Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EJyNKET_-wU2rDDFY4vpR69-ng0.roa
File: EJyNKET_-wU2rDDFY4vpR69-ng0.roa (raw, json)
Hash identifier: W4fPB3e6PLtLloqgzkxzJrlsC/NJTeYVDqhywh5o6Tw=
Subject key identifier: 10:9C:8D:28:44:FF:FB:05:36:AC:30:C5:63:8B:E9:47:AF:7E:9E:0D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192F8966FB3AA8F7FB428246C27D0EC1043
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EJyNKET_-wU2rDDFY4vpR69-ng0.roa
Signing time: Mon 04 Nov 2024 19:11:01 +0000
ROA not before: Mon 04 Nov 2024 19:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Nov 2024 09:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f8:96:6f:b3:aa:8f:7f:b4:28:24:6c:27:d0:ec:10:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 4 19:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=109c8d2844fffb0536ac30c5638be947af7e9e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:19:b5:61:a0:80:38:d5:bb:96:3f:f5:24:
11:7a:ae:f1:bc:cb:8d:cf:3e:cc:0b:e2:27:2c:2e:
75:96:c1:bc:91:0f:54:e0:43:28:c9:64:d5:1d:0a:
37:44:c9:aa:0b:74:f8:fa:b2:e8:bb:02:12:1d:47:
ad:96:34:6b:f6:a7:52:c1:29:63:91:49:41:fb:a7:
58:9a:65:08:de:7e:79:45:3c:75:85:8b:ae:e1:d5:
3f:6a:20:0a:36:72:62:6a:13:dc:da:ab:5a:d2:90:
ad:87:bd:46:63:64:6f:13:79:bf:32:dd:d0:4c:54:
65:8a:2d:af:5c:0f:44:d0:f8:4d:a3:c5:db:8d:ce:
9a:ec:91:d7:a9:20:96:96:9f:7c:cd:71:e9:4e:32:
05:f6:97:af:25:69:27:43:e3:eb:35:b2:ac:37:08:
eb:e4:28:b5:29:5c:12:b5:64:b6:b8:c2:96:ea:f3:
68:39:2c:8e:d8:a2:bb:50:34:72:df:66:59:86:67:
3e:44:c6:86:20:c8:89:02:8e:99:ac:1f:c6:4a:3c:
04:9e:2e:8d:f8:60:24:7c:c0:1c:08:2c:ed:6c:94:
72:b2:c0:98:a3:5e:75:35:3e:9c:17:c6:1c:d8:c2:
8e:24:10:b1:1b:97:03:db:fd:8f:26:0f:aa:86:b0:
e6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9C:8D:28:44:FF:FB:05:36:AC:30:C5:63:8B:E9:47:AF:7E:9E:0D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EJyNKET_-wU2rDDFY4vpR69-ng0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.85.251.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
19:b3:1f:b3:d2:6a:0d:32:19:06:c6:6a:d0:62:6b:24:44:08:
4e:ec:e4:58:31:63:38:b9:6b:97:3f:dd:d0:1a:e8:1b:af:63:
06:1d:a7:78:17:81:91:af:a0:a0:38:0c:b2:79:9e:59:8c:fb:
62:9a:7e:43:17:c6:1f:11:df:6b:9c:f9:76:58:ec:98:02:4f:
7a:33:ea:24:5b:4c:97:0f:73:b8:9f:c4:85:66:53:79:fd:6a:
a7:85:d1:01:7a:4f:12:8a:5f:ee:0b:9e:4a:b0:49:20:b0:93:
58:14:40:b3:76:23:7b:7b:29:80:ac:7a:6a:84:ef:4f:f0:6e:
2e:2d:4e:2b:ae:73:c5:87:11:db:61:e2:c5:aa:8c:4f:7c:e3:
9e:56:5e:cd:66:ad:fc:b4:7d:ab:aa:2e:3d:39:77:5d:f3:d2:
80:ce:49:fe:52:03:44:c9:f7:0b:9f:5c:72:1d:3b:6a:d4:64:
ea:4a:be:d8:c1:1a:e5:a0:c0:82:95:9b:fb:e0:d9:8e:41:8e:
e9:ef:3b:9e:2b:33:36:df:e9:1a:df:bd:c8:77:6b:62:d7:2e:
bf:7f:0d:3c:48:00:c2:82:8d:7f:15:70:6d:4f:48:49:47:78:
80:24:0c:0d:51:fd:4b:3f:07:18:f2:0a:d2:47:5d:1d:58:f0:
22:6d:a1:a7
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZL4lm+zqo9/tCgkbCfQ7BBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA0MTkxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDljOGQyODQ0ZmZmYjA1MzZhYzMwYzU2MzhiZTk0N2FmN2U5ZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp80ZtWGggDjVu5Y/9SQReq7xvMuN
zz7MC+InLC51lsG8kQ9U4EMoyWTVHQo3RMmqC3T4+rLouwISHUetljRr9qdSwSlj
kUlB+6dYmmUI3n55RTx1hYuu4dU/aiAKNnJiahPc2qta0pCth71GY2RvE3m/Mt3Q
TFRlii2vXA9E0PhNo8Xbjc6a7JHXqSCWlp98zXHpTjIF9pevJWknQ+PrNbKsNwjr
5Ci1KVwStWS2uMKW6vNoOSyO2KK7UDRy32ZZhmc+RMaGIMiJAo6ZrB/GSjwEni6N
+GAkfMAcCCztbJRyssCYo151NT6cF8Yc2MKOJBCxG5cD2/2PJg+qhrDmYQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBCcjShE//sFNqwwxWOL6Uevfp4NMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUp5TktFVF8td1UyckRERlk0dnBSNjktbmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQAwHy0AwQA
wjqbAwQAwlX7AwQAwlepAwQAwleyAwQAwlfgAwQAwochAwQBw4UYAwQBw4UoAwQB
w4UyAwQBw4VcAwQA1MABAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkq
hkiG9w0BAQsFAAOCAQEAGbMfs9JqDTIZBsZq0GJrJEQITuzkWDFjOLlrlz/d0Bro
G69jBh2neBeBka+goDgMsnmeWYz7Ypp+QxfGHxHfa5z5dljsmAJPejPqJFtMlw9z
uJ/EhWZTef1qp4XRAXpPEopf7gueSrBJILCTWBRAs3Yje3spgKx6aoTvT/BuLi1O
K65zxYcR22HixaqMT3zjnlZezWat/LR9q6ouPTl3XfPSgM5J/lIDRMn3C59cch07
atRk6kq+2MEa5aDAgpWb++DZjkGO6e87niszNt/pGt+9yHdrYtcuv38NPEgAwoKN
fxVwbU9ISUd4gCQMDVH9Sz8HGPIK0kddHVjwIm2hpw==
-----END CERTIFICATE-----
Generated at Wed Nov 6 13:23:26 2024 by rpki-client on console-fra.rpki-client.org