Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IhhoZgmqSFcHlGDut0a8oSJt5lg.roa
File: IhhoZgmqSFcHlGDut0a8oSJt5lg.roa (raw, json)
Hash identifier: aiZoVZInD8OzpdgVGgi2//5I266LD3QuWL2yzOJXL8E=
Subject key identifier: 22:18:68:66:09:AA:48:57:07:94:60:EE:B7:46:BC:A1:22:6D:E6:58
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190695E3031C79B5103890475C28E1CD283
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IhhoZgmqSFcHlGDut0a8oSJt5lg.roa
Signing time: Sun 30 Jun 2024 13:38:18 +0000
ROA not before: Sun 30 Jun 2024 13:38:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.76.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jul 2024 04:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:69:5e:30:31:c7:9b:51:03:89:04:75:c2:8e:1c:d2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 30 13:38:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2218686609aa4857079460eeb746bca1226de658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:37:9b:6c:a7:ea:4f:c3:ce:34:33:f3:e6:bf:
cf:4a:c5:4f:0e:09:93:be:94:4c:ed:7c:7d:a0:b9:
c0:c6:4f:c1:aa:b7:2f:9e:c1:72:c3:13:e3:a5:5a:
1a:66:c9:e5:8c:d9:38:86:cf:4d:bf:52:3c:07:28:
16:6c:76:a0:f1:06:c2:7a:88:c2:7a:e7:5d:d5:70:
fd:45:6a:8c:47:07:85:60:0f:d6:a0:f7:db:81:19:
ab:ab:3e:32:de:61:8c:d4:58:84:38:8d:9c:59:0e:
5e:20:b0:11:7b:ca:fb:a3:41:45:67:49:89:9e:94:
1a:dc:ce:1e:a5:fb:ed:7b:f5:c5:48:ca:29:b9:6d:
0a:17:a1:74:d3:db:36:b7:6d:49:b1:f8:33:09:18:
43:57:2b:43:ec:8b:12:39:5b:18:45:ed:0c:e0:c3:
83:c7:2a:1c:14:0c:59:95:6d:60:bf:a2:f8:bc:92:
8c:f4:7c:8d:58:07:56:b5:1c:5b:25:99:03:f4:96:
42:24:94:ad:fd:c1:df:8a:4f:6d:fd:f0:67:f8:e0:
d4:a6:50:49:03:19:ef:a3:a5:1b:ad:08:85:9f:24:
c7:8a:a6:23:17:6a:22:08:87:6d:73:ab:77:c4:e9:
9e:d8:0b:ca:f6:a5:43:27:a5:5b:12:24:7e:96:fe:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:18:68:66:09:AA:48:57:07:94:60:EE:B7:46:BC:A1:22:6D:E6:58
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IhhoZgmqSFcHlGDut0a8oSJt5lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.169.0/24
195.133.25.0/24
195.133.50.0/23
195.133.76.0/24
195.133.92.0/23
212.192.1.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
60:24:18:c4:d5:10:b6:45:39:fd:86:b4:70:83:a9:0c:12:05:
a0:e9:e0:58:62:5b:f6:37:a1:c5:1c:5a:7e:e6:79:da:dc:9b:
bd:95:2c:90:13:16:3f:5d:5d:4c:45:68:f0:c3:26:3c:53:3f:
ba:03:f0:36:01:3f:e8:a7:8e:75:34:72:fb:2e:1e:b3:15:76:
6d:2c:8d:ce:34:24:66:98:11:c6:8e:77:b3:73:be:7d:d8:62:
85:e1:31:4d:1b:25:51:4b:41:a9:52:53:7a:d8:5e:12:2a:3d:
ce:e7:18:d6:93:59:46:b9:d9:c0:05:dd:e1:68:7f:d8:ae:d4:
96:73:60:24:19:e4:cd:a4:a7:2f:c9:3a:cc:b6:a3:75:36:f0:
c7:2c:86:09:fe:1d:b0:61:e7:e5:08:74:0d:27:12:a2:19:64:
97:be:7f:8b:7b:08:d9:ac:30:47:c7:eb:b7:2f:4b:cc:e0:65:
91:16:f8:fd:60:38:bd:34:7d:7b:7d:a9:64:dc:e6:ba:fb:14:
ad:07:02:a6:e3:57:c2:df:e8:90:6a:47:db:c5:cf:7f:b2:37:
d4:be:e0:c4:48:a7:61:14:9a:76:15:8b:e4:14:8b:d6:4b:72:
83:56:fb:e2:12:eb:af:8d:27:3f:6a:46:79:4f:88:c7:ce:19:
a9:33:55:66
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZBpXjAxx5tRA4kEdcKOHNKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjMwMTMzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE4Njg2NjA5YWE0ODU3MDc5NDYwZWViNzQ2YmNhMTIyNmRlNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzebbKfqT8PONDPz5r/PSsVPDgmT
vpRM7Xx9oLnAxk/BqrcvnsFywxPjpVoaZsnljNk4hs9Nv1I8BygWbHag8QbCeojC
eudd1XD9RWqMRweFYA/WoPfbgRmrqz4y3mGM1FiEOI2cWQ5eILARe8r7o0FFZ0mJ
npQa3M4epfvte/XFSMopuW0KF6F009s2t21JsfgzCRhDVytD7IsSOVsYRe0M4MOD
xyocFAxZlW1gv6L4vJKM9HyNWAdWtRxbJZkD9JZCJJSt/cHfik9t/fBn+ODUplBJ
Axnvo6UbrQiFnyTHiqYjF2oiCIdtc6t3xOme2AvK9qVDJ6VbEiR+lv7TdQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCIYaGYJqkhXB5Rg7rdGvKEibeZYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSWhob1pnbXFTRmNIbEdEdXQwYThvU0p0NWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQBwjo4AwQA
wlepAwQAw4UZAwQBw4UyAwQAw4VMAwQBw4VcAwQA1MABMBQEAgACMA4DBQMqAVfA
AwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAYCQYxNUQtkU5/Ya0cIOpDBIFoOng
WGJb9jehxRxafuZ52tybvZUskBMWP11dTEVo8MMmPFM/ugPwNgE/6KeOdTRy+y4e
sxV2bSyNzjQkZpgRxo53s3O+fdhiheExTRslUUtBqVJTetheEio9zucY1pNZRrnZ
wAXd4Wh/2K7UlnNgJBnkzaSnL8k6zLajdTbwxyyGCf4dsGHn5Qh0DScSohlkl75/
i3sI2awwR8frty9LzOBlkRb4/WA4vTR9e32pZNzmuvsUrQcCpuNXwt/okGpH28XP
f7I31L7gxEinYRSadhWL5BSL1ktyg1b74hLrr40nP2pGeU+Ix84ZqTNVZg==
-----END CERTIFICATE-----
Generated at Thu Jul 4 05:26:53 2024 by rpki-client on console-fra.rpki-client.org