Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B3s1ujkuWEgp5FOLwQ8Zh8M4oRQ.roa
File: B3s1ujkuWEgp5FOLwQ8Zh8M4oRQ.roa (raw, json)
Hash identifier: n1e7cinfDLJXNuW7tKpkuipxUSHceGrxP4Eze37LkKE=
Subject key identifier: 07:7B:35:BA:39:2E:58:48:29:E4:53:8B:C1:0F:19:87:C3:38:A1:14
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6B03A0E1026D9E903113B10BB6664FE4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B3s1ujkuWEgp5FOLwQ8Zh8M4oRQ.roa
Signing time: Wed 06 Sep 2023 15:01:54 +0000
ROA not before: Wed 06 Sep 2023 15:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Sep 2023 10:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:03:a0:e1:02:6d:9e:90:31:13:b1:0b:b6:66:4f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 15:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=077b35ba392e584829e4538bc10f1987c338a114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:bc:36:c0:48:c5:55:77:02:76:7f:c6:5a:
3d:f8:3b:96:ae:35:60:fc:0e:37:a8:eb:8f:69:b7:
e1:c5:d7:5f:6b:82:6c:bb:66:81:34:0e:d0:5e:cc:
f1:80:c3:ab:0d:09:ee:ec:d5:05:06:09:00:3a:68:
5d:af:46:ba:2b:fa:81:8f:8f:a2:dc:31:fe:c6:4e:
7e:74:d2:54:52:d8:b9:b9:c3:ce:d2:f0:0e:15:89:
c6:d1:21:7c:12:1c:ff:24:5b:7d:08:e7:2b:a2:a5:
36:6c:f1:db:49:1e:f6:d3:29:8a:c2:0c:67:b8:ce:
87:90:cf:2c:19:2f:d0:97:a3:69:4a:3e:be:35:07:
74:db:f8:f8:78:3e:a5:5b:5b:b7:6f:9e:86:3c:b9:
34:db:7c:e8:b6:51:08:cb:e2:7a:1a:a6:bd:1b:7b:
43:6b:e2:1b:a1:ba:55:e5:5a:52:e4:e3:40:79:2a:
72:88:54:ff:a1:2d:be:68:dc:dc:ee:90:86:0c:6d:
d9:b0:8e:4f:76:96:93:b8:36:9f:eb:57:c9:c2:5e:
bc:f7:e7:50:05:88:0d:81:7f:75:cb:20:24:81:b5:
12:12:d2:75:a4:e8:52:3c:8c:1d:e8:1d:a7:04:c3:
52:64:8b:bb:41:c6:d6:d6:5c:58:a7:86:58:2b:80:
18:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7B:35:BA:39:2E:58:48:29:E4:53:8B:C1:0F:19:87:C3:38:A1:14
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/B3s1ujkuWEgp5FOLwQ8Zh8M4oRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.85.250.0/24
194.87.52.0/24
195.133.39.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:7e:36:da:72:4f:a2:68:ee:84:d4:8a:aa:07:d9:71:db:6c:
66:0b:86:04:e5:3f:6e:13:77:04:df:b7:65:95:11:28:d7:ea:
28:ff:82:8c:26:e8:36:95:9e:0c:b3:02:85:34:eb:7e:86:0c:
d5:7e:d8:23:4b:e6:c4:89:78:80:13:1f:47:8f:6f:2a:c3:57:
45:22:00:2f:8b:8b:16:19:c0:80:b7:69:05:7e:f0:f2:6e:e6:
b3:67:8f:35:68:1c:1a:03:ad:06:7b:7d:cb:b3:35:6c:77:fa:
66:2c:a2:40:77:e8:a0:b1:6f:ec:12:c4:d2:40:70:0d:f5:fe:
e0:2d:20:ff:54:8f:ca:cb:71:8e:75:16:0e:27:b1:d6:6d:f3:
46:f8:45:c6:77:f2:49:67:e4:7b:52:f8:b4:95:a6:47:98:59:
76:59:5c:3b:c7:61:2a:f3:db:83:d1:75:b9:df:25:d9:98:29:
36:aa:22:c9:33:45:fd:4a:c0:bf:55:32:ef:1c:5d:d2:39:91:
79:99:6b:90:d8:15:49:f9:ee:4c:5c:9a:58:47:c3:da:79:4f:
77:1e:1c:e0:ae:b9:af:72:b8:a7:a1:5c:b3:99:59:2c:aa:af:
6d:33:a1:4f:a0:c5:45:1a:1b:8e:f1:13:a0:c9:bc:24:35:7d:
fc:e0:16:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYprA6DhAm2ekDETsQu2Zk/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MTUwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzdiMzViYTM5MmU1ODQ4MjllNDUzOGJjMTBmMTk4N2MzMzhhMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGq8NsBIxVV3AnZ/xlo9+DuWrjVg
/A43qOuPabfhxddfa4Jsu2aBNA7QXszxgMOrDQnu7NUFBgkAOmhdr0a6K/qBj4+i
3DH+xk5+dNJUUti5ucPO0vAOFYnG0SF8Ehz/JFt9COcroqU2bPHbSR720ymKwgxn
uM6HkM8sGS/Ql6NpSj6+NQd02/j4eD6lW1u3b56GPLk023zotlEIy+J6Gqa9G3tD
a+IbobpV5VpS5ONAeSpyiFT/oS2+aNzc7pCGDG3ZsI5PdpaTuDaf61fJwl689+dQ
BYgNgX91yyAkgbUSEtJ1pOhSPIwd6B2nBMNSZIu7QcbW1lxYp4ZYK4AYTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAd7Nbo5LlhIKeRTi8EPGYfDOKEUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQjNzMXVqa3VXRWdwNUZPTHdROFpoOE00b1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwFAwQA
wlX6AwQAwlc0AwQAw4UnAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQANfjback+i
aO6E1IqqB9lx22xmC4YE5T9uE3cE37dllREo1+oo/4KMJug2lZ4MswKFNOt+hgzV
ftgjS+bEiXiAEx9Hj28qw1dFIgAvi4sWGcCAt2kFfvDybuazZ481aBwaA60Ge33L
szVsd/pmLKJAd+igsW/sEsTSQHAN9f7gLSD/VI/Ky3GOdRYOJ7HWbfNG+EXGd/JJ
Z+R7Uvi0laZHmFl2WVw7x2Eq89uD0XW53yXZmCk2qiLJM0X9SsC/VTLvHF3SOZF5
mWuQ2BVJ+e5MXJpYR8PaeU93HhzgrrmvcrinoVyzmVksqq9tM6FPoMVFGhuO8ROg
ybwkNX384Bb/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org