Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F-pzRAWWLQ7UYesO2jz9K0B4fPo.roa
File: F-pzRAWWLQ7UYesO2jz9K0B4fPo.roa (raw, json)
Hash identifier: lWWwmaWdXPcf1zUtKwIsd9ePsyiHHCQx5rE/C+Agb7g=
Subject key identifier: 17:EA:73:44:05:96:2D:0E:D4:61:EB:0E:DA:3C:FD:2B:40:78:7C:FA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018EB2BB7A5862B3049CF986B6AFFC730F1D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F-pzRAWWLQ7UYesO2jz9K0B4fPo.roa
Signing time: Sat 06 Apr 2024 09:26:54 +0000
ROA not before: Sat 06 Apr 2024 09:26:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Apr 2024 05:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:bb:7a:58:62:b3:04:9c:f9:86:b6:af:fc:73:0f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 09:26:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17ea734405962d0ed461eb0eda3cfd2b40787cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:34:b9:06:24:ab:8b:36:c3:54:be:1b:46:
23:b0:3c:41:4d:c8:81:34:40:52:59:c4:8e:a5:36:
96:4d:0c:1c:eb:98:9b:fd:e9:56:2c:1f:81:ed:7a:
65:b9:e7:3d:61:42:28:33:7b:60:65:af:0d:31:27:
67:bd:d6:a4:41:2b:c7:8d:61:69:97:ca:6a:02:34:
2e:be:a8:f1:27:6a:25:1a:44:28:a8:36:69:6e:0f:
c4:1f:50:5c:f1:7f:09:59:2c:73:95:5f:ce:e2:cf:
7c:4e:52:c0:df:7d:4a:f0:2e:43:3e:84:4a:96:59:
30:34:83:4e:5c:9a:fd:52:7d:e0:c6:55:14:f6:41:
61:83:36:cc:be:47:b6:99:4d:12:c3:d7:2a:c0:e1:
ec:d5:56:75:fb:d7:2d:94:a5:00:96:d5:b5:27:76:
2e:e8:6c:0d:51:b0:69:20:5f:2b:7c:5c:83:1d:78:
5b:84:cd:74:c5:74:80:ff:60:c1:3b:49:67:a3:e1:
47:2e:d3:0c:12:b9:ce:3c:c7:5c:73:0c:a3:fd:a8:
77:66:bf:e3:b5:26:08:5b:8b:cd:5d:ef:e1:e3:d0:
68:33:1c:eb:e8:16:49:5e:13:d1:6e:7f:45:70:59:
78:d9:c6:89:b6:ae:a5:e7:ab:bd:ef:d8:9a:42:89:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:EA:73:44:05:96:2D:0E:D4:61:EB:0E:DA:3C:FD:2B:40:78:7C:FA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F-pzRAWWLQ7UYesO2jz9K0B4fPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
194.87.73.0/24
194.87.169.0/24
194.87.201.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.192.208.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
57:d7:b6:cb:86:f6:e7:4e:35:f1:4f:73:e7:10:90:05:2b:c6:
8c:c3:5c:64:d9:fc:b3:2b:dc:16:db:0a:60:61:57:e3:4b:f0:
e3:d5:80:66:ca:49:a2:f9:7a:d6:66:6f:8a:b3:aa:53:8c:fb:
4a:ce:22:fa:2b:67:a8:8d:fb:2e:18:54:44:a0:ca:dd:34:d7:
89:17:7d:1d:ea:ee:92:d3:fc:07:82:78:9a:b8:ac:4f:1e:cc:
d9:87:6e:3d:ab:58:d2:c7:68:d3:60:f7:8f:60:ba:2e:58:d7:
77:f0:6f:29:c2:50:45:b0:a8:6e:eb:a9:b1:3e:87:1c:fe:c7:
19:bc:2a:91:57:9a:28:ff:06:09:10:27:be:fd:37:6c:3e:0b:
c4:f6:eb:97:78:73:a9:50:ff:72:20:33:cd:81:ed:53:43:c5:
7b:50:ec:29:63:26:ad:04:c8:02:41:6a:c0:d0:31:08:64:22:
20:56:22:95:03:e7:19:75:d8:cb:94:d1:1e:3e:8e:eb:0d:18:
2a:76:42:89:bd:a8:a0:8d:e1:68:c6:6e:b7:5f:7d:41:7f:e8:
50:76:b9:48:8f:e5:f2:ea:7e:07:a3:a6:96:a2:a6:39:38:40:
0e:04:4c:da:4e:96:24:ab:c6:ec:da:c7:a6:a9:20:55:04:28:
1f:66:82:74
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY6yu3pYYrMEnPmGtq/8cw8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDA2MDkyNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2VhNzM0NDA1OTYyZDBlZDQ2MWViMGVkYTNjZmQyYjQwNzg3Y2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz40uQYkq4s2w1S+G0YjsDxBTciB
NEBSWcSOpTaWTQwc65ib/elWLB+B7Xpluec9YUIoM3tgZa8NMSdnvdakQSvHjWFp
l8pqAjQuvqjxJ2olGkQoqDZpbg/EH1Bc8X8JWSxzlV/O4s98TlLA331K8C5DPoRK
llkwNINOXJr9Un3gxlUU9kFhgzbMvke2mU0Sw9cqwOHs1VZ1+9ctlKUAltW1J3Yu
6GwNUbBpIF8rfFyDHXhbhM10xXSA/2DBO0lno+FHLtMMErnOPMdccwyj/ah3Zr/j
tSYIW4vNXe/h49BoMxzr6BZJXhPRbn9FcFl42caJtq6l56u979iaQokfJwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBfqc0QFli0O1GHrDto8/StAeHz6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRi1welJBV1dMUTdVWWVzTzJqejlLMEI0ZlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQAwHysAwQA
wXwHAwQAwldJAwQAwlepAwQAwlfJAwQAwlf1AwQAw4UZAwQA1MABAwQA1MDQMBQE
AgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAV9e2y4b25041
8U9z5xCQBSvGjMNcZNn8syvcFtsKYGFX40vw49WAZspJovl61mZvirOqU4z7Ss4i
+itnqI37LhhURKDK3TTXiRd9HeruktP8B4J4mrisTx7M2YduPatY0sdo02D3j2C6
LljXd/BvKcJQRbCobuupsT6HHP7HGbwqkVeaKP8GCRAnvv03bD4LxPbrl3hzqVD/
ciAzzYHtU0PFe1DsKWMmrQTIAkFqwNAxCGQiIFYilQPnGXXYy5TRHj6O6w0YKnZC
ib2ooI3haMZut199QX/oUHa5SI/l8up+B6OmlqKmOThADgRM2k6WJKvG7NrHpqkg
VQQoH2aCdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org