Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gjcma-gEuzrRodIA42Bxlm1NSpY.roa
File: Gjcma-gEuzrRodIA42Bxlm1NSpY.roa (raw, json)
Hash identifier: HIfpJKyJzdDqXY2TsIS3P5M4UpUph1sssCP3AC1fAYA=
Subject key identifier: 1A:37:26:6B:E8:04:BB:3A:D1:A1:D2:00:E3:60:71:96:6D:4D:4A:96
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E2DB475D8E99B19E866EE7E2A66EB92B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gjcma-gEuzrRodIA42Bxlm1NSpY.roa
Signing time: Mon 11 Mar 2024 13:29:45 +0000
ROA not before: Mon 11 Mar 2024 13:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 15:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:b4:75:d8:e9:9b:19:e8:66:ee:7e:2a:66:eb:92:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 11 13:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a37266be804bb3ad1a1d200e36071966d4d4a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fa:af:1c:3d:87:a6:f1:12:ff:02:52:e1:ac:
85:6f:cd:6d:8c:82:ab:da:2c:f9:c4:17:c3:dd:1a:
52:8e:3c:6c:70:c9:7e:97:b2:ad:a8:5b:08:6f:7a:
cd:12:de:39:be:db:1a:d0:70:d7:0e:4d:91:fb:3d:
e0:b6:8a:3b:1c:2c:d4:0c:18:96:6a:b2:50:6f:c5:
91:19:cb:f2:d4:76:43:90:18:a1:f0:0f:d0:c2:5c:
26:d6:e8:64:36:af:af:2c:58:fb:15:d1:42:48:07:
3a:7e:9d:70:80:d3:86:98:5a:ad:30:56:f8:ac:2e:
a0:5e:e9:19:a1:c1:45:98:57:dc:98:62:11:71:11:
57:fe:53:b9:47:79:89:0c:fe:81:58:9d:c8:8c:44:
bd:9d:c8:89:58:96:41:d8:11:61:7f:fd:c0:84:97:
0e:98:12:36:a7:c7:69:d8:67:4f:e8:4a:39:88:7a:
d4:8e:7f:5d:59:a6:43:99:1f:62:bd:36:91:b4:1a:
3c:ca:88:c1:59:2e:3f:80:20:54:8f:b1:5b:ad:d5:
7d:d5:d8:e0:2e:d7:b1:ab:f9:b8:7d:9b:d0:9c:4e:
79:25:76:16:d3:ab:24:31:c4:46:dd:85:9c:14:b0:
3e:64:e3:5c:57:dc:4e:09:47:11:fc:c0:33:35:eb:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:37:26:6B:E8:04:BB:3A:D1:A1:D2:00:E3:60:71:96:6D:4D:4A:96
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Gjcma-gEuzrRodIA42Bxlm1NSpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.203.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
63:42:a4:2f:71:ee:e0:75:4b:25:fb:ef:87:a6:f7:1b:d9:9f:
94:28:e4:e3:ba:f5:90:0f:5c:5f:80:c1:e0:fb:b9:f1:25:79:
b5:8c:d2:19:c4:00:b7:32:01:e9:41:9a:14:ad:33:7c:33:1b:
bf:fc:70:0c:f2:d6:a1:75:1d:28:6b:ef:41:e9:39:c6:31:42:
bd:3a:a7:ac:c1:31:90:32:1f:fa:7e:da:e7:0d:3c:b3:ea:62:
02:81:b9:17:99:f5:ec:9b:d4:65:b2:d6:4c:a4:bb:cc:ab:21:
53:0d:24:96:8f:0b:31:8d:54:76:ee:4b:58:6a:ec:1f:5a:67:
12:b3:35:00:d2:d3:65:07:d7:11:00:e5:63:86:50:7c:cb:f7:
97:d1:d7:14:9e:a6:0c:a4:e5:da:e5:42:90:10:43:84:d3:df:
df:7c:9f:88:65:4d:17:d1:34:b4:ea:46:fb:2e:d4:47:9f:20:
ee:c7:5d:7a:8b:d2:bc:1e:f8:a7:36:00:58:5f:9d:bb:ee:95:
d6:2c:01:a4:6e:d3:df:29:98:2d:de:f4:21:0e:da:38:0b:87:
89:e6:1a:96:44:dd:c6:53:51:13:81:f7:95:ed:70:66:20:74:
58:f4:6c:f0:33:45:0a:77:e0:0e:ba:8f:81:c0:36:b4:e6:5b:
a5:2b:92:d2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4ttHXY6ZsZ6Gbufipm65KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzExMTMyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM3MjY2YmU4MDRiYjNhZDFhMWQyMDBlMzYwNzE5NjZkNGQ0YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvqvHD2HpvES/wJS4ayFb81tjIKr
2iz5xBfD3RpSjjxscMl+l7KtqFsIb3rNEt45vtsa0HDXDk2R+z3gtoo7HCzUDBiW
arJQb8WRGcvy1HZDkBih8A/Qwlwm1uhkNq+vLFj7FdFCSAc6fp1wgNOGmFqtMFb4
rC6gXukZocFFmFfcmGIRcRFX/lO5R3mJDP6BWJ3IjES9nciJWJZB2BFhf/3AhJcO
mBI2p8dp2GdP6Eo5iHrUjn9dWaZDmR9ivTaRtBo8yojBWS4/gCBUj7FbrdV91djg
Ltexq/m4fZvQnE55JXYW06skMcRG3YWcFLA+ZONcV9xOCUcR/MAzNeu7swIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBo3JmvoBLs60aHSAONgcZZtTUqWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR2pjbWEtZ0V1enJSb2RJQTQyQnhsbTFOU3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwHAwQA
wXzLAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABAwQA1MELMA0GCSqGSIb3DQEBCwUA
A4IBAQBjQqQvce7gdUsl+++Hpvcb2Z+UKOTjuvWQD1xfgMHg+7nxJXm1jNIZxAC3
MgHpQZoUrTN8Mxu//HAM8tahdR0oa+9B6TnGMUK9OqeswTGQMh/6ftrnDTyz6mIC
gbkXmfXsm9RlstZMpLvMqyFTDSSWjwsxjVR27ktYauwfWmcSszUA0tNlB9cRAOVj
hlB8y/eX0dcUnqYMpOXa5UKQEEOE09/ffJ+IZU0X0TS06kb7LtRHnyDux116i9K8
HvinNgBYX5277pXWLAGkbtPfKZgt3vQhDto4C4eJ5hqWRN3GU1ETgfeV7XBmIHRY
9GzwM0UKd+AOuo+BwDa05lulK5LS
-----END CERTIFICATE-----
Generated at Mon Mar 11 20:50:30 2024 by rpki-client on console-ams.rpki-client.org