Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BA5al37pEtjrN77FZRdEV_31sTQ.roa
File: BA5al37pEtjrN77FZRdEV_31sTQ.roa (raw, json)
Hash identifier: GPGHi432rFauR+Zt8EDcIDfAT7MGVq0kWIsi/1yLnNI=
Subject key identifier: 04:0E:5A:97:7E:E9:12:D8:EB:37:BE:C5:65:17:44:57:FD:F5:B1:34
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01913C44C3FF8E03FEDD0149A3BABCCFC938
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BA5al37pEtjrN77FZRdEV_31sTQ.roa
Signing time: Sat 10 Aug 2024 12:30:25 +0000
ROA not before: Sat 10 Aug 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 194.87.246.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:44:c3:ff:8e:03:fe:dd:01:49:a3:ba:bc:cf:c9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=040e5a977ee912d8eb37bec565174457fdf5b134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:da:9c:08:f6:1f:39:ce:20:18:1c:0e:d5:d3:
03:ea:06:c2:d5:cd:01:d3:5e:48:bb:2b:97:26:1b:
0a:5e:cb:d9:77:82:67:ce:a7:9d:83:d8:d3:37:c4:
58:d0:cd:3e:95:97:a1:1b:b6:dc:0e:81:68:dc:70:
a3:11:92:ef:50:48:a9:be:e9:32:19:8d:b8:69:cd:
e2:ae:a7:9c:d3:06:4b:71:af:d9:ae:f6:fd:36:fa:
3c:15:d7:54:6e:b6:82:f3:5d:23:5d:a2:ad:db:2e:
ae:ce:90:44:b9:b8:0a:a1:da:52:12:ff:7b:b2:ea:
96:e7:5c:60:ce:94:98:ad:0e:5a:9e:cc:ca:3e:1c:
7e:8f:10:c1:3f:8b:f0:ae:7f:eb:52:06:c4:a6:f7:
7f:37:60:71:14:cd:dd:9c:64:ee:e5:d3:ad:0d:fd:
33:b7:b2:dc:7e:98:e7:d4:65:26:cf:c8:41:3d:2b:
d9:57:a0:6f:63:03:a7:99:85:77:7b:3f:49:7c:0c:
04:af:da:98:4c:a9:75:8f:35:bd:d8:49:e0:30:2d:
f7:24:b3:74:3f:db:41:29:56:fc:37:80:89:28:fb:
fc:24:7f:8c:80:3d:8d:19:6b:9c:90:0f:31:49:f4:
52:35:71:7e:4c:5b:6e:f6:6d:57:ab:2f:50:b6:5f:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0E:5A:97:7E:E9:12:D8:EB:37:BE:C5:65:17:44:57:FD:F5:B1:34
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BA5al37pEtjrN77FZRdEV_31sTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
195.133.50.0/24
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a5:50:0e:f1:a1:0e:98:6d:cc:93:0b:d8:11:ae:f7:57:98:
9b:04:c0:fc:6f:29:5b:6d:5a:57:69:bc:81:d4:d6:16:33:5f:
b8:2a:ad:83:77:0c:a5:9a:d1:15:c3:fd:1e:90:93:d7:06:17:
c0:4b:7c:3f:ad:cc:64:4d:59:3e:eb:8d:35:a2:a7:b8:04:34:
19:87:a1:9b:cc:80:c5:61:15:26:42:48:cf:6a:e8:13:c8:06:
7a:b4:df:b4:b5:a7:6d:47:d0:d4:02:7a:59:51:dd:68:8a:83:
a3:fe:40:4a:ce:2f:13:e1:19:3b:19:ca:36:f7:4d:c1:4c:44:
ff:b3:f4:a4:a1:41:5e:1a:3b:3c:3d:9f:b2:1e:12:ef:20:17:
d2:65:59:8b:8a:83:de:16:6e:45:ad:3c:d1:70:25:52:54:78:
68:80:81:1d:da:8f:2f:eb:90:79:e8:25:cd:7a:38:72:4c:f0:
a8:46:45:a2:88:1a:6c:74:20:08:2d:4f:8e:26:f1:3c:04:cd:
1d:8e:4d:61:07:70:58:8a:e0:4c:35:80:08:ae:08:58:fb:62:
4e:59:3f:21:b9:29:97:a6:8d:db:27:87:7e:be:aa:e4:7c:cf:
c1:5a:31:aa:9c:a4:98:a5:e1:b1:ab:0c:01:cc:5f:17:7e:19:
b4:06:2a:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZE8RMP/jgP+3QFJo7q8z8k4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEwMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBlNWE5NzdlZTkxMmQ4ZWIzN2JlYzU2NTE3NDQ1N2ZkZjViMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9qcCPYfOc4gGBwO1dMD6gbC1c0B
015IuyuXJhsKXsvZd4Jnzqedg9jTN8RY0M0+lZehG7bcDoFo3HCjEZLvUEipvuky
GY24ac3irqec0wZLca/Zrvb9Nvo8FddUbraC810jXaKt2y6uzpBEubgKodpSEv97
suqW51xgzpSYrQ5anszKPhx+jxDBP4vwrn/rUgbEpvd/N2BxFM3dnGTu5dOtDf0z
t7Lcfpjn1GUmz8hBPSvZV6BvYwOnmYV3ez9JfAwEr9qYTKl1jzW92EngMC33JLN0
P9tBKVb8N4CJKPv8JH+MgD2NGWuckA8xSfRSNXF+TFtu9m1Xqy9Qtl/V1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAQOWpd+6RLY6ze+xWUXRFf99bE0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQkE1YWwzN3BFdGpyTjc3RlpSZEVWXzMxc1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlf2AwQA
w4UyAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQBzpVAO8aEOmG3MkwvYEa73V5ib
BMD8bylbbVpXabyB1NYWM1+4Kq2DdwylmtEVw/0ekJPXBhfAS3w/rcxkTVk+6401
oqe4BDQZh6GbzIDFYRUmQkjPaugTyAZ6tN+0tadtR9DUAnpZUd1oioOj/kBKzi8T
4Rk7Gco2903BTET/s/SkoUFeGjs8PZ+yHhLvIBfSZVmLioPeFm5FrTzRcCVSVHho
gIEd2o8v65B56CXNejhyTPCoRkWiiBpsdCAILU+OJvE8BM0djk1hB3BYiuBMNYAI
rghY+2JOWT8huSmXpo3bJ4d+vqrkfM/BWjGqnKSYpeGxqwwBzF8Xfhm0Bioi
-----END CERTIFICATE-----
Generated at Mon Aug 26 14:36:53 2024 by rpki-client on console-fra.rpki-client.org