Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLxqfWmq-j0p27F7cvhxWnOnfds.roa
File: CLxqfWmq-j0p27F7cvhxWnOnfds.roa (raw, json)
Hash identifier: Qt2Axe2i426vxiy/1OmmxleDxI2Y72sebT6RyFLkeuU=
Subject key identifier: 08:BC:6A:7D:69:AA:FA:3D:29:DB:B1:7B:72:F8:71:5A:73:A7:7D:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01927BB0B95DF14646E77FB249DDCF221539
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLxqfWmq-j0p27F7cvhxWnOnfds.roa
Signing time: Fri 11 Oct 2024 13:07:12 +0000
ROA not before: Fri 11 Oct 2024 13:07:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200239
IP address blocks: 193.124.80.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 11:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:b0:b9:5d:f1:46:46:e7:7f:b2:49:dd:cf:22:15:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 13:07:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08bc6a7d69aafa3d29dbb17b72f8715a73a77ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:42:4f:7a:67:9d:2d:33:74:34:ce:20:e4:a7:
95:15:1b:7c:f0:97:e3:5d:39:a5:c4:e0:db:31:70:
65:e5:8d:ed:e5:77:69:30:55:82:80:1e:03:aa:57:
65:05:bb:66:48:a0:8f:ba:68:00:53:26:2c:cb:15:
70:88:14:03:ce:42:85:ae:96:f3:78:13:a6:08:8d:
cf:a6:bd:88:82:96:c7:e9:e0:1a:bc:99:40:47:24:
19:04:65:4d:d7:0d:6d:ee:2c:fc:5b:8b:ad:18:59:
d7:2b:80:81:b6:31:d3:9f:59:12:17:de:81:3e:95:
23:1b:e0:84:d8:fc:09:e6:ef:af:c1:99:56:d5:a7:
81:dd:0b:d5:b9:a2:ff:1c:23:23:02:30:d7:f9:39:
99:4a:26:29:c7:de:46:81:f6:e3:98:fc:c4:e0:a7:
70:ab:ef:a7:ab:eb:32:23:f6:38:de:5b:2a:48:e1:
08:a4:84:4d:66:ec:01:c2:b2:6f:98:49:89:09:89:
ac:90:47:88:c2:d5:26:f0:bb:04:c8:f5:34:5d:4b:
20:03:2e:4f:11:82:80:31:ba:69:23:fd:65:ee:71:
91:a3:df:d2:e8:bd:22:90:83:d8:08:fa:e6:ae:b9:
b5:71:30:f5:3e:e8:a7:75:ec:79:b2:c7:f1:7c:95:
d9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BC:6A:7D:69:AA:FA:3D:29:DB:B1:7B:72:F8:71:5A:73:A7:7D:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLxqfWmq-j0p27F7cvhxWnOnfds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.80.0/24
193.124.90.0/24
194.87.64.0/24
194.87.75.0/24
194.87.91.0/24
195.58.63.0/24
Signature Algorithm: sha256WithRSAEncryption
95:91:5f:66:42:9d:fa:b0:33:d8:92:08:6f:a9:32:de:13:6f:
39:2b:df:54:98:2b:01:a5:58:25:52:63:ec:59:1c:f4:3c:c6:
8a:bc:86:a2:01:1b:71:04:17:d3:b4:e8:f4:c8:30:7c:83:40:
b9:df:da:6d:09:89:83:84:79:06:b9:91:6f:19:8d:53:8b:3f:
b5:26:96:9d:d5:f1:14:fe:ce:ae:2b:db:11:62:b7:b3:71:ec:
cf:2d:18:1c:52:91:8f:94:e0:b7:51:01:04:7b:69:75:3b:1c:
da:f2:e3:dd:6f:df:4e:11:8f:70:22:7e:36:d7:01:91:8e:cd:
0c:50:83:79:39:8b:3d:fc:1d:86:f9:33:65:a3:50:ae:8b:73:
0e:af:ae:00:dd:79:62:cd:a7:f7:fd:49:d8:9c:1c:37:30:d0:
8b:8c:4f:23:51:36:02:b5:aa:03:e4:7f:98:91:90:6f:f6:06:
23:fd:21:ee:9a:91:3c:2d:ca:52:69:56:06:20:b3:4a:34:0e:
ae:99:8a:a6:45:5d:a0:d9:45:49:46:fb:56:74:19:61:d8:19:
ba:89:f9:af:ed:44:f3:bd:71:50:f9:8e:4f:c8:9d:75:a1:19:
03:d9:39:56:a8:49:8b:21:c4:67:0e:b6:44:7a:09:a8:ff:27:
4a:24:c2:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJ7sLld8UZG53+ySd3PIhU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDExMTMwNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJjNmE3ZDY5YWFmYTNkMjlkYmIxN2I3MmY4NzE1YTczYTc3ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30JPemedLTN0NM4g5KeVFRt88Jfj
XTmlxODbMXBl5Y3t5XdpMFWCgB4DqldlBbtmSKCPumgAUyYsyxVwiBQDzkKFrpbz
eBOmCI3Ppr2IgpbH6eAavJlARyQZBGVN1w1t7iz8W4utGFnXK4CBtjHTn1kSF96B
PpUjG+CE2PwJ5u+vwZlW1aeB3QvVuaL/HCMjAjDX+TmZSiYpx95GgfbjmPzE4Kdw
q++nq+syI/Y43lsqSOEIpIRNZuwBwrJvmEmJCYmskEeIwtUm8LsEyPU0XUsgAy5P
EYKAMbppI/1l7nGRo9/S6L0ikIPYCPrmrrm1cTD1Puindex5ssfxfJXZsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAi8an1pqvo9Kduxe3L4cVpzp33bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0x4cWZXbXEtajBwMjdGN2N2aHhXbk9uZmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXxQAwQA
wXxaAwQAwldAAwQAwldLAwQAwldbAwQAwzo/MA0GCSqGSIb3DQEBCwUAA4IBAQCV
kV9mQp36sDPYkghvqTLeE285K99UmCsBpVglUmPsWRz0PMaKvIaiARtxBBfTtOj0
yDB8g0C539ptCYmDhHkGuZFvGY1Tiz+1Jpad1fEU/s6uK9sRYrezcezPLRgcUpGP
lOC3UQEEe2l1Oxza8uPdb99OEY9wIn421wGRjs0MUIN5OYs9/B2G+TNlo1Cui3MO
r64A3Xlizaf3/UnYnBw3MNCLjE8jUTYCtaoD5H+YkZBv9gYj/SHumpE8LcpSaVYG
ILNKNA6umYqmRV2g2UVJRvtWdBlh2Bm6ifmv7UTzvXFQ+Y5PyJ11oRkD2TlWqEmL
IcRnDrZEegmo/ydKJMLX
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:48 2024 by rpki-client on console-fra.rpki-client.org