Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F3_Y_AzfKAeWTz2m5Ua53urS_EY.roa
File: F3_Y_AzfKAeWTz2m5Ua53urS_EY.roa (raw, json)
Hash identifier: Jixbm+5LACCgLw5v8mgNks6TYAZEFHHMNBsKwYWS3yw=
Subject key identifier: 17:7F:D8:FC:0C:DF:28:07:96:4F:3D:A6:E5:46:B9:DE:EA:D2:FC:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E1A2206FA04C7AF149672C1358E2C0E9B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F3_Y_AzfKAeWTz2m5Ua53urS_EY.roa
Signing time: Thu 07 Mar 2024 18:17:01 +0000
ROA not before: Thu 07 Mar 2024 18:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:22:06:fa:04:c7:af:14:96:72:c1:35:8e:2c:0e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 18:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=177fd8fc0cdf2807964f3da6e546b9deead2fc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:f7:78:e8:1a:35:24:c3:61:62:67:19:39:
36:c9:75:ee:ea:85:2d:70:41:0c:aa:2d:73:74:65:
fd:75:23:73:74:df:53:44:9d:06:5b:ba:6e:45:d0:
c8:6a:c1:36:b3:62:8e:f2:cc:bb:8a:ea:b0:1e:95:
de:28:e7:0b:01:4b:8d:fc:d1:b4:0a:94:4c:c4:63:
d6:04:17:e3:db:f9:5e:d5:41:15:f7:dc:fd:cd:13:
8b:bc:31:f1:de:88:10:3b:4d:56:32:fa:ff:9d:ad:
d7:66:4e:3f:39:47:4f:a8:62:f3:cf:44:66:35:55:
46:4c:c6:78:a9:16:d9:cc:66:84:20:2a:46:b2:8f:
c4:f5:09:5c:19:58:26:74:54:d2:b0:5c:b1:ec:84:
82:60:25:a7:04:7c:dd:e7:a3:62:0b:5c:cd:36:b3:
34:77:f1:c5:bd:43:ac:53:37:03:7a:50:32:81:e8:
b1:46:52:7e:42:0c:6c:8f:40:ae:02:83:2c:52:f4:
56:07:1c:0d:0f:94:1e:17:86:53:eb:e0:56:ef:d9:
09:b7:bf:79:b0:95:1e:dd:18:21:37:66:8a:81:37:
9a:7f:17:cf:17:42:d8:4f:e7:5d:b5:43:2c:13:b5:
19:5b:12:1f:31:2c:82:9b:d4:0b:41:2d:fb:cb:ed:
7e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7F:D8:FC:0C:DF:28:07:96:4F:3D:A6:E5:46:B9:DE:EA:D2:FC:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/F3_Y_AzfKAeWTz2m5Ua53urS_EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.86.0/24
194.87.88.0/23
194.87.108.0/24
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.185.0/24
195.133.6.0/24
195.133.29.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
23:20:f2:3e:ea:73:29:e4:f6:42:93:20:a7:4f:0b:5d:51:31:
e7:4a:75:1d:59:c4:16:90:34:89:34:0c:37:f4:17:62:cc:d8:
ce:8e:1d:fa:96:78:00:2d:27:77:b5:c1:7d:b4:ca:61:81:09:
3c:39:ef:76:65:87:e6:f8:15:74:7e:81:05:3c:a4:98:7e:3e:
b6:ae:7d:20:b3:99:e5:29:c9:cb:36:6c:21:d4:a4:ff:3d:81:
e7:30:7c:8d:a5:e7:7e:0e:d3:9d:85:ec:fd:a9:61:93:d0:e0:
58:40:9d:99:54:cd:94:9e:7c:4e:43:83:cf:a8:69:7b:92:e8:
0e:73:09:07:14:8c:ae:2d:c6:8a:16:0d:fb:2a:ea:21:00:e0:
b8:2a:33:ba:00:76:07:8a:15:48:9f:0f:de:e5:2b:e4:36:8a:
7c:ac:09:be:be:9c:f5:a6:ec:b2:42:f9:a2:2a:1b:95:b8:95:
d3:04:45:b2:3e:19:e0:7a:e6:5a:3b:8e:16:37:06:6c:a7:e6:
72:29:13:b9:a3:b5:b7:e9:cd:48:37:92:69:0f:5f:7c:bc:d9:
e8:cb:50:06:4a:ed:13:ec:bb:16:f0:0d:2e:db:fc:26:54:36:
19:8d:d1:aa:a2:ad:9b:b3:80:d4:c8:aa:3d:03:e3:c3:53:c5:
19:1c:d5:f0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY4aIgb6BMevFJZywTWOLA6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA3MTgxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdmZDhmYzBjZGYyODA3OTY0ZjNkYTZlNTQ2YjlkZWVhZDJmYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozH3eOgaNSTDYWJnGTk2yXXu6oUt
cEEMqi1zdGX9dSNzdN9TRJ0GW7puRdDIasE2s2KO8sy7iuqwHpXeKOcLAUuN/NG0
CpRMxGPWBBfj2/le1UEV99z9zROLvDHx3ogQO01WMvr/na3XZk4/OUdPqGLzz0Rm
NVVGTMZ4qRbZzGaEICpGso/E9QlcGVgmdFTSsFyx7ISCYCWnBHzd56NiC1zNNrM0
d/HFvUOsUzcDelAygeixRlJ+Qgxsj0CuAoMsUvRWBxwND5QeF4ZT6+BW79kJt795
sJUe3RghN2aKgTeafxfPF0LYT+ddtUMsE7UZWxIfMSyCm9QLQS37y+1+tQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFBd/2PwM3ygHlk89puVGud7q0vxGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRjNfWV9BemZLQWVXVHoybTVVYTUzdXJTX0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAMB8
vwMEAMF8BQMEAMJXDAMEAMJXFgMEAMJXIAMEAMJXKAMEAMJXVgMEAcJXWAMEAMJX
bAMEAMJXfAMEAMJXiAMEAMJXjgMEAMJXlgMEAMJXuQMEAMOFBgMEAMOFHQMEAcOF
KgMEAMOFSAMEAMOFVQMEAMOFwAMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAIyDy
PupzKeT2QpMgp08LXVEx50p1HVnEFpA0iTQMN/QXYszYzo4d+pZ4AC0nd7XBfbTK
YYEJPDnvdmWH5vgVdH6BBTykmH4+tq59ILOZ5SnJyzZsIdSk/z2B5zB8jaXnfg7T
nYXs/alhk9DgWECdmVTNlJ58TkODz6hpe5LoDnMJBxSMri3GihYN+yrqIQDguCoz
ugB2B4oVSJ8P3uUr5DaKfKwJvr6c9absskL5oioblbiV0wRFsj4Z4HrmWjuOFjcG
bKfmcikTuaO1t+nNSDeSaQ9ffLzZ6MtQBkrtE+y7FvANLtv8JlQ2GY3RqqKtm7OA
1MiqPQPjw1PFGRzV8A==
-----END CERTIFICATE-----
Generated at Tue Mar 26 06:07:12 2024 by rpki-client on console-fra.rpki-client.org