Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DH2bVS0Wtc1gmP8liD_2pmlBtp0.roa
File: DH2bVS0Wtc1gmP8liD_2pmlBtp0.roa (raw, json)
Hash identifier: 8eRP4TCRLOWhQULUBQ3EdDCG1WnN6UTgwDOTkLwkTZA=
Subject key identifier: 0C:7D:9B:55:2D:16:B5:CD:60:98:FF:25:88:3F:F6:A6:69:41:B6:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01921E85F7247A0C49FCA8DE5C58EE1A2055
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DH2bVS0Wtc1gmP8liD_2pmlBtp0.roa
Signing time: Mon 23 Sep 2024 10:55:48 +0000
ROA not before: Mon 23 Sep 2024 10:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.155.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.77.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.220.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:85:f7:24:7a:0c:49:fc:a8:de:5c:58:ee:1a:20:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 23 10:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c7d9b552d16b5cd6098ff25883ff6a66941b69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:9e:27:2e:bb:71:70:02:c1:4e:c6:b5:b2:
3d:f9:4f:7b:a8:b6:fb:4c:07:48:31:1a:d3:a2:43:
21:bb:9d:35:a1:3b:13:36:37:b5:8d:05:1f:2d:92:
ec:9a:84:77:12:57:cf:da:7f:4b:1e:e2:74:70:c4:
a2:05:d9:57:a5:14:f0:96:90:1e:6e:4a:c6:51:1f:
61:80:27:03:7e:3a:4f:45:4f:0d:d1:6e:b7:ed:e0:
43:c8:32:2e:eb:60:6b:65:5d:d9:0f:2f:f5:4b:71:
9d:b0:50:e5:b1:52:fc:1e:7c:37:47:88:9f:f9:25:
3a:5e:6f:f9:3c:5b:1a:98:8d:f8:9d:7a:4d:af:eb:
7d:56:09:01:56:d1:81:9b:08:40:dc:75:46:00:f1:
f0:5b:e7:2b:6c:ae:e5:0c:b0:ba:e9:ef:de:74:f8:
3b:d5:35:7b:fa:53:0e:ce:fe:c0:9f:e3:e3:85:09:
cf:ba:04:21:7f:0d:90:be:73:9b:2d:ff:a0:c3:1a:
b1:24:07:f8:89:2b:86:6c:8a:99:e7:be:22:45:1b:
16:39:7c:06:39:fe:37:c4:70:50:f7:4d:7d:ad:8d:
3b:e9:f4:65:3c:ff:2d:8d:14:96:bf:1a:05:02:fb:
a0:ed:29:09:19:02:4f:0e:cf:3f:11:99:92:42:ad:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7D:9B:55:2D:16:B5:CD:60:98:FF:25:88:3F:F6:A6:69:41:B6:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DH2bVS0Wtc1gmP8liD_2pmlBtp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.155.0/24
194.87.75.0/24
194.87.82.0/24
194.87.169.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.77.0/24
195.133.92.0/23
212.192.1.0/24
212.192.220.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
75:01:56:c9:bd:5c:1c:eb:bc:52:c6:dc:f3:91:27:f8:8c:71:
21:10:2c:95:54:16:24:57:b7:0d:bc:70:63:26:03:34:f0:2f:
25:8c:9a:65:53:4b:64:46:36:ba:ef:ac:0e:58:b2:e7:d9:0b:
fc:5d:c0:e0:89:c4:d1:9f:7b:81:c1:a6:7e:77:26:ae:15:2b:
42:51:97:82:4a:85:dd:56:d2:d6:53:20:3f:b3:8a:3e:51:51:
10:59:ea:94:da:95:bb:75:8c:30:ce:8a:09:f5:c2:5e:11:53:
bf:13:3b:82:f7:e1:4b:32:54:ff:ab:4e:a0:b7:a3:52:6f:4e:
da:8e:5e:00:ee:4d:79:bc:40:e2:d0:c0:c2:d3:19:4a:80:da:
b1:d7:14:02:b9:5f:8e:6e:66:9f:c1:0c:7f:a9:73:f8:dc:06:
79:62:02:9a:a0:d8:bd:bd:c7:ef:72:05:70:04:cc:87:9b:81:
cd:51:ff:66:42:c8:58:85:e2:94:26:97:5f:82:e4:cb:2c:a0:
61:6f:96:c5:b9:47:33:72:b0:28:50:ce:39:5a:e9:9d:98:ff:
d9:5c:c0:4f:7b:73:61:dc:12:75:19:2b:28:93:54:07:28:03:
b1:29:f5:a8:2b:5c:2a:7e:7b:81:2e:5a:d6:4f:b6:0e:da:18:
ed:1c:a3:20
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZIehfckegxJ/KjeXFjuGiBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTIzMTA1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdkOWI1NTJkMTZiNWNkNjA5OGZmMjU4ODNmZjZhNjY5NDFiNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPeeJy67cXACwU7GtbI9+U97qLb7
TAdIMRrTokMhu501oTsTNje1jQUfLZLsmoR3ElfP2n9LHuJ0cMSiBdlXpRTwlpAe
bkrGUR9hgCcDfjpPRU8N0W637eBDyDIu62BrZV3ZDy/1S3GdsFDlsVL8Hnw3R4if
+SU6Xm/5PFsamI34nXpNr+t9VgkBVtGBmwhA3HVGAPHwW+crbK7lDLC66e/edPg7
1TV7+lMOzv7An+PjhQnPugQhfw2QvnObLf+gwxqxJAf4iSuGbIqZ574iRRsWOXwG
Of43xHBQ9019rY076fRlPP8tjRSWvxoFAvug7SkJGQJPDs8/EZmSQq06VwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAx9m1UtFrXNYJj/JYg/9qZpQbadMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvREgyYlZTMFd0YzFnbVA4bGlEXzJwbWxCdHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQAwjqbAwQA
wldLAwQAwldSAwQAwlepAwQBw4UYAwQBw4UoAwQBw4UyAwQAw4VNAwQBw4VcAwQA
1MABAwQA1MDcAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0B
AQsFAAOCAQEAdQFWyb1cHOu8Usbc85En+IxxIRAslVQWJFe3DbxwYyYDNPAvJYya
ZVNLZEY2uu+sDliy59kL/F3A4InE0Z97gcGmfncmrhUrQlGXgkqF3VbS1lMgP7OK
PlFREFnqlNqVu3WMMM6KCfXCXhFTvxM7gvfhSzJU/6tOoLejUm9O2o5eAO5NebxA
4tDAwtMZSoDasdcUArlfjm5mn8EMf6lz+NwGeWICmqDYvb3H73IFcATMh5uBzVH/
ZkLIWIXilCaXX4LkyyygYW+WxblHM3KwKFDOOVrpnZj/2VzAT3tzYdwSdRkrKJNU
BygDsSn1qCtcKn57gS5a1k+2DtoY7RyjIA==
-----END CERTIFICATE-----
Generated at Tue Sep 24 17:14:22 2024 by rpki-client on console-ams.rpki-client.org