Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IXw-fCrFovj_3Ui0sVmfoYjs4M8.roa
File: IXw-fCrFovj_3Ui0sVmfoYjs4M8.roa (raw, json)
Hash identifier: t+1M2ahtFS2noiHwV0YvuaWX+k82N7nKgyosl0lHIFE=
Subject key identifier: 21:7C:3E:7C:2A:C5:A2:F8:FF:DD:48:B4:B1:59:9F:A1:88:EC:E0:CF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01860136B67C54850119C7FFF83A392514E8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IXw-fCrFovj_3Ui0sVmfoYjs4M8.roa
Signing time: Mon 30 Jan 2023 05:46:48 +0000
ROA not before: Mon 30 Jan 2023 05:46:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 24
194.87.225.0/24 maxlen: 24
194.87.120.0/23 maxlen: 24
195.133.9.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Mar 2023 13:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:36:b6:7c:54:85:01:19:c7:ff:f8:3a:39:25:14:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 05:46:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=217c3e7c2ac5a2f8ffdd48b4b1599fa188ece0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a9:dd:6e:8e:a6:d0:9e:db:16:b2:9e:80:e1:
46:88:03:22:5f:c3:32:aa:f4:c8:cf:40:bd:60:19:
53:a2:0d:10:ea:5b:22:24:0a:ed:80:97:18:83:bb:
40:c5:6c:c5:83:17:d1:aa:55:5f:66:c8:a6:a2:22:
f1:20:a9:e3:0d:62:c5:54:82:18:66:66:0a:55:a2:
cb:f4:83:a7:41:c4:06:72:6f:d9:96:2b:c7:a1:dc:
52:6e:fe:3c:14:2a:de:82:ed:5e:b5:40:80:43:be:
45:e2:36:ac:24:c2:a5:e2:4e:a3:87:89:96:a5:55:
1b:cd:e2:82:23:ff:95:6a:ef:96:89:38:83:91:3f:
94:b7:b7:b1:a4:6b:b7:81:28:95:86:df:21:40:3e:
c3:39:52:6a:82:3a:20:24:0b:f2:e3:d5:c6:bd:58:
cc:90:05:ff:6d:f2:60:79:f6:9f:85:90:1a:6e:9a:
00:26:c4:62:48:ff:b7:35:54:16:b9:b8:41:f7:70:
51:7f:38:8a:9f:2e:c3:88:e2:14:a4:ca:b5:fe:3b:
d8:f2:31:36:16:0b:f3:02:fd:5a:49:5d:a2:c7:f7:
08:08:a8:17:b2:cb:42:57:b4:00:69:f4:48:52:80:
3d:7f:0a:4b:59:d3:9d:fd:7e:c4:0b:60:c3:32:3a:
2f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7C:3E:7C:2A:C5:A2:F8:FF:DD:48:B4:B1:59:9F:A1:88:EC:E0:CF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IXw-fCrFovj_3Ui0sVmfoYjs4M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.120.0/23
194.87.225.0/24
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.25.0-195.133.27.255
195.133.59.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:ff:20:7b:a9:cc:9a:9e:0f:8b:fa:30:f7:3b:4c:c7:1b:a8:
7c:cc:46:76:af:30:63:5c:a3:96:7a:68:81:59:81:eb:1e:f4:
5f:a0:32:e8:a1:87:85:56:30:5e:c7:dd:cf:de:c1:5a:39:c5:
b4:0b:d3:d9:e2:3d:b5:77:f8:89:5c:ef:9a:6a:88:63:cb:26:
d6:f4:97:ca:79:b7:08:54:03:6d:f7:83:83:51:d1:20:5e:72:
2d:e5:1c:5b:da:61:9b:ae:c5:1c:27:5b:5a:aa:6c:4e:99:89:
37:f0:a8:1f:d0:ee:61:cc:e4:4c:14:28:76:9a:80:57:39:fc:
ee:72:4f:d7:75:f1:61:09:6d:93:de:da:62:ea:47:d6:7b:af:
c4:6e:4d:d6:33:d3:79:fe:f1:55:c7:ad:74:28:7e:a9:d0:d5:
71:70:c1:f7:fb:ad:1f:94:cb:75:e9:df:60:86:df:d6:1a:c3:
6d:e9:18:f5:80:c8:43:2d:74:bc:25:63:29:38:89:b6:56:75:
c5:d8:1d:30:6e:f9:6c:34:e9:dd:4e:05:8a:b1:b4:db:e9:d1:
ad:93:b5:43:7b:44:72:06:a4:ff:f5:c4:bf:66:b8:31:19:17:
32:57:1a:28:02:76:9b:dc:d6:66:8d:1c:61:6b:18:c2:40:53:
ea:a3:53:bf
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYYBNrZ8VIUBGcf/+Do5JRToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMwMDU0NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdjM2U3YzJhYzVhMmY4ZmZkZDQ4YjRiMTU5OWZhMTg4ZWNlMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6andbo6m0J7bFrKegOFGiAMiX8My
qvTIz0C9YBlTog0Q6lsiJArtgJcYg7tAxWzFgxfRqlVfZsimoiLxIKnjDWLFVIIY
ZmYKVaLL9IOnQcQGcm/ZlivHodxSbv48FCregu1etUCAQ75F4jasJMKl4k6jh4mW
pVUbzeKCI/+Vau+WiTiDkT+Ut7expGu3gSiVht8hQD7DOVJqgjogJAvy49XGvVjM
kAX/bfJgefafhZAabpoAJsRiSP+3NVQWubhB93BRfziKny7DiOIUpMq1/jvY8jE2
FgvzAv1aSV2ix/cICKgXsstCV7QAafRIUoA9fwpLWdOd/X7EC2DDMjovrwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCF8PnwqxaL4/91ItLFZn6GI7ODPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSVh3LWZDckZvdmpfM1VpMHNWbWZvWWpzNE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBwld4AwQA
wlfhAwQAwocgAwQAwocmAwQAwodoAwQAw4UJAwQAw4UVMAwDBADDhRkDBALDhRgD
BADDhTsDBALUwRgwDQYJKoZIhvcNAQELBQADggEBAFr/IHupzJqeD4v6MPc7TMcb
qHzMRnavMGNco5Z6aIFZgese9F+gMuihh4VWMF7H3c/ewVo5xbQL09niPbV3+Ilc
75pqiGPLJtb0l8p5twhUA233g4NR0SBeci3lHFvaYZuuxRwnW1qqbE6ZiTfwqB/Q
7mHM5EwUKHaagFc5/O5yT9d18WEJbZPe2mLqR9Z7r8RuTdYz03n+8VXHrXQofqnQ
1XFwwff7rR+Uy3Xp32CG39Yaw23pGPWAyEMtdLwlYyk4ibZWdcXYHTBu+Ww06d1O
BYqxtNvp0a2TtUN7RHIGpP/1xL9muDEZFzJXGigCdpvc1maNHGFrGMJAU+qjU78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org