Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A9EZZu9_XQt6I8PR_s6zwdxzz-o.roa
File: A9EZZu9_XQt6I8PR_s6zwdxzz-o.roa (raw, json)
Hash identifier: Ka4tyEyYZovSPFEwWCeiJFj+M23+aJff8ONxm78QUfs=
Subject key identifier: 03:D1:19:66:EF:7F:5D:0B:7A:23:C3:D1:FE:CE:B3:C1:DC:73:CF:EA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01914A03AA17813A2B9BA49E855BED814E05
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A9EZZu9_XQt6I8PR_s6zwdxzz-o.roa
Signing time: Tue 13 Aug 2024 04:33:59 +0000
ROA not before: Tue 13 Aug 2024 04:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.85.251.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.134.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 17:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:03:aa:17:81:3a:2b:9b:a4:9e:85:5b:ed:81:4e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 13 04:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d11966ef7f5d0b7a23c3d1feceb3c1dc73cfea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:09:e5:01:f3:ea:ed:8c:93:85:11:75:13:3d:
14:2e:87:f7:90:fe:19:0a:98:67:12:b9:69:34:33:
e9:6b:e4:39:be:95:8a:18:a5:c5:4b:6a:54:16:6c:
ad:cb:57:d3:de:c3:3a:97:29:e1:ef:36:cf:77:a0:
76:6e:e9:5a:68:15:68:03:92:a6:e6:e1:d1:d3:6d:
86:f3:18:d1:c8:07:af:4a:3b:3d:0e:a1:57:5a:d8:
8f:94:48:ca:0e:03:54:34:05:91:e7:ce:78:f1:b0:
80:89:76:6b:ea:ef:74:e7:de:d6:0e:db:c8:53:ce:
83:41:ae:13:27:1c:78:81:6d:59:9d:ae:9d:e6:ed:
90:90:3f:39:fe:6b:3e:6a:44:2e:b4:fe:43:5e:b6:
8e:21:33:da:7c:c3:c9:dc:2b:cd:fd:e4:40:fe:48:
99:34:98:37:d5:1a:ff:85:d2:ef:8c:0a:f5:79:e4:
7e:73:a5:18:92:c7:e7:20:09:41:c8:f3:0b:de:5c:
2c:22:aa:bf:71:be:3c:02:21:11:21:3c:d8:c5:30:
1a:5f:03:5c:6e:fb:da:e4:29:a6:25:b4:ec:fb:5a:
c5:a8:d7:e8:48:2e:74:7b:52:41:6b:8b:95:f2:9d:
b2:5f:65:c6:c3:16:b7:d3:e9:df:c8:5a:2f:a9:c6:
d3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D1:19:66:EF:7F:5D:0B:7A:23:C3:D1:FE:CE:B3:C1:DC:73:CF:EA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A9EZZu9_XQt6I8PR_s6zwdxzz-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.251.0/24
194.87.21.0/24
194.87.114.0/23
194.87.134.0/23
194.87.168.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b6:1f:71:ce:ee:d2:a5:8c:0a:0b:c8:6d:9c:39:26:9c:0b:
78:9c:a9:cf:1d:93:c7:16:a3:e1:6a:1c:b2:6f:0f:d1:d0:85:
61:ff:c4:04:cd:87:6c:b0:a5:25:87:cf:6e:2f:3f:9d:47:d9:
e4:0f:06:b2:f9:cc:93:23:a1:7e:0c:63:86:2a:dd:e1:0e:b7:
53:e1:43:13:47:f1:94:6a:df:21:3f:d1:0b:e1:f6:ff:f5:cc:
ef:f5:6a:60:42:f8:03:30:4c:8e:6c:d8:9a:3e:e6:56:ae:66:
9b:2b:fc:f3:ee:ef:4a:1b:cc:82:89:2d:fe:b1:34:66:94:9d:
6b:92:7e:e5:92:10:5f:f2:64:6a:08:67:3b:2a:d9:c5:9a:27:
dd:65:37:93:2f:1c:64:cf:83:f5:e6:76:b2:3e:35:e7:a7:9c:
d7:cb:d3:7b:3b:19:4c:8a:58:8d:ca:94:99:e6:ad:97:d1:16:
02:e3:3e:72:93:21:63:84:3d:c0:83:ba:49:fa:8e:2d:c6:76:
c1:81:0d:2c:c9:97:0e:46:bb:3d:6c:79:38:b9:b3:a2:ee:0a:
68:bc:f5:87:12:0d:b9:32:b2:35:30:c9:53:d2:0c:48:66:42:
24:77:81:50:22:4b:18:2e:1d:d6:e8:89:5b:c7:c9:64:63:77:
b5:f0:68:48
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZFKA6oXgTorm6SehVvtgU4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEzMDQzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QxMTk2NmVmN2Y1ZDBiN2EyM2MzZDFmZWNlYjNjMWRjNzNjZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AnlAfPq7YyThRF1Ez0ULof3kP4Z
CphnErlpNDPpa+Q5vpWKGKXFS2pUFmyty1fT3sM6lynh7zbPd6B2bulaaBVoA5Km
5uHR022G8xjRyAevSjs9DqFXWtiPlEjKDgNUNAWR58548bCAiXZr6u90597WDtvI
U86DQa4TJxx4gW1Zna6d5u2QkD85/ms+akQutP5DXraOITPafMPJ3CvN/eRA/kiZ
NJg31Rr/hdLvjAr1eeR+c6UYksfnIAlByPML3lwsIqq/cb48AiERITzYxTAaXwNc
bvva5CmmJbTs+1rFqNfoSC50e1JBa4uV8p2yX2XGwxa30+nfyFovqcbT8wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAPRGWbvf10LeiPD0f7Os8Hcc8/qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQTlFWlp1OV9YUXQ2SThQUl9zNnp3ZHh6ei1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwlX7AwQA
wlcVAwQBwldyAwQBwleGAwQAwleoAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA
1MDeAwQA1MELMA0GCSqGSIb3DQEBCwUAA4IBAQBOth9xzu7SpYwKC8htnDkmnAt4
nKnPHZPHFqPhahyybw/R0IVh/8QEzYdssKUlh89uLz+dR9nkDway+cyTI6F+DGOG
Kt3hDrdT4UMTR/GUat8hP9EL4fb/9czv9WpgQvgDMEyObNiaPuZWrmabK/zz7u9K
G8yCiS3+sTRmlJ1rkn7lkhBf8mRqCGc7KtnFmifdZTeTLxxkz4P15nayPjXnp5zX
y9N7OxlMiliNypSZ5q2X0RYC4z5ykyFjhD3Ag7pJ+o4txnbBgQ0syZcORrs9bHk4
ubOi7gpovPWHEg25MrI1MMlT0gxIZkIkd4FQIksYLh3W6Ilbx8lkY3e18GhI
-----END CERTIFICATE-----
Generated at Thu Aug 22 22:43:21 2024 by rpki-client on console-ams.rpki-client.org