Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/C-0R_SmZgeZV1a_rvDMyRG6xTzA.roa
File: C-0R_SmZgeZV1a_rvDMyRG6xTzA.roa (raw, json)
Hash identifier: h2EfNTlaj9ENxF+hbIacDnB7pk/h+WrcFT/DKo5CSIE=
Subject key identifier: 0B:ED:11:FD:29:99:81:E6:55:D5:AF:EB:BC:33:32:44:6E:B1:4F:30
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018EDE018C7E2867123033A01E1F2861CA0D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/C-0R_SmZgeZV1a_rvDMyRG6xTzA.roa
Signing time: Sun 14 Apr 2024 19:07:07 +0000
ROA not before: Sun 14 Apr 2024 19:07:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Apr 2024 09:19:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:de:01:8c:7e:28:67:12:30:33:a0:1e:1f:28:61:ca:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 14 19:07:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bed11fd299981e655d5afebbc3332446eb14f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:f2:76:9d:50:96:b4:5f:36:db:bc:43:9a:
62:94:9e:6f:32:a4:3f:60:f6:ba:ac:cc:1e:92:76:
8f:fc:0a:5e:ee:55:68:13:2b:e0:1e:9f:73:a3:d5:
ba:d5:f7:a2:c4:38:26:8c:9d:45:50:eb:f9:0f:6a:
1a:d2:f4:a3:10:20:2a:e4:85:3f:4e:65:aa:bb:28:
35:0c:ef:7f:fe:d2:25:9b:0b:41:a6:74:14:e9:4f:
c2:12:f5:df:43:7c:94:33:2b:e2:71:ef:87:3d:50:
bf:9b:e9:97:a3:0f:58:01:15:10:06:47:78:89:54:
67:6a:60:4f:f7:c5:ea:34:5b:85:50:94:91:f2:f9:
3e:3d:fb:0a:0e:fc:5c:47:03:7b:0b:4e:97:b2:43:
1d:21:4e:25:40:4f:88:d2:39:a1:94:d6:4e:d4:7b:
d5:6a:d7:0c:d4:4e:a1:1e:3c:ab:45:09:73:11:6d:
5a:46:34:01:93:74:c6:cb:c6:73:ac:e8:1b:5a:e8:
40:a2:a6:70:18:b6:0b:2c:8e:b4:5c:e2:58:d2:be:
a1:c1:d0:fc:fa:c5:c1:da:11:d3:6b:5f:ae:6a:07:
ff:03:50:c2:25:2e:92:2f:3f:e2:91:cd:d7:bc:8f:
ae:f9:ae:b4:95:05:3c:0e:1b:f2:56:dc:dc:ee:da:
e3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:ED:11:FD:29:99:81:E6:55:D5:AF:EB:BC:33:32:44:6E:B1:4F:30
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/C-0R_SmZgeZV1a_rvDMyRG6xTzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
194.87.141.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.192.208.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
85:e7:85:a1:19:a3:20:66:f4:96:ce:e8:c0:6e:0d:c8:d6:92:
4f:2b:a7:e2:e7:36:b4:db:94:c5:93:67:18:ad:aa:ce:39:af:
24:7d:a3:36:8c:a3:e0:4b:b6:e6:bb:1d:1e:88:b0:ac:39:08:
6e:00:fd:92:6c:7e:2c:10:b6:2c:dc:3d:e4:57:a2:7a:8f:8e:
8f:2c:0a:3d:cb:a5:ae:90:ed:38:35:8a:7c:9f:4d:45:88:41:
72:f1:0f:b2:a0:21:10:1f:b7:86:35:93:de:75:d9:b0:bd:b8:
8d:6c:d1:9c:3e:25:b0:bb:83:1f:cd:4f:7a:dd:23:33:03:f9:
b0:39:bf:ef:9b:e4:e3:67:44:c1:64:ae:4a:ff:ca:a4:95:dd:
86:84:bb:51:8a:c7:56:61:3e:99:1c:3f:0f:f6:be:82:0a:26:
aa:7a:46:c8:7c:0a:2e:b2:8a:ce:a2:b9:eb:38:34:5d:35:f4:
fd:02:2c:b4:62:df:0f:cc:e4:6a:58:47:9f:47:f1:30:3c:73:
2b:26:fd:74:9e:c8:bf:5b:f2:9a:1d:04:a2:68:ba:3f:c9:f0:
94:f1:00:77:d5:03:65:4d:7a:a9:c5:c2:29:ff:21:93:73:09:
28:3f:34:b6:e8:34:c3:69:28:36:7b:a8:65:db:e4:97:eb:0a:
fc:15:c9:30
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY7eAYx+KGcSMDOgHh8oYcoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDE0MTkwNzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVkMTFmZDI5OTk4MWU2NTVkNWFmZWJiYzMzMzI0NDZlYjE0ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw/ydp1QlrRfNtu8Q5pilJ5vMqQ/
YPa6rMweknaP/Ape7lVoEyvgHp9zo9W61feixDgmjJ1FUOv5D2oa0vSjECAq5IU/
TmWquyg1DO9//tIlmwtBpnQU6U/CEvXfQ3yUMyvice+HPVC/m+mXow9YARUQBkd4
iVRnamBP98XqNFuFUJSR8vk+PfsKDvxcRwN7C06XskMdIU4lQE+I0jmhlNZO1HvV
atcM1E6hHjyrRQlzEW1aRjQBk3TGy8ZzrOgbWuhAoqZwGLYLLI60XOJY0r6hwdD8
+sXB2hHTa1+uagf/A1DCJS6SLz/ikc3XvI+u+a60lQU8DhvyVtzc7trjAQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAvtEf0pmYHmVdWv67wzMkRusU8wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQy0wUl9TbVpnZVpWMWFfcnZETXlSRzZ4VHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQAwHysAwQA
wXwHAwQAwleNAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABAwQA1MDQAwQA1MEEMBQE
AgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAheeFoRmjIGb0
ls7owG4NyNaSTyun4uc2tNuUxZNnGK2qzjmvJH2jNoyj4Eu25rsdHoiwrDkIbgD9
kmx+LBC2LNw95Feieo+OjywKPculrpDtODWKfJ9NRYhBcvEPsqAhEB+3hjWT3nXZ
sL24jWzRnD4lsLuDH81Pet0jMwP5sDm/75vk42dEwWSuSv/KpJXdhoS7UYrHVmE+
mRw/D/a+ggomqnpGyHwKLrKKzqK56zg0XTX0/QIstGLfD8zkalhHn0fxMDxzKyb9
dJ7Iv1vymh0Eomi6P8nwlPEAd9UDZU16qcXCKf8hk3MJKD80tug0w2koNnuoZdvk
l+sK/BXJMA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 11:50:09 2024 by rpki-client on console-ams.rpki-client.org