Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AK98o60MzFgXwrg-lsCEgdccTtw.roa
File: AK98o60MzFgXwrg-lsCEgdccTtw.roa (raw, json)
Hash identifier: rDAzPBinQCcGguDLyvJEPBnYJv4qoS1tXzgMZ1x3MNY=
Subject key identifier: 00:AF:7C:A3:AD:0C:CC:58:17:C2:B8:3E:96:C0:84:81:D7:1C:4E:DC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D35A3502B0B529973F6E26733E6CD1DAC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AK98o60MzFgXwrg-lsCEgdccTtw.roa
Signing time: Tue 23 Jan 2024 09:25:11 +0000
ROA not before: Tue 23 Jan 2024 09:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 03:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:a3:50:2b:0b:52:99:73:f6:e2:67:33:e6:cd:1d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 09:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00af7ca3ad0ccc5817c2b83e96c08481d71c4edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:85:00:c9:b9:26:fb:2c:15:ee:72:5a:62:
a2:6b:7c:1f:34:e1:02:71:44:97:8b:a6:77:aa:29:
e8:ce:3f:ec:a1:d8:1a:49:d8:84:ee:6d:a1:f8:0f:
2e:6d:39:6e:2f:66:6e:fc:5c:92:75:7b:11:27:c0:
30:45:a2:0b:d1:6d:af:3a:80:52:28:fb:18:cb:4f:
ec:39:08:1c:e9:37:c4:d5:86:5d:ee:de:47:09:87:
f2:a9:20:18:2a:18:52:35:a6:0f:05:03:c5:23:ac:
b8:11:aa:b2:cc:b3:14:5a:b0:72:79:3e:1e:f4:64:
d7:52:ce:86:91:f8:24:2f:61:eb:fc:25:07:cf:6f:
6c:e0:2a:ce:6e:54:e1:69:b3:66:98:1d:f0:18:5f:
04:1c:8c:90:2d:80:8d:a5:e9:94:18:13:62:13:a6:
a9:ff:6a:80:0a:18:26:e8:5d:cf:fb:6a:9e:d4:4d:
5a:0d:7b:3e:29:1e:0e:e4:b6:b8:54:24:f1:15:a7:
bd:4b:69:f8:f8:d2:b9:20:f3:88:dd:4e:97:a5:08:
b0:91:1c:cb:df:ec:cd:c1:39:c1:f0:c2:58:62:c4:
e7:7c:d2:ea:d9:9d:95:a7:e8:dd:f3:e4:b3:17:d7:
a6:01:bd:bb:49:39:8c:6d:eb:94:47:99:6f:c6:aa:
69:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AF:7C:A3:AD:0C:CC:58:17:C2:B8:3E:96:C0:84:81:D7:1C:4E:DC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AK98o60MzFgXwrg-lsCEgdccTtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.90.0/24
193.124.200.0/24
195.133.6.0/24
195.133.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:02:58:14:87:a1:c0:0e:d4:d6:16:1e:81:ad:5a:d9:10:7c:
2f:80:21:af:bf:40:3a:40:6a:3a:8d:7b:c0:45:09:03:e0:28:
df:95:3e:12:49:66:7c:ba:f6:bb:e0:3c:e2:ac:b3:aa:d1:fd:
43:2e:da:c2:8f:3f:15:3a:9e:2b:f7:08:9e:62:04:3e:c4:cb:
8d:96:b2:f4:58:28:93:ca:e0:1a:d0:fc:7c:d6:83:f4:97:a4:
f2:5e:49:31:80:de:09:d8:74:3f:f1:b1:d6:8a:d7:3b:2f:3c:
68:fa:28:68:e5:5a:6e:cf:1f:db:56:62:85:53:d5:29:99:49:
9a:70:97:a1:df:1f:47:73:48:57:31:15:73:68:ec:ed:d6:be:
e3:28:95:08:e8:88:d2:2f:5a:d0:4c:a8:92:da:38:4e:74:fc:
f1:87:f6:e8:3f:75:2d:84:4c:b6:d6:c7:54:a5:1c:38:6e:4e:
c7:48:90:22:9f:ba:79:98:81:05:18:16:eb:d6:3b:b8:92:a9:
a5:ce:44:02:88:4f:8a:94:a2:2b:d9:1d:ca:e5:52:66:c4:1e:
cf:c9:8a:db:9d:9d:95:7f:50:f2:55:e8:18:a4:fb:16:59:3f:
67:c6:35:9d:dc:cb:94:2f:9c:97:a9:78:fb:8d:4b:31:8f:3e:
91:56:79:b3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY01o1ArC1KZc/biZzPmzR2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIzMDkyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFmN2NhM2FkMGNjYzU4MTdjMmI4M2U5NmMwODQ4MWQ3MWM0ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/SFAMm5JvssFe5yWmKia3wfNOEC
cUSXi6Z3qinozj/sodgaSdiE7m2h+A8ubTluL2Zu/FySdXsRJ8AwRaIL0W2vOoBS
KPsYy0/sOQgc6TfE1YZd7t5HCYfyqSAYKhhSNaYPBQPFI6y4EaqyzLMUWrByeT4e
9GTXUs6GkfgkL2Hr/CUHz29s4CrOblThabNmmB3wGF8EHIyQLYCNpemUGBNiE6ap
/2qAChgm6F3P+2qe1E1aDXs+KR4O5La4VCTxFae9S2n4+NK5IPOI3U6XpQiwkRzL
3+zNwTnB8MJYYsTnfNLq2Z2Vp+jd8+SzF9emAb27STmMbeuUR5lvxqppAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFACvfKOtDMxYF8K4PpbAhIHXHE7cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQUs5OG82ME16RmdYd3JnLWxzQ0VnZGNjVHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwHAwQA
wXxaAwQAwXzIAwQAw4UGAwQAw4VVMA0GCSqGSIb3DQEBCwUAA4IBAQAKAlgUh6HA
DtTWFh6BrVrZEHwvgCGvv0A6QGo6jXvARQkD4CjflT4SSWZ8uva74DzirLOq0f1D
LtrCjz8VOp4r9wieYgQ+xMuNlrL0WCiTyuAa0Px81oP0l6TyXkkxgN4J2HQ/8bHW
itc7Lzxo+iho5Vpuzx/bVmKFU9UpmUmacJeh3x9Hc0hXMRVzaOzt1r7jKJUI6IjS
L1rQTKiS2jhOdPzxh/boP3UthEy21sdUpRw4bk7HSJAin7p5mIEFGBbr1ju4kqml
zkQCiE+KlKIr2R3K5VJmxB7PyYrbnZ2Vf1DyVegYpPsWWT9nxjWd3MuUL5yXqXj7
jUsxjz6RVnmz
-----END CERTIFICATE-----
Generated at Tue Jan 30 08:44:05 2024 by rpki-client on console-ams.rpki-client.org