Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AkUHl9zG0foX2Jsm3rXTwC6_TFw.roa
File: AkUHl9zG0foX2Jsm3rXTwC6_TFw.roa (raw, json)
Hash identifier: WlEWmSwqGkg9cZJzAQEQUJIBUrTZCEcspFfnUV2z/Ts=
Subject key identifier: 02:45:07:97:DC:C6:D1:FA:17:D8:9B:26:DE:B5:D3:C0:2E:BF:4C:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186A7B5490FD264685C272E1249FCBED2B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AkUHl9zG0foX2Jsm3rXTwC6_TFw.roa
Signing time: Fri 03 Mar 2023 13:42:01 +0000
ROA not before: Fri 03 Mar 2023 13:42:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.15.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 09:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:b5:49:0f:d2:64:68:5c:27:2e:12:49:fc:be:d2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 3 13:42:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02450797dcc6d1fa17d89b26deb5d3c02ebf4c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:03:4b:fe:5f:77:45:0a:41:a9:b4:09:e6:
b1:f0:18:2b:5c:61:f8:41:6b:f1:c9:cc:4f:a7:3b:
24:cf:3f:20:70:e8:bd:df:cd:9d:3c:5f:a1:4a:1b:
79:46:2e:c3:bf:99:31:2d:8a:41:35:86:db:c0:64:
b0:55:a1:39:2c:9a:fe:1a:d4:91:ab:10:43:bc:f4:
96:a0:f0:ce:3e:db:fd:4b:af:92:67:f2:ad:de:bf:
43:0b:71:63:1b:75:eb:53:cd:0f:b5:bb:a3:c7:d4:
d0:32:a6:d1:6d:ff:31:f6:a7:bf:a7:6b:19:45:6f:
27:e6:2a:08:a3:73:ce:80:8f:60:9f:4c:e3:73:0b:
c5:c1:1b:ac:b9:bd:00:98:13:23:ce:a6:28:81:0b:
da:3b:f8:7c:54:f8:dc:96:ee:9c:62:60:49:69:cb:
fb:62:c2:f4:b8:96:81:fe:59:59:fb:65:18:8d:74:
9e:6b:39:c5:f5:b4:a7:82:85:87:a5:0a:41:68:24:
b3:b6:51:fa:00:80:b7:db:dd:7c:97:88:02:ad:e8:
b9:68:fb:a8:7a:f1:c0:94:ee:2b:a2:a8:4b:c7:ec:
a5:e2:8e:e9:60:c5:1e:19:0e:76:21:14:e0:e1:f2:
1e:57:0f:4e:b9:15:8f:c5:4f:a8:8f:2e:c1:e1:32:
08:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:45:07:97:DC:C6:D1:FA:17:D8:9B:26:DE:B5:D3:C0:2E:BF:4C:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AkUHl9zG0foX2Jsm3rXTwC6_TFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.87.118.0/23
194.135.32.0/24
195.133.26.0/23
195.133.59.0/24
212.192.15.0/24
Signature Algorithm: sha256WithRSAEncryption
31:e5:cb:d6:7f:47:4a:40:1c:6f:0f:da:26:3b:de:75:d0:66:
88:1c:3c:cc:bc:21:ea:28:6d:7f:1f:71:95:7c:b6:cc:30:6e:
c1:e8:69:b1:ac:21:f7:8b:86:17:43:42:38:3d:e2:25:f8:8c:
12:b7:d2:0c:73:b9:15:7c:be:45:48:31:6a:fa:06:6c:1c:f8:
41:f6:bb:be:3c:c0:77:79:56:1a:45:74:93:20:e0:68:82:53:
1e:f8:3b:04:04:54:42:6f:31:27:23:3c:9a:79:b7:01:f7:d9:
e2:cb:28:b3:be:2f:75:5c:df:31:67:f2:79:e4:f4:a6:99:eb:
d9:32:80:db:93:93:84:56:f0:55:1a:1a:b4:8c:0e:21:ba:ce:
db:d0:be:a1:63:ed:94:a6:27:e6:14:4b:96:a7:db:ec:36:68:
7d:c3:5a:c1:36:05:ea:86:84:04:66:c7:60:66:0b:d6:a3:bd:
ec:0f:79:bb:17:af:4d:96:1d:3e:aa:56:00:f8:23:68:63:a9:
62:f9:02:ab:11:78:cc:19:bb:1b:31:84:fa:2b:2e:7e:1c:bc:
5c:7d:c8:84:c2:09:6c:64:2b:34:1e:e6:68:ac:09:48:a9:5e:
04:b4:f4:13:9e:ce:51:7b:33:7b:7d:ec:60:d2:89:01:b2:d4:
66:4a:ca:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYantUkP0mRoXCcuEkn8vtK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAzMTM0MjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ1MDc5N2RjYzZkMWZhMTdkODliMjZkZWI1ZDNjMDJlYmY0YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6wDS/5fd0UKQam0Ceax8BgrXGH4
QWvxycxPpzskzz8gcOi9382dPF+hSht5Ri7Dv5kxLYpBNYbbwGSwVaE5LJr+GtSR
qxBDvPSWoPDOPtv9S6+SZ/Kt3r9DC3FjG3XrU80Ptbujx9TQMqbRbf8x9qe/p2sZ
RW8n5ioIo3POgI9gn0zjcwvFwRusub0AmBMjzqYogQvaO/h8VPjclu6cYmBJacv7
YsL0uJaB/llZ+2UYjXSeaznF9bSngoWHpQpBaCSztlH6AIC32918l4gCrei5aPuo
evHAlO4roqhLx+yl4o7pYMUeGQ52IRTg4fIeVw9OuRWPxU+ojy7B4TIImQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAJFB5fcxtH6F9ibJt6108Auv0xcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWtVSGw5ekcwZm9YMkpzbTNyWFR3QzZfVEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgKAwQB
wld2AwQAwocgAwQBw4UaAwQAw4U7AwQA1MAPMA0GCSqGSIb3DQEBCwUAA4IBAQAx
5cvWf0dKQBxvD9omO9510GaIHDzMvCHqKG1/H3GVfLbMMG7B6GmxrCH3i4YXQ0I4
PeIl+IwSt9IMc7kVfL5FSDFq+gZsHPhB9ru+PMB3eVYaRXSTIOBoglMe+DsEBFRC
bzEnIzyaebcB99niyyizvi91XN8xZ/J55PSmmevZMoDbk5OEVvBVGhq0jA4hus7b
0L6hY+2UpifmFEuWp9vsNmh9w1rBNgXqhoQEZsdgZgvWo73sD3m7F69Nlh0+qlYA
+CNoY6li+QKrEXjMGbsbMYT6Ky5+HLxcfciEwglsZCs0HuZorAlIqV4EtPQTns5R
ezN7fexg0okBstRmSspa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org