Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BRPAtu842NiYT8GkeD3EQxt2bnA.roa
File: BRPAtu842NiYT8GkeD3EQxt2bnA.roa (raw, json)
Hash identifier: pda1YJwBcJyOz82kzQLJOcdm4QC8RR+tSa+p4rpK6DM=
Subject key identifier: 05:13:C0:B6:EF:38:D8:D8:98:4F:C1:A4:78:3D:C4:43:1B:76:6E:70
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D68E77A1282588CAD9E0A3EFDD658E282
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BRPAtu842NiYT8GkeD3EQxt2bnA.roa
Signing time: Fri 02 Feb 2024 08:20:16 +0000
ROA not before: Fri 02 Feb 2024 08:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jul 2024 16:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:e7:7a:12:82:58:8c:ad:9e:0a:3e:fd:d6:58:e2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 08:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0513c0b6ef38d8d8984fc1a4783dc4431b766e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c3:64:b0:b2:28:e3:da:75:17:20:8a:3c:88:
7b:d0:62:db:68:4e:a1:a4:6b:9d:44:b4:e9:74:e7:
ca:5e:40:f3:eb:a8:96:2b:d6:29:17:09:88:d8:c7:
17:6a:37:42:04:03:5c:c0:32:48:a1:8a:cc:c4:86:
a1:84:c9:3f:3d:08:4c:1e:3c:88:7f:a5:6d:fd:ca:
0a:c4:0e:91:13:9c:66:bf:40:99:44:4e:5a:f7:16:
96:44:6c:23:2b:e0:fa:63:1d:21:52:c2:f7:3d:e4:
f4:43:7a:0a:63:2d:c8:27:e7:fc:67:41:7d:85:9a:
59:68:a7:ab:12:9a:de:bd:1d:b8:ac:a9:db:6d:65:
f9:45:0d:52:6f:37:c0:81:5e:ea:45:e9:e2:f9:0c:
30:ab:9d:1d:0d:08:dc:df:1a:98:d5:72:28:f2:f8:
2c:bb:79:b7:77:45:73:af:66:2d:49:9b:cd:48:9b:
31:b3:79:e7:f2:30:a3:45:12:70:2b:26:f9:e6:9d:
41:94:ea:d6:f1:3f:af:77:5c:0a:fc:62:98:68:75:
1a:50:66:52:cd:01:30:c4:68:8c:73:7e:cc:93:9e:
83:e7:19:d2:37:e4:11:3c:9c:e5:90:35:92:bc:25:
c5:ac:9d:91:07:21:7a:c8:37:72:ca:a0:3c:b4:3c:
de:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:13:C0:B6:EF:38:D8:D8:98:4F:C1:A4:78:3D:C4:43:1B:76:6E:70
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BRPAtu842NiYT8GkeD3EQxt2bnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.26.0/23
195.133.30.0/24
195.133.83.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
96:10:a4:b0:9d:e3:12:dd:f9:ce:8d:4b:7d:72:ae:b3:e3:7b:
a0:c7:a1:c5:68:a3:0e:3a:a7:6b:b7:3c:01:77:45:e1:d4:5c:
a8:03:f3:40:30:ba:34:18:9b:a9:db:a5:29:d0:9d:cb:f5:c8:
ce:72:14:53:e3:59:50:72:97:49:63:99:e5:4f:93:d4:d8:93:
0e:ab:c5:c7:9c:c5:7d:dd:26:29:c8:fe:98:fc:4b:59:a0:c3:
73:a5:8b:36:d4:d7:cd:4a:9f:4d:88:eb:59:bf:5a:7f:8e:d1:
9e:88:43:e2:e2:f4:b9:7d:f5:54:6f:0f:e9:2c:34:41:16:b5:
64:26:55:f1:1a:5c:6b:db:5c:57:87:42:ca:84:32:19:bb:48:
c0:a8:d7:77:e0:b1:1a:6b:0c:21:6d:c3:a2:e8:47:34:54:0b:
b8:c5:60:10:3f:30:71:66:81:cd:4e:a4:d3:4e:3a:e9:fd:9c:
9b:21:d6:25:dd:a3:19:bd:df:9d:93:1e:01:26:e4:19:b6:7e:
ec:aa:4a:58:2f:38:04:3f:3f:76:a2:50:9d:02:bc:52:09:7b:
46:23:cf:45:c2:d0:a0:cc:f4:b0:f4:f5:8a:ba:e1:80:08:e0:
d9:96:ca:92:b2:ad:c3:8e:75:92:b2:9c:92:be:fd:33:02:e0:
79:c7:5d:8d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY1o53oSgliMrZ4KPv3WWOKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAyMDgyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTEzYzBiNmVmMzhkOGQ4OTg0ZmMxYTQ3ODNkYzQ0MzFiNzY2ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsNksLIo49p1FyCKPIh70GLbaE6h
pGudRLTpdOfKXkDz66iWK9YpFwmI2McXajdCBANcwDJIoYrMxIahhMk/PQhMHjyI
f6Vt/coKxA6RE5xmv0CZRE5a9xaWRGwjK+D6Yx0hUsL3PeT0Q3oKYy3IJ+f8Z0F9
hZpZaKerEprevR24rKnbbWX5RQ1SbzfAgV7qReni+Qwwq50dDQjc3xqY1XIo8vgs
u3m3d0Vzr2YtSZvNSJsxs3nn8jCjRRJwKyb55p1BlOrW8T+vd1wK/GKYaHUaUGZS
zQEwxGiMc37Mk56D5xnSN+QRPJzlkDWSvCXFrJ2RByF6yDdyyqA8tDzeTwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAUTwLbvONjYmE/BpHg9xEMbdm5wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQlJQQXR1ODQyTmlZVDhHa2VEM0VReHQyYm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwPAwQA
wXwYAwQAwlcdAwQAwld7AwQAwodoAwQBw4UaAwQAw4UeAwQAw4VTAwQA1MEGMA0G
CSqGSIb3DQEBCwUAA4IBAQCWEKSwneMS3fnOjUt9cq6z43ugx6HFaKMOOqdrtzwB
d0Xh1FyoA/NAMLo0GJup26Up0J3L9cjOchRT41lQcpdJY5nlT5PU2JMOq8XHnMV9
3SYpyP6Y/EtZoMNzpYs21NfNSp9NiOtZv1p/jtGeiEPi4vS5ffVUbw/pLDRBFrVk
JlXxGlxr21xXh0LKhDIZu0jAqNd34LEaawwhbcOi6Ec0VAu4xWAQPzBxZoHNTqTT
Tjrp/ZybIdYl3aMZvd+dkx4BJuQZtn7sqkpYLzgEPz92olCdArxSCXtGI89FwtCg
zPSw9PWKuuGACODZlsqSsq3DjnWSspySvv0zAuB5x12N
-----END CERTIFICATE-----
Generated at Sun Jul 14 18:05:55 2024 by rpki-client on console-ams.rpki-client.org