:14:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 193.124.203.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
212.192.213.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 09:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:26:5d:19:a0:aa:6f:59:1f:14:2c:12:e8:f3:53:46:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 20 10:14:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6a89689529a1d2556db81bea8ebef580707a188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:df:6f:ce:06:17:c6:3b:a0:ab:76:72:0e:c0:
3b:7c:53:9e:87:14:41:71:7b:1b:ee:4e:64:6d:9d:
85:81:58:9e:9c:98:8c:a5:f5:94:be:74:06:f2:0a:
82:6c:f1:a2:a0:20:58:78:ab:70:02:65:58:ed:95:
f6:b9:3f:d0:a1:ae:ea:d9:0d:6b:26:ab:86:40:49:
fb:5b:1b:a7:b8:7a:f6:6c:de:3d:88:93:d6:ff:3e:
cc:7c:f8:4c:24:8f:08:5e:3e:f7:35:f5:03:d8:c4:
3f:4c:46:65:64:8e:71:67:36:3c:c2:01:6f:b9:19:
ed:1f:bb:34:ea:2e:c2:96:90:70:35:68:fe:7e:f3:
c3:e0:8b:bb:2c:82:76:87:f4:b3:20:55:72:58:95:
29:80:46:43:f2:3e:dc:ad:3a:d8:00:44:09:20:27:
02:43:3d:15:e1:c9:d0:d5:4e:94:88:4c:43:39:95:
2e:8b:76:13:32:25:fc:42:6f:08:ee:11:1d:9e:47:
07:47:df:26:96:54:76:ac:76:ee:41:36:c3:54:16:
1f:46:fa:86:b2:53:35:31:e4:7c:dd:f7:b9:3a:16:
49:67:50:fd:4c:a2:29:f2:3a:b3:be:50:a1:17:d1:
bb:8f:0f:07:f8:e4:c9:7d:08:61:72:51:0b:3a:dc:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A8:96:89:52:9A:1D:25:56:DB:81:BE:A8:EB:EF:58:07:07:A1:88
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9qiWiVKaHSVW24G-qOvvWAcHoYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.87.245.0/24
212.192.213.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:51:0a:85:4a:90:7f:75:55:e0:c6:4f:4b:cb:c3:b2:f1:f8:
d3:70:68:4d:cb:45:0c:71:f5:74:37:c5:3e:72:a5:df:81:39:
02:94:87:96:69:24:ec:22:bb:ec:34:cf:39:40:14:b6:f1:62:
c0:6c:f9:95:08:89:31:bf:5b:24:65:69:7c:74:ec:a3:4f:59:
f4:ce:eb:92:18:1c:65:f1:79:15:5b:57:66:08:bb:c4:7a:42:
81:dd:5f:48:bb:b8:00:01:56:0a:c2:ca:14:a2:b7:96:5d:b6:
b3:54:dc:61:f1:77:6c:3d:8f:29:e7:2a:e2:06:9d:69:1d:a9:
2a:83:8c:37:06:50:4a:34:ee:3a:d2:e5:9d:db:69:0d:d9:51:
2e:d0:94:9e:1b:8b:c5:fc:db:04:db:a5:83:68:59:c0:ce:40:
30:70:5a:e6:a8:b7:86:f8:c2:2b:f2:93:d0:08:c4:21:9b:ab:
ff:4a:cc:7b:8c:eb:f1:ad:68:41:83:04:67:c1:41:71:96:aa:
f4:e3:e6:11:bc:06:15:22:01:0e:f7:0e:ec:aa:a3:b1:8d:ec:
4a:fd:13:7d:cb:45:61:30:cf:67:79:cd:fe:b4:95:93:2c:ca:
4f:86:51:b2:ac:1d:a3:3a:10:85:3e:20:42:bc:00:ef:46:62:
46:8a:9f:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0mXRmgqm9ZHxQsEujzU0ZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIwMTAxNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmE4OTY4OTUyOWExZDI1NTZkYjgxYmVhOGViZWY1ODA3MDdhMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA699vzgYXxjugq3ZyDsA7fFOehxRB
cXsb7k5kbZ2FgVienJiMpfWUvnQG8gqCbPGioCBYeKtwAmVY7ZX2uT/Qoa7q2Q1r
JquGQEn7WxunuHr2bN49iJPW/z7MfPhMJI8IXj73NfUD2MQ/TEZlZI5xZzY8wgFv
uRntH7s06i7ClpBwNWj+fvPD4Iu7LIJ2h/SzIFVyWJUpgEZD8j7crTrYAEQJICcC
Qz0V4cnQ1U6UiExDOZUui3YTMiX8Qm8I7hEdnkcHR98mllR2rHbuQTbDVBYfRvqG
slM1MeR83fe5OhZJZ1D9TKIp8jqzvlChF9G7jw8H+OTJfQhhclELOtyWCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPaololSmh0lVtuBvqjr71gHB6GIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOXFpV2lWS2FIU1ZXMjRHLXFPdnZXQWNIb1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzLAwQA
wlf1AwQA1MDVAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQCOUQqFSpB/dVXgxk9L
y8Oy8fjTcGhNy0UMcfV0N8U+cqXfgTkClIeWaSTsIrvsNM85QBS28WLAbPmVCIkx
v1skZWl8dOyjT1n0zuuSGBxl8XkVW1dmCLvEekKB3V9Iu7gAAVYKwsoUoreWXbaz
VNxh8XdsPY8p5yriBp1pHakqg4w3BlBKNO460uWd22kN2VEu0JSeG4vF/NsE26WD
aFnAzkAwcFrmqLeG+MIr8pPQCMQhm6v/Ssx7jOvxrWhBgwRnwUFxlqr04+YRvAYV
IgEO9w7sqqOxjexK/RN9y0VhMM9nec3+tJWTLMpPhlGyrB2jOhCFPiBCvADvRmJG
ip/3
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:28:26 2024 by rpki-client on console-ams.rpki-client.org