Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GOkSciRe_WbYUS3n3Cj-WqGCobg.roa
File: GOkSciRe_WbYUS3n3Cj-WqGCobg.roa (raw, json)
Hash identifier: yKbB3q/HUzTwn2XZC/95w/0YtmBCtX+s0+85j5Qzbaw=
Subject key identifier: 18:E9:12:72:24:5E:FD:66:D8:51:2D:E7:DC:28:FE:5A:A1:82:A1:B8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01909C9A45F1848EA97185445ED8A064CEDA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GOkSciRe_WbYUS3n3Cj-WqGCobg.roa
Signing time: Wed 10 Jul 2024 12:24:34 +0000
ROA not before: Wed 10 Jul 2024 12:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 193.124.35.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 13:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:9a:45:f1:84:8e:a9:71:85:44:5e:d8:a0:64:ce:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 10 12:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18e91272245efd66d8512de7dc28fe5aa182a1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c6:4d:7f:c1:ed:b4:d2:ef:d7:41:f7:75:7b:
d0:f1:81:14:d7:ef:c0:1d:c2:7d:2b:4a:1f:2d:38:
d8:8a:5b:56:25:a1:66:71:d0:5a:8d:f2:5a:5d:5a:
a8:80:e7:0b:0c:70:19:b3:82:c1:bb:0e:fd:dc:c4:
b3:ed:16:44:39:c3:73:75:12:bf:79:f2:46:5f:ed:
6e:3e:69:27:2a:ef:16:33:3f:ac:39:ce:a0:9f:fc:
8c:7b:6a:5f:78:f5:d2:64:48:ac:23:2d:03:83:3d:
ef:aa:84:f6:4a:76:c7:d1:2f:27:84:d1:6f:4e:b1:
31:19:51:15:4b:1b:29:e0:62:e2:a6:81:cf:73:87:
33:36:b7:fc:b8:35:dd:c6:04:6e:ba:46:c9:98:8f:
05:07:64:6c:29:b8:9f:d5:32:7e:96:bd:23:95:6e:
bc:bd:b5:7e:de:23:78:75:90:2e:ab:a3:34:6c:ca:
18:3e:58:96:42:19:ef:b3:50:28:a5:d9:b8:ce:63:
28:61:39:42:63:3a:05:82:4f:62:94:33:90:7a:8d:
48:91:ef:b7:2a:75:5e:91:fb:ad:34:2f:2f:bc:39:
49:b5:f5:68:d5:c1:c0:ed:ff:d7:ee:02:91:af:a8:
e7:14:d2:27:d2:a4:76:49:27:76:6a:a0:ad:57:cc:
7c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E9:12:72:24:5E:FD:66:D8:51:2D:E7:DC:28:FE:5A:A1:82:A1:B8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GOkSciRe_WbYUS3n3Cj-WqGCobg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
193.124.133.0/24
194.87.246.0/24
195.58.39.0/24
195.133.50.0/24
195.133.76.0/24
212.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
78:dd:ac:4e:11:75:2a:70:6e:5e:77:dd:b2:ef:8e:26:7a:44:
df:ab:f5:9d:93:7a:a8:87:ce:58:7a:5d:ae:61:66:e6:58:c3:
2b:6a:d1:cf:e3:54:88:03:16:e2:2f:92:23:93:18:c1:2f:0a:
9c:3c:2d:97:3d:c4:0e:85:85:17:00:ce:46:42:e0:3f:26:43:
df:b5:74:7f:13:21:60:ec:ed:a2:a6:45:86:8e:29:09:20:6d:
7b:7c:0e:85:88:c1:07:15:a6:8c:d3:fe:71:9d:bb:b8:e2:06:
c1:0c:05:14:53:bf:01:32:79:eb:9c:db:3d:1c:2a:25:a7:6e:
40:ec:2e:a1:32:1f:25:60:68:c6:d8:1d:77:17:76:68:07:6d:
46:8e:5e:59:eb:22:50:ec:c0:f6:9e:f0:2c:34:e1:7b:11:e8:
4a:02:70:29:e5:80:f9:8f:f3:ce:cc:20:5c:69:6b:ad:e9:82:
dc:e3:0b:1a:9e:7d:c9:97:ef:ec:80:66:c7:65:e1:16:0f:32:
9e:13:2a:84:aa:2b:e8:9a:ae:7f:27:7e:7e:6e:bb:29:bb:e1:
58:c7:51:f0:77:8e:64:16:31:ce:cc:dd:04:e6:c2:9c:98:3a:
aa:b9:a7:b1:d5:88:44:19:eb:04:a3:db:b0:d0:64:20:67:99:
ea:3a:b8:e5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZCcmkXxhI6pcYVEXtigZM7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzEwMTIyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGU5MTI3MjI0NWVmZDY2ZDg1MTJkZTdkYzI4ZmU1YWExODJhMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MZNf8HttNLv10H3dXvQ8YEU1+/A
HcJ9K0ofLTjYiltWJaFmcdBajfJaXVqogOcLDHAZs4LBuw793MSz7RZEOcNzdRK/
efJGX+1uPmknKu8WMz+sOc6gn/yMe2pfePXSZEisIy0Dgz3vqoT2SnbH0S8nhNFv
TrExGVEVSxsp4GLipoHPc4czNrf8uDXdxgRuukbJmI8FB2RsKbif1TJ+lr0jlW68
vbV+3iN4dZAuq6M0bMoYPliWQhnvs1Aopdm4zmMoYTlCYzoFgk9ilDOQeo1Ike+3
KnVekfutNC8vvDlJtfVo1cHA7f/X7gKRr6jnFNIn0qR2SSd2aqCtV8x82wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBjpEnIkXv1m2FEt59wo/lqhgqG4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR09rU2NpUmVfV2JZVVMzbjNDai1XcUdDb2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwjAwQA
wXyFAwQAwlf2AwQAwzonAwQAw4UyAwQAw4VMAwQA1MEEMA0GCSqGSIb3DQEBCwUA
A4IBAQB43axOEXUqcG5ed92y744mekTfq/Wdk3qoh85Yel2uYWbmWMMratHP41SI
AxbiL5IjkxjBLwqcPC2XPcQOhYUXAM5GQuA/JkPftXR/EyFg7O2ipkWGjikJIG17
fA6FiMEHFaaM0/5xnbu44gbBDAUUU78BMnnrnNs9HColp25A7C6hMh8lYGjG2B13
F3ZoB21Gjl5Z6yJQ7MD2nvAsNOF7EehKAnAp5YD5j/POzCBcaWut6YLc4wsann3J
l+/sgGbHZeEWDzKeEyqEqivomq5/J35+brspu+FYx1Hwd45kFjHOzN0E5sKcmDqq
uaex1YhEGesEo9uw0GQgZ5nqOrjl
-----END CERTIFICATE-----
Generated at Tue Jul 30 17:42:17 2024 by rpki-client on console-ams.rpki-client.org