Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F1ByviSvsntk1zPlJz7Gnxw7QtQ.roa
File: F1ByviSvsntk1zPlJz7Gnxw7QtQ.roa (raw, json)
Hash identifier: Ea003nLquOKONUVzB2y9GP1MpyozsaQ3+S0/mXsYMWI=
Subject key identifier: 17:50:72:BE:24:AF:B2:7B:64:D7:33:E5:27:3E:C6:9F:1C:3B:42:D4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F66ED45FE4FEC31B3A25BB648A36B666D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F1ByviSvsntk1zPlJz7Gnxw7QtQ.roa
Signing time: Sat 11 May 2024 09:12:56 +0000
ROA not before: Sat 11 May 2024 09:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2118
IP address blocks: 194.58.46.0/23 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
195.58.56.0/21 maxlen: 24
212.192.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 17:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:66:ed:45:fe:4f:ec:31:b3:a2:5b:b6:48:a3:6b:66:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 11 09:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=175072be24afb27b64d733e5273ec69f1c3b42d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:13:84:02:10:8c:bb:bd:26:84:4c:88:d0:
e6:64:44:b1:10:63:a0:2a:79:7b:78:d4:11:6d:50:
74:11:e5:4f:81:82:96:dd:28:13:5a:a0:97:e0:39:
bd:bb:72:53:f8:e0:11:b8:c2:d0:62:0e:3e:6d:ec:
fe:99:d8:1f:09:0b:20:fe:96:cf:d4:a3:2f:00:c3:
b9:69:0c:ee:63:cd:e4:c4:8e:f7:09:6c:e7:dd:9a:
9c:16:f4:39:ff:4c:9c:84:51:26:8e:a6:c1:cc:26:
5b:3c:74:dd:9a:93:3c:a7:3d:47:0b:18:2a:8c:5b:
31:5d:a8:a5:42:a9:b5:a6:66:1d:33:e5:4f:b9:37:
f9:77:72:fe:78:f6:62:db:b4:6b:bb:b7:c7:c0:66:
77:1e:c6:03:62:f0:f8:1a:5d:40:ff:03:ea:4b:a7:
e4:c0:ca:31:57:b5:06:d2:74:14:23:a8:f5:4a:68:
81:eb:3c:2e:96:46:8f:33:f7:ed:29:ae:c6:66:8a:
12:aa:cd:40:50:e0:57:99:ec:9b:e2:42:ee:89:18:
1d:5c:fd:3d:3d:69:a4:be:e9:96:70:bb:cb:b4:6b:
0f:b5:bb:70:48:3d:12:60:92:71:f2:07:1f:22:c3:
0e:70:cc:64:44:4c:6b:a9:a9:b8:dd:5c:31:26:ce:
a3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:50:72:BE:24:AF:B2:7B:64:D7:33:E5:27:3E:C6:9F:1C:3B:42:D4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F1ByviSvsntk1zPlJz7Gnxw7QtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.46.0/23
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
212.192.0.0/23
Signature Algorithm: sha256WithRSAEncryption
62:f0:0c:8d:53:94:bb:25:53:47:db:ae:7f:03:f9:05:c0:c3:
6d:33:be:78:cf:df:8a:4e:82:d3:fa:58:0c:56:22:43:73:a9:
01:d7:42:2c:9c:66:19:4f:16:e3:54:a9:99:68:32:02:6b:be:
e7:79:3c:8b:b8:a8:e9:90:f3:35:ec:0c:18:70:cb:2f:e1:21:
51:40:b5:35:c3:af:53:c6:fe:ea:88:29:79:f4:d7:17:65:3d:
d4:d2:4a:9d:44:e1:49:c6:1e:db:d7:2b:45:f9:f8:f4:d6:2e:
52:0f:36:e1:58:5a:61:32:19:1d:ba:63:c8:1b:f2:65:51:e1:
d2:3c:d2:94:0a:78:a6:83:da:07:0e:d7:3a:b5:c5:be:e8:a8:
52:3f:0b:ce:0e:72:cd:0b:fb:66:a6:7d:53:07:3b:49:ff:de:
1c:ac:8a:c3:c2:dc:e9:d3:b8:05:2c:24:ac:6d:1a:1a:06:6c:
68:2c:76:07:86:f1:4c:2e:87:df:fd:32:ff:65:75:ed:9f:77:
33:00:56:bc:ab:da:f1:e6:a5:2d:45:48:d9:1c:f9:b2:4c:7c:
fc:5a:9c:1f:78:1f:e5:ca:32:77:1b:de:83:a1:b0:57:8f:1a:
1d:c5:7f:77:02:05:45:8f:4a:c1:12:d4:b5:d1:00:79:22:e9:
70:a2:2b:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9m7UX+T+wxs6Jbtkija2ZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTExMDkxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzUwNzJiZTI0YWZiMjdiNjRkNzMzZTUyNzNlYzY5ZjFjM2I0MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohIThAIQjLu9JoRMiNDmZESxEGOg
Knl7eNQRbVB0EeVPgYKW3SgTWqCX4Dm9u3JT+OARuMLQYg4+bez+mdgfCQsg/pbP
1KMvAMO5aQzuY83kxI73CWzn3ZqcFvQ5/0ychFEmjqbBzCZbPHTdmpM8pz1HCxgq
jFsxXailQqm1pmYdM+VPuTf5d3L+ePZi27Rru7fHwGZ3HsYDYvD4Gl1A/wPqS6fk
wMoxV7UG0nQUI6j1SmiB6zwulkaPM/ftKa7GZooSqs1AUOBXmeyb4kLuiRgdXP09
PWmkvumWcLvLtGsPtbtwSD0SYJJx8gcfIsMOcMxkRExrqam43VwxJs6jQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBdQcr4kr7J7ZNcz5Sc+xp8cO0LUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRjFCeXZpU3ZzbnRrMXpQbEp6N0dueHc3UXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwjouAwQB
wlfQAwQBwlfeAwQDwzo4AwQB1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQBi8AyNU5S7
JVNH265/A/kFwMNtM754z9+KToLT+lgMViJDc6kB10IsnGYZTxbjVKmZaDICa77n
eTyLuKjpkPM17AwYcMsv4SFRQLU1w69Txv7qiCl59NcXZT3U0kqdROFJxh7b1ytF
+fj01i5SDzbhWFphMhkdumPIG/JlUeHSPNKUCnimg9oHDtc6tcW+6KhSPwvODnLN
C/tmpn1TBztJ/94crIrDwtzp07gFLCSsbRoaBmxoLHYHhvFMLoff/TL/ZXXtn3cz
AFa8q9rx5qUtRUjZHPmyTHz8WpwfeB/lyjJ3G96DobBXjxodxX93AgVFj0rBEtS1
0QB5IulwoiuM
-----END CERTIFICATE-----
Generated at Mon Nov 4 21:29:22 2024 by rpki-client on console-fra.rpki-client.org