Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CB1IiZtZXJbs6-BxYhzrCXxsVoM.roa
File: CB1IiZtZXJbs6-BxYhzrCXxsVoM.roa (raw, json)
Hash identifier: 2lDAF88E4mOVq4UTx6UhIG1FZBvqR3z0qK2H16cQQQE=
Subject key identifier: 08:1D:48:89:9B:59:5C:96:EC:EB:E0:71:62:1C:EB:09:7C:6C:56:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E7935130C5BE0309374C0B1756206C1EC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CB1IiZtZXJbs6-BxYhzrCXxsVoM.roa
Signing time: Tue 26 Mar 2024 05:21:45 +0000
ROA not before: Tue 26 Mar 2024 05:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 15:25:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:35:13:0c:5b:e0:30:93:74:c0:b1:75:62:06:c1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 26 05:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=081d48899b595c96ecebe071621ceb097c6c5683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:50:50:91:db:d3:a7:bb:9b:06:51:d5:60:11:
fd:33:5b:fe:41:7a:8f:6c:ad:26:65:b2:cf:6b:46:
f1:93:bb:66:34:ee:45:42:b8:6c:e3:8b:0b:d0:53:
64:32:30:4f:2e:4b:6a:06:c1:89:c4:31:d6:5f:63:
eb:27:f1:5b:1c:42:dc:79:b9:aa:a2:bb:f2:e8:61:
88:aa:27:a7:0f:ef:05:2c:c6:a6:63:aa:a6:35:7e:
a3:fd:0f:4d:25:b2:7c:e7:3e:8b:8b:de:b2:66:62:
b1:f8:86:e6:c7:e1:0a:4b:51:95:a9:7d:05:ac:e1:
03:11:dd:a0:f4:a4:94:e3:6f:21:a8:4d:28:65:13:
ec:34:13:55:a5:ff:3e:24:93:8c:f2:7b:76:72:ec:
a1:fe:cf:2a:01:da:63:a5:d7:78:f7:08:83:70:04:
e6:c9:4b:98:67:7d:08:42:d7:80:6a:da:19:67:07:
c6:82:78:9d:70:41:ba:ce:8b:74:d0:38:7d:42:47:
b7:cd:13:0c:47:1a:0d:40:5d:fa:eb:b9:92:f6:26:
27:fd:d6:87:95:1f:03:ad:7e:e3:c3:b8:9f:a0:db:
72:4b:46:4e:eb:99:4e:1d:7a:f9:ad:b7:de:8b:88:
bf:75:f6:79:01:e6:24:a8:58:7c:92:83:1c:17:42:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1D:48:89:9B:59:5C:96:EC:EB:E0:71:62:1C:EB:09:7C:6C:56:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CB1IiZtZXJbs6-BxYhzrCXxsVoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.86.0/24
194.87.88.0/23
194.87.108.0/24
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.169.0/24
194.87.185.0/24
195.133.6.0/24
195.133.29.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
72:0c:2e:df:45:fc:e9:b9:40:47:77:c6:97:fd:bc:cf:18:48:
77:a5:7b:cc:b6:72:a1:23:c1:7a:f3:b4:a6:73:73:1e:12:fe:
b8:2b:e8:db:f9:13:52:88:47:79:d8:e4:64:55:25:82:7e:93:
10:5b:c4:b4:e5:3c:7f:2e:b0:45:b4:d4:ff:5c:81:08:e0:a6:
ef:e8:db:59:c3:c9:b6:cd:03:b5:d5:99:dd:0d:76:13:77:80:
76:70:e1:a9:c9:7f:e8:f4:90:25:43:db:95:8e:73:86:24:61:
68:08:89:1e:4b:fc:76:b2:c5:0c:2e:48:1a:a3:a0:96:00:7e:
59:4c:f8:26:8d:30:6e:3b:be:a9:47:e7:49:93:db:a6:c7:46:
3c:41:35:d3:a2:43:4f:07:55:93:c8:0b:1f:de:0a:40:bb:a5:
0d:de:00:4e:1d:90:67:b2:5d:a7:2f:5e:60:1f:c9:7f:4b:19:
9f:48:0c:25:d7:a5:4a:09:f5:98:f7:47:6a:0f:e9:04:5d:db:
76:bf:d0:f8:70:73:61:41:82:1c:df:5b:3d:52:ca:11:a4:17:
71:c9:6e:71:6f:ce:48:61:27:38:6f:5f:2b:b7:d8:d6:10:a4:
cf:1b:ee:3e:9f:7a:08:8e:0a:d8:43:44:f8:86:d0:34:0b:63:
fe:aa:06:39
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY55NRMMW+Awk3TAsXViBsHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzI2MDUyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFkNDg4OTliNTk1Yzk2ZWNlYmUwNzE2MjFjZWIwOTdjNmM1NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFBQkdvTp7ubBlHVYBH9M1v+QXqP
bK0mZbLPa0bxk7tmNO5FQrhs44sL0FNkMjBPLktqBsGJxDHWX2PrJ/FbHELcebmq
orvy6GGIqienD+8FLMamY6qmNX6j/Q9NJbJ85z6Li96yZmKx+Ibmx+EKS1GVqX0F
rOEDEd2g9KSU428hqE0oZRPsNBNVpf8+JJOM8nt2cuyh/s8qAdpjpdd49wiDcATm
yUuYZ30IQteAatoZZwfGgnidcEG6zot00Dh9Qke3zRMMRxoNQF3667mS9iYn/daH
lR8DrX7jw7ifoNtyS0ZO65lOHXr5rbfei4i/dfZ5AeYkqFh8koMcF0I+WwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFAgdSImbWVyW7OvgcWIc6wl8bFaDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0IxSWladFpYSmJzNi1CeFloenJDWHhzVm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADA
fL8DBADBfAUDBADCVwwDBADCVxYDBADCVyADBADCVygDBADCV1YDBAHCV1gDBADC
V2wDBADCV3wDBADCV4gDBADCV44DBADCV5YDBADCV6kDBADCV7kDBADDhQYDBADD
hR0DBAHDhSoDBADDhUgDBADDhVUDBADDhcADBADUwQ4wDQYJKoZIhvcNAQELBQAD
ggEBAHIMLt9F/Om5QEd3xpf9vM8YSHele8y2cqEjwXrztKZzcx4S/rgr6Nv5E1KI
R3nY5GRVJYJ+kxBbxLTlPH8usEW01P9cgQjgpu/o21nDybbNA7XVmd0NdhN3gHZw
4anJf+j0kCVD25WOc4YkYWgIiR5L/HayxQwuSBqjoJYAfllM+CaNMG47vqlH50mT
26bHRjxBNdOiQ08HVZPICx/eCkC7pQ3eAE4dkGeyXacvXmAfyX9LGZ9IDCXXpUoJ
9Zj3R2oP6QRd23a/0Phwc2FBghzfWz1SyhGkF3HJbnFvzkhhJzhvXyu32NYQpM8b
7j6fegiOCthDRPiG0DQLY/6qBjk=
-----END CERTIFICATE-----
Generated at Sat Apr 20 16:26:23 2024 by rpki-client on console-ams.rpki-client.org