Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CelmRLWxaUuG7vOdPEL172k4hR0.roa
File: CelmRLWxaUuG7vOdPEL172k4hR0.roa (raw, json)
Hash identifier: lh+yndKsdqJqyfWNAK7Qf8wix27XziWFQ0T9D5wwUyA=
Subject key identifier: 09:E9:66:44:B5:B1:69:4B:86:EE:F3:9D:3C:42:F5:EF:69:38:85:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185F29E7338B794E8880E9404BC10B78F0A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CelmRLWxaUuG7vOdPEL172k4hR0.roa
Signing time: Fri 27 Jan 2023 09:45:48 +0000
ROA not before: Fri 27 Jan 2023 09:45:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Feb 2023 07:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:9e:73:38:b7:94:e8:88:0e:94:04:bc:10:b7:8f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 27 09:45:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09e96644b5b1694b86eef39d3c42f5ef6938851d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7d:26:e3:c8:9f:f5:12:02:68:27:be:5d:ae:
a7:14:00:5a:5a:30:e1:66:67:1b:01:fc:b8:af:14:
ba:ed:94:de:03:72:62:01:44:c9:3b:31:a7:91:18:
a7:02:31:fa:80:46:f3:4f:c7:4b:27:e6:2e:95:e1:
6b:5d:dd:79:8f:da:c7:35:66:e0:81:74:dc:54:37:
ee:14:36:0d:ad:40:47:46:17:76:b4:bd:5a:16:06:
62:ab:0a:38:50:08:79:f2:3a:86:5f:30:e7:4a:5f:
ed:bc:b7:a4:ae:0b:dc:79:dd:f4:ef:81:9a:35:e7:
b3:4b:3d:0d:45:84:81:96:7a:c8:7b:c6:a5:47:51:
fb:65:7a:3f:89:94:9d:53:a7:c6:de:b3:a6:71:31:
1f:eb:f4:e8:97:c6:7e:a2:48:a6:01:40:88:38:63:
56:b8:1f:fc:11:8a:7a:8c:df:31:96:d3:4f:db:a3:
25:8f:7c:b0:ee:36:20:32:ec:59:85:ac:de:c1:06:
b4:39:ad:2f:ac:e4:dc:63:91:8c:01:f5:eb:18:a9:
b2:85:46:dd:ca:a7:61:cf:22:20:42:b2:f4:68:0d:
dc:72:18:29:ad:ed:e3:1f:ec:43:c5:41:95:cf:c9:
7b:41:04:6c:6d:22:0f:4e:98:c2:bc:2c:fe:1a:c6:
74:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E9:66:44:B5:B1:69:4B:86:EE:F3:9D:3C:42:F5:EF:69:38:85:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CelmRLWxaUuG7vOdPEL172k4hR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.125.0/24
194.87.162.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:44:b7:24:7f:1f:25:d5:68:b8:82:61:cc:c6:1a:6c:37:07:
3d:f9:97:a9:89:05:e8:e2:9f:49:c7:bb:f7:af:59:e9:26:f2:
71:c4:18:d2:7c:91:f5:04:a1:1a:97:4a:af:ed:8f:e0:04:b2:
27:f7:a0:15:bd:9f:8d:fc:fc:06:7e:6f:d8:d1:53:76:42:3a:
f0:6f:87:9b:f8:8c:74:f9:01:71:df:0f:0c:26:b4:56:53:a2:
a7:85:0a:ca:cb:4f:8a:fb:f9:ad:26:49:5d:8a:75:36:13:89:
e4:78:81:61:73:a3:9e:82:30:f7:66:3a:5c:1d:ed:8e:7f:3b:
23:82:16:8a:05:d5:80:b3:1d:ea:c2:fa:d5:96:71:7f:6b:0e:
0e:de:8d:6a:51:cf:c8:92:b1:06:57:c6:7f:b1:94:86:77:82:
6a:8a:d2:88:7e:b5:62:8a:7b:3c:e0:ef:5c:9d:76:76:d9:11:
cb:7f:81:87:6f:1a:79:a2:ab:ce:ce:b5:17:35:8f:3c:60:bd:
90:8e:a2:00:92:a2:ee:4f:76:b5:65:bb:2b:82:75:9b:1e:f0:
a5:ca:67:d5:76:a5:cd:4d:3c:05:d7:f4:09:22:3d:e4:47:57:
d1:2c:9e:a0:14:b5:b3:e9:7e:f7:4e:b0:20:e9:7f:f4:6a:dc:
fe:78:b4:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXynnM4t5ToiA6UBLwQt48KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI3MDk0NTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU5NjY0NGI1YjE2OTRiODZlZWYzOWQzYzQyZjVlZjY5Mzg4NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn0m48if9RICaCe+Xa6nFABaWjDh
ZmcbAfy4rxS67ZTeA3JiAUTJOzGnkRinAjH6gEbzT8dLJ+YuleFrXd15j9rHNWbg
gXTcVDfuFDYNrUBHRhd2tL1aFgZiqwo4UAh58jqGXzDnSl/tvLekrgvced3074Ga
NeezSz0NRYSBlnrIe8alR1H7ZXo/iZSdU6fG3rOmcTEf6/Tol8Z+okimAUCIOGNW
uB/8EYp6jN8xltNP26Mlj3yw7jYgMuxZhazewQa0Oa0vrOTcY5GMAfXrGKmyhUbd
yqdhzyIgQrL0aA3cchgpre3jH+xDxUGVz8l7QQRsbSIPTpjCvCz+GsZ04wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAnpZkS1sWlLhu7znTxC9e9pOIUdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ2VsbVJMV3hhVXVHN3ZPZFBFTDE3Mms0aFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwEAwQA
wXx9AwQAwleiAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQCLRLckfx8l
1Wi4gmHMxhpsNwc9+ZepiQXo4p9Jx7v3r1npJvJxxBjSfJH1BKEal0qv7Y/gBLIn
96AVvZ+N/PwGfm/Y0VN2Qjrwb4eb+Ix0+QFx3w8MJrRWU6KnhQrKy0+K+/mtJkld
inU2E4nkeIFhc6OegjD3ZjpcHe2OfzsjghaKBdWAsx3qwvrVlnF/aw4O3o1qUc/I
krEGV8Z/sZSGd4JqitKIfrViins84O9cnXZ22RHLf4GHbxp5oqvOzrUXNY88YL2Q
jqIAkqLuT3a1ZbsrgnWbHvClymfVdqXNTTwF1/QJIj3kR1fRLJ6gFLWz6X73TrAg
6X/0atz+eLQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org