Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CZr-bclH1I64ePIK0OgTzVABVVk.roa
File: CZr-bclH1I64ePIK0OgTzVABVVk.roa (raw, json)
Hash identifier: C+gN7A2NEzjEmOt8buqZWoprFX1UwgWgYsIBGc51kuk=
Subject key identifier: 09:9A:FE:6D:C9:47:D4:8E:B8:78:F2:0A:D0:E8:13:CD:50:01:55:59
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189CB4145664B09623699FE9492D454DE45
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CZr-bclH1I64ePIK0OgTzVABVVk.roa
Signing time: Sun 06 Aug 2023 14:29:59 +0000
ROA not before: Sun 06 Aug 2023 14:29:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.124.226.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
194.87.221.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
195.133.10.0/23 maxlen: 23
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.13.0/24 maxlen: 24
195.133.52.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Aug 2023 15:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cb:41:45:66:4b:09:62:36:99:fe:94:92:d4:54:de:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 6 14:29:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099afe6dc947d48eb878f20ad0e813cd50015559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:26:06:4c:0d:5d:75:fd:51:26:0e:c2:65:3a:
7b:39:8d:8f:07:d4:db:1f:cb:34:0c:57:21:cc:c3:
b4:4d:e5:c7:7a:25:3f:7a:02:d3:7e:33:ca:45:df:
c5:c5:af:f1:97:ac:13:37:2a:94:b4:38:8c:24:5a:
55:d9:04:3f:14:74:9d:45:8a:03:89:6e:67:08:63:
15:a8:bb:b0:9b:bb:eb:e6:b3:f2:a8:cb:cc:03:8b:
f9:6e:8a:62:3f:11:30:21:31:ff:54:32:1e:44:94:
04:74:5d:40:fd:b0:83:a9:ca:cd:09:ab:60:5e:cc:
cc:23:07:64:91:bb:7a:73:6c:36:a6:a0:17:c7:c5:
1c:6e:84:a9:f2:86:48:1b:3d:af:3e:cf:a0:77:45:
c9:73:8a:fd:94:d7:c2:54:0c:dc:00:97:1c:a4:01:
0d:3e:cb:45:fe:19:9a:53:63:41:fa:07:d5:c1:75:
33:d1:f8:94:f9:85:fe:83:53:46:68:98:b3:09:ae:
2c:53:e8:37:70:7b:99:1b:33:80:7b:44:83:8c:73:
e5:6d:55:f6:01:2b:ab:55:8b:78:66:bc:15:fb:26:
97:74:45:be:88:55:d4:c9:68:ba:cb:0f:cc:3c:05:
26:e2:eb:71:06:f5:75:10:5c:98:d8:1c:45:8d:d7:
80:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9A:FE:6D:C9:47:D4:8E:B8:78:F2:0A:D0:E8:13:CD:50:01:55:59
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CZr-bclH1I64ePIK0OgTzVABVVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
193.124.36.0/24
193.124.226.0/24
193.124.254.0/24
194.87.118.0/23
194.87.221.0/24
194.135.32.0/24
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.59.0/24
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
50:0a:6b:8c:8c:be:78:5b:9b:0e:4c:dc:40:9e:c0:e3:1b:5e:
ff:f4:02:92:34:5c:e3:4f:32:cf:3f:71:68:66:f9:8b:ff:d4:
83:b0:b7:a6:0c:16:63:a5:75:67:af:f8:2b:25:ea:58:13:42:
63:68:c1:87:79:c1:b0:9b:be:94:fc:7c:67:88:eb:9a:2b:06:
c8:91:9d:9a:a3:e1:4b:f7:52:15:06:46:42:d0:56:c1:99:6b:
e8:4b:a6:1f:4f:2c:fa:11:d8:8d:cc:fa:18:6f:79:63:6e:52:
f9:52:6d:f8:04:51:7e:e7:cf:a5:e5:a6:4e:d2:8f:06:00:ed:
6e:b9:c7:d9:60:43:71:c3:e9:c3:ec:94:0a:4d:f7:4d:1c:24:
1a:d4:de:70:bb:19:26:3e:f0:49:f7:7a:fa:b8:1b:bd:0e:98:
8e:69:05:4b:ca:6e:35:54:8e:85:e6:14:ad:c6:95:c6:2f:d8:
99:a5:35:8d:01:be:a9:96:20:16:92:b1:9b:1d:4a:08:08:2d:
33:00:98:d7:6f:4f:e0:09:45:27:77:ca:12:16:61:ef:b8:81:
e9:a0:da:29:4b:60:58:cf:d1:fc:6b:a0:68:5b:ed:69:3a:c4:
5c:bc:eb:cd:6f:84:4e:20:ba:83:f3:6a:41:c6:a2:82:d5:de:
2d:79:13:1f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYnLQUVmSwliNpn+lJLUVN5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA2MTQyOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTlhZmU2ZGM5NDdkNDhlYjg3OGYyMGFkMGU4MTNjZDUwMDE1NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiYGTA1ddf1RJg7CZTp7OY2PB9Tb
H8s0DFchzMO0TeXHeiU/egLTfjPKRd/Fxa/xl6wTNyqUtDiMJFpV2QQ/FHSdRYoD
iW5nCGMVqLuwm7vr5rPyqMvMA4v5bopiPxEwITH/VDIeRJQEdF1A/bCDqcrNCatg
XszMIwdkkbt6c2w2pqAXx8UcboSp8oZIGz2vPs+gd0XJc4r9lNfCVAzcAJccpAEN
PstF/hmaU2NB+gfVwXUz0fiU+YX+g1NGaJizCa4sU+g3cHuZGzOAe0SDjHPlbVX2
ASurVYt4ZrwV+yaXdEW+iFXUyWi6yw/MPAUm4utxBvV1EFyY2BxFjdeA+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAma/m3JR9SOuHjyCtDoE81QAVVZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ1pyLWJjbEgxSTY0ZVBJSzBPZ1R6VkFCVlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAuUgKAwQA
wXwkAwQAwXziAwQAwXz+AwQBwld2AwQAwlfdAwQAwocgAwQBw4UKAwQBw4UaAwQB
w4U0AwQAw4U7AwQA1MANMA0GCSqGSIb3DQEBCwUAA4IBAQBQCmuMjL54W5sOTNxA
nsDjG17/9AKSNFzjTzLPP3FoZvmL/9SDsLemDBZjpXVnr/grJepYE0JjaMGHecGw
m76U/HxniOuaKwbIkZ2ao+FL91IVBkZC0FbBmWvoS6YfTyz6EdiNzPoYb3ljblL5
Um34BFF+58+l5aZO0o8GAO1uucfZYENxw+nD7JQKTfdNHCQa1N5wuxkmPvBJ93r6
uBu9DpiOaQVLym41VI6F5hStxpXGL9iZpTWNAb6pliAWkrGbHUoICC0zAJjXb0/g
CUUnd8oSFmHvuIHpoNopS2BYz9H8a6BoW+1pOsRcvOvNb4ROILqD82pBxqKC1d4t
eRMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org