Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9s9e2IT4GmaJp8LNWNDVD4Lma5g.roa
File: 9s9e2IT4GmaJp8LNWNDVD4Lma5g.roa (raw, json)
Hash identifier: 4Hq8U+jRCQ6CzDkppGkui37G0PJNajPJnXQLbI91FMI=
Subject key identifier: F6:CF:5E:D8:84:F8:1A:66:89:A7:C2:CD:58:D0:D5:0F:82:E6:6B:98
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F91FA824F5507944C48770A2D8FA51F3C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9s9e2IT4GmaJp8LNWNDVD4Lma5g.roa
Signing time: Sun 19 May 2024 17:51:04 +0000
ROA not before: Sun 19 May 2024 17:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.20.0/23 maxlen: 23
194.87.134.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.54.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 20 May 2024 04:04:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:91:fa:82:4f:55:07:94:4c:48:77:0a:2d:8f:a5:1f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 19 17:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6cf5ed884f81a6689a7c2cd58d0d50f82e66b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:28:d4:3d:85:c5:f2:55:b6:8d:af:83:27:e0:
e4:76:53:43:94:03:2e:d6:69:ef:26:09:d2:a3:22:
02:5b:a2:31:76:e7:a1:75:69:71:d2:4b:88:ca:ee:
73:c2:32:39:26:a3:fe:66:7b:32:22:af:dd:8d:91:
41:fc:d4:df:af:d6:36:50:01:c1:58:e0:50:9a:df:
e7:57:bf:a3:18:08:2d:1a:60:69:82:0f:71:60:9b:
02:36:0c:60:db:d3:c0:27:7d:23:0b:aa:93:ab:cb:
9a:9f:47:ce:a2:d4:33:f2:eb:95:03:97:7d:a0:0f:
a4:ea:6a:0c:0f:aa:90:78:71:c2:4a:d3:d5:b2:7f:
7c:7c:79:5b:29:05:19:6d:8a:3a:cc:0b:77:95:9e:
65:3e:1b:1e:a9:e8:d9:63:5e:12:24:c6:64:0f:ad:
58:9c:51:ec:ff:ea:03:cf:e0:96:17:b2:7d:e5:0f:
ef:5d:44:9c:aa:00:2c:73:36:0f:b5:9c:ea:a6:61:
57:2c:c2:84:71:69:18:92:f9:7e:78:11:d1:ff:a3:
a5:8e:70:32:d7:c3:51:5f:f0:dd:81:f8:04:f0:2e:
a4:44:6d:5b:55:19:fd:d5:8f:34:4d:65:98:69:80:
ce:93:2a:dd:f1:2a:1a:b3:f7:e6:c4:7b:67:29:00:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CF:5E:D8:84:F8:1A:66:89:A7:C2:CD:58:D0:D5:0F:82:E6:6B:98
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9s9e2IT4GmaJp8LNWNDVD4Lma5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.20.0/23
194.87.134.0/24
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
195.133.54.0/24
195.133.92.0/23
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:4e:cc:3f:47:02:a8:62:7c:dc:1b:6c:24:a5:e5:4e:b7:5d:
c5:8a:9e:3d:f0:bb:fd:09:db:1b:16:4d:d7:b2:80:9c:62:2b:
79:bc:7c:56:e5:fe:d9:db:e6:3e:1b:54:45:74:b4:72:7e:c9:
59:50:24:59:92:f9:17:99:7c:f0:62:98:b2:22:5f:bb:99:c3:
3a:30:e7:a5:a8:5e:5a:cd:6c:5d:27:88:e9:cb:30:e7:34:47:
a6:82:bf:0b:1a:dc:38:41:d4:63:d9:bb:64:6f:e4:12:bc:8c:
41:81:65:bc:93:1d:43:d7:64:ad:5d:94:ce:30:2a:74:50:fb:
18:97:b3:e4:33:32:b1:0e:87:c2:57:39:3b:90:cd:c8:7b:78:
c4:b1:d8:70:dd:89:6e:28:64:72:96:a4:11:78:58:c3:1e:f7:
16:2a:c4:e1:63:09:28:f1:8a:b9:35:39:d0:fe:f6:50:0f:94:
4b:e5:dd:15:5c:ed:13:52:7c:7d:84:6e:eb:31:6c:9c:a3:b1:
f4:46:49:1b:b5:36:99:be:c0:83:f9:1b:2a:b0:25:dc:69:0d:
1e:35:77:fe:24:37:f2:62:f0:e7:36:36:1e:94:11:d6:54:45:
e3:dd:77:a1:72:77:22:df:29:21:fa:fc:a1:24:01:02:75:d4:
a4:1d:65:49
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY+R+oJPVQeUTEh3Ci2PpR88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTE5MTc1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNmNWVkODg0ZjgxYTY2ODlhN2MyY2Q1OGQwZDUwZjgyZTY2Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCjUPYXF8lW2ja+DJ+DkdlNDlAMu
1mnvJgnSoyICW6IxduehdWlx0kuIyu5zwjI5JqP+ZnsyIq/djZFB/NTfr9Y2UAHB
WOBQmt/nV7+jGAgtGmBpgg9xYJsCNgxg29PAJ30jC6qTq8uan0fOotQz8uuVA5d9
oA+k6moMD6qQeHHCStPVsn98fHlbKQUZbYo6zAt3lZ5lPhseqejZY14SJMZkD61Y
nFHs/+oDz+CWF7J95Q/vXUScqgAsczYPtZzqpmFXLMKEcWkYkvl+eBHR/6OljnAy
18NRX/DdgfgE8C6kRG1bVRn91Y80TWWYaYDOkyrd8Soas/fmxHtnKQBQwQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPbPXtiE+BpmiafCzVjQ1Q+C5muYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOXM5ZTJJVDRHbWFKcDhMTldORFZENExtYTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQBwjo4AwQB
wlcUAwQAwleGAwQAwleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQAw4U2AwQB
w4VcAwQA1MABAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0B
AQsFAAOCAQEAPk7MP0cCqGJ83BtsJKXlTrddxYqePfC7/QnbGxZN17KAnGIrebx8
VuX+2dvmPhtURXS0cn7JWVAkWZL5F5l88GKYsiJfu5nDOjDnpaheWs1sXSeI6csw
5zRHpoK/CxrcOEHUY9m7ZG/kEryMQYFlvJMdQ9dkrV2UzjAqdFD7GJez5DMysQ6H
wlc5O5DNyHt4xLHYcN2JbihkcpakEXhYwx73FirE4WMJKPGKuTU50P72UA+US+Xd
FVztE1J8fYRu6zFsnKOx9EZJG7U2mb7Ag/kbKrAl3GkNHjV3/iQ38mLw5zY2HpQR
1lRF4913oXJ3It8pIfr8oSQBAnXUpB1lSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org