Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUXQRRibc9bpUxLT5K2n6tVrAog.roa
File: DUXQRRibc9bpUxLT5K2n6tVrAog.roa (raw, json)
Hash identifier: FNNrIA2/hoRg9XlV42rws4TKHZRfiLPq2JpP5cDhZnA=
Subject key identifier: 0D:45:D0:45:18:9B:73:D6:E9:53:12:D3:E4:AD:A7:EA:D5:6B:02:88
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01913B8F7C8C0913ED399024D7DCA77B3340
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUXQRRibc9bpUxLT5K2n6tVrAog.roa
Signing time: Sat 10 Aug 2024 09:12:24 +0000
ROA not before: Sat 10 Aug 2024 09:12:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 193.124.35.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Aug 2024 12:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:8f:7c:8c:09:13:ed:39:90:24:d7:dc:a7:7b:33:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 09:12:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d45d045189b73d6e95312d3e4ada7ead56b0288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:46:c1:6a:1f:4a:69:2f:a3:83:3e:50:ce:79:
bc:80:1c:1b:6a:c1:5e:0d:b0:80:37:64:fa:b0:22:
ad:97:f2:d2:c7:5f:23:5a:fc:5f:3a:74:0b:9e:02:
c7:83:50:62:69:65:cc:23:67:c0:c9:e2:b2:12:79:
5e:10:39:5c:08:11:79:56:31:25:1e:9c:8c:bd:95:
8e:ce:0e:54:2d:b4:c6:bf:62:8d:1c:03:dd:76:fb:
30:cf:c0:d7:f3:ff:d6:66:9c:33:27:2f:e7:59:a1:
99:81:2e:2c:a2:14:ee:79:d7:f1:2d:36:cf:70:0d:
9e:80:f9:2e:5f:49:88:92:6a:11:40:a4:28:bc:b5:
a7:87:42:5b:cd:b2:73:4d:20:d8:3b:92:24:79:36:
27:af:6b:a4:28:6d:16:02:bf:39:3e:68:64:98:e7:
f7:45:e7:13:ee:5f:6f:c2:13:e4:f9:8a:65:2c:63:
83:da:45:ef:10:f4:d3:c0:86:06:f9:36:03:cd:ac:
58:10:e6:dd:b2:15:59:4b:be:13:32:e1:2c:40:1e:
63:42:d5:db:04:b6:53:2d:0b:42:83:6e:f0:74:37:
66:b2:5c:7c:fc:37:6a:ce:7a:02:ce:65:59:85:35:
2e:73:94:d0:09:df:43:5c:74:28:5f:98:1b:78:56:
0c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:45:D0:45:18:9B:73:D6:E9:53:12:D3:E4:AD:A7:EA:D5:6B:02:88
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUXQRRibc9bpUxLT5K2n6tVrAog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
193.124.133.0/24
194.87.246.0/24
195.133.50.0/24
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
33:84:2b:04:42:79:3f:73:42:15:ff:c1:c3:d2:3a:23:7c:ae:
65:b7:8c:6c:f0:2b:c2:00:dd:29:c0:61:1b:0a:c3:96:a8:05:
5d:c6:0c:ed:f7:a5:b6:8c:a8:89:ae:33:bb:39:c9:7c:53:77:
ce:84:84:69:81:1a:c0:6a:d4:d3:86:af:ef:79:e1:e7:be:9d:
23:33:f6:57:ec:3a:9d:37:53:da:29:93:62:a8:33:85:84:3a:
f6:e2:c9:b0:f3:5f:cb:ef:4f:3a:9b:d2:20:ad:1c:ac:7d:66:
74:c1:c2:a6:5b:e5:ec:1a:c4:bb:4a:64:29:b8:a3:9e:16:9b:
98:71:c1:c1:3f:d4:ce:a1:a2:96:6b:c9:2c:dd:7e:e2:ef:98:
3d:0f:9f:64:87:2a:79:96:18:31:7e:ef:fe:1a:2e:ad:bc:a0:
42:02:b5:2a:ad:82:ca:0d:bc:a2:93:4c:00:60:09:6c:e8:c1:
46:30:b9:a4:a8:1b:46:5e:2b:1e:fb:77:98:4d:83:07:b2:f9:
5a:fe:0f:c1:f9:72:c5:45:5f:9b:b5:30:1c:68:f2:e7:37:e6:
2c:9f:d0:2b:06:86:b3:4f:2d:38:4a:8e:71:97:77:70:f3:80:
32:68:27:f5:6b:73:c6:0c:9c:1b:95:3b:93:4c:4a:b7:75:18:
68:7d:a3:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZE7j3yMCRPtOZAk19ynezNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEwMDkxMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ1ZDA0NTE4OWI3M2Q2ZTk1MzEyZDNlNGFkYTdlYWQ1NmIwMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEbBah9KaS+jgz5Qznm8gBwbasFe
DbCAN2T6sCKtl/LSx18jWvxfOnQLngLHg1BiaWXMI2fAyeKyEnleEDlcCBF5VjEl
HpyMvZWOzg5ULbTGv2KNHAPddvswz8DX8//WZpwzJy/nWaGZgS4sohTuedfxLTbP
cA2egPkuX0mIkmoRQKQovLWnh0JbzbJzTSDYO5IkeTYnr2ukKG0WAr85PmhkmOf3
RecT7l9vwhPk+YplLGOD2kXvEPTTwIYG+TYDzaxYEObdshVZS74TMuEsQB5jQtXb
BLZTLQtCg27wdDdmslx8/DdqznoCzmVZhTUuc5TQCd9DXHQoX5gbeFYMDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA1F0EUYm3PW6VMS0+Stp+rVawKIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFVYUVJSaWJjOWJwVXhMVDVLMm42dFZyQW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwjAwQA
wXyFAwQAwlf2AwQAw4UyAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQAzhCsEQnk/
c0IV/8HD0jojfK5lt4xs8CvCAN0pwGEbCsOWqAVdxgzt96W2jKiJrjO7Ocl8U3fO
hIRpgRrAatTThq/veeHnvp0jM/ZX7DqdN1PaKZNiqDOFhDr24smw81/L7086m9Ig
rRysfWZ0wcKmW+XsGsS7SmQpuKOeFpuYccHBP9TOoaKWa8ks3X7i75g9D59khyp5
lhgxfu/+Gi6tvKBCArUqrYLKDbyik0wAYAls6MFGMLmkqBtGXise+3eYTYMHsvla
/g/B+XLFRV+btTAcaPLnN+Ysn9ArBoazTy04So5xl3dw84AyaCf1a3PGDJwblTuT
TEq3dRhofaMS
-----END CERTIFICATE-----
Generated at Sat Aug 10 14:40:03 2024 by rpki-client on console-fra.rpki-client.org