Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lp1rdQLJEvnawF0Q8moo3gM9zWo.roa
File: Lp1rdQLJEvnawF0Q8moo3gM9zWo.roa (raw, json)
Hash identifier: v9RRBxoX1OEr6F0hafA+mlIDr4U8b//tou4IY2LxLj8=
Subject key identifier: 2E:9D:6B:75:02:C9:12:F9:DA:C0:5D:10:F2:6A:28:DE:03:3D:CD:6A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01918EE5FC7030CB4C620E4A401B92475E19
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lp1rdQLJEvnawF0Q8moo3gM9zWo.roa
Signing time: Mon 26 Aug 2024 13:35:22 +0000
ROA not before: Mon 26 Aug 2024 13:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 194.87.246.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 14:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:e5:fc:70:30:cb:4c:62:0e:4a:40:1b:92:47:5e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 13:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e9d6b7502c912f9dac05d10f26a28de033dcd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b3:83:4b:f2:89:ca:1c:ad:e7:1b:2e:78:56:
ac:3f:65:22:a4:90:7f:fb:50:99:f8:0d:5a:e1:da:
1b:3e:51:64:44:39:85:69:04:74:a8:18:df:cb:e0:
94:68:69:86:d8:11:0d:c8:ce:02:dc:6e:4f:2f:02:
a3:44:6c:a4:8d:58:c7:5b:4a:cd:85:35:e9:97:58:
ee:f9:7e:f6:65:35:db:21:d5:56:31:4b:3a:d3:55:
a6:b9:63:94:6a:77:ae:54:8b:7f:55:67:e6:79:65:
f4:e6:a5:2f:7d:66:10:6a:65:03:f0:44:ee:2b:ab:
89:ee:47:2c:c3:15:46:d1:c2:a5:4c:34:2e:28:3b:
ea:f4:b7:ef:d7:bb:1b:42:ed:34:8e:a3:2d:85:ef:
64:ce:4f:bb:fd:4e:df:e9:a8:08:2b:67:96:b2:55:
57:a6:16:dd:c2:44:5a:60:df:0f:ce:a5:4b:fb:69:
c7:c5:9b:63:06:54:aa:c6:03:84:19:d5:4d:b2:3f:
a8:61:ab:3d:4b:34:a3:77:8c:e3:68:60:13:32:ad:
24:d1:f3:4a:39:56:94:6a:b4:39:b6:87:80:55:62:
dc:5d:1f:9c:0f:94:a5:27:5b:6c:f4:77:0f:9d:0f:
65:ff:ab:ea:46:4c:f9:49:a2:94:c5:2a:fb:cc:e8:
f2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9D:6B:75:02:C9:12:F9:DA:C0:5D:10:F2:6A:28:DE:03:3D:CD:6A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Lp1rdQLJEvnawF0Q8moo3gM9zWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
195.133.50.0/24
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
04:df:95:8f:c4:a2:dc:29:35:31:b9:ab:3e:93:a0:aa:43:e6:
c0:44:90:60:1d:35:99:76:bf:cf:fa:ec:2b:e5:2b:6a:fe:39:
71:9e:55:19:73:d2:87:00:62:98:36:95:a2:83:c7:be:27:ea:
4f:73:16:c2:d0:9e:c1:43:f2:30:f4:a1:57:c1:01:c4:84:3a:
6c:30:9d:f3:5f:dc:0d:34:e0:19:30:c6:df:27:73:68:f4:85:
51:50:8a:78:6b:8a:27:56:71:08:e3:5e:6e:40:2c:80:58:d8:
80:a0:1f:32:47:19:88:ed:ae:a4:2e:1e:98:88:66:79:c2:d4:
f3:9d:98:6d:63:49:ed:e1:34:8a:0b:f7:fe:2a:37:7b:bb:b6:
23:4f:f3:8c:8d:49:2d:ef:ab:32:57:fb:9a:d4:e5:f4:68:09:
73:c4:1d:ad:ab:d9:57:db:53:0b:8c:39:b5:3a:a9:1c:2f:f1:
f1:78:85:85:90:89:99:29:90:10:ed:1b:68:1c:fc:5c:f0:14:
50:5e:92:c3:4f:2a:42:0b:6a:97:fd:31:23:62:33:9d:3f:20:
4b:1f:88:1a:5c:d1:7c:67:ef:1c:5c:11:f5:dc:26:8f:34:3a:
86:79:8c:28:bf:d8:a3:05:29:29:49:41:98:74:ec:99:0c:09:
1a:f9:8b:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGO5fxwMMtMYg5KQBuSR14ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI2MTMzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTlkNmI3NTAyYzkxMmY5ZGFjMDVkMTBmMjZhMjhkZTAzM2RjZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbODS/KJyhyt5xsueFasP2UipJB/
+1CZ+A1a4dobPlFkRDmFaQR0qBjfy+CUaGmG2BENyM4C3G5PLwKjRGykjVjHW0rN
hTXpl1ju+X72ZTXbIdVWMUs601WmuWOUaneuVIt/VWfmeWX05qUvfWYQamUD8ETu
K6uJ7kcswxVG0cKlTDQuKDvq9Lfv17sbQu00jqMthe9kzk+7/U7f6agIK2eWslVX
phbdwkRaYN8PzqVL+2nHxZtjBlSqxgOEGdVNsj+oYas9SzSjd4zjaGATMq0k0fNK
OVaUarQ5toeAVWLcXR+cD5SlJ1ts9HcPnQ9l/6vqRkz5SaKUxSr7zOjyvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6da3UCyRL52sBdEPJqKN4DPc1qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTHAxcmRRTEpFdm5hd0YwUThtb28zZ005eldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlf2AwQA
w4UyAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQAE35WPxKLcKTUxuas+k6CqQ+bA
RJBgHTWZdr/P+uwr5Stq/jlxnlUZc9KHAGKYNpWig8e+J+pPcxbC0J7BQ/Iw9KFX
wQHEhDpsMJ3zX9wNNOAZMMbfJ3No9IVRUIp4a4onVnEI415uQCyAWNiAoB8yRxmI
7a6kLh6YiGZ5wtTznZhtY0nt4TSKC/f+Kjd7u7YjT/OMjUkt76syV/ua1OX0aAlz
xB2tq9lX21MLjDm1OqkcL/HxeIWFkImZKZAQ7RtoHPxc8BRQXpLDTypCC2qX/TEj
YjOdPyBLH4gaXNF8Z+8cXBH13CaPNDqGeYwov9ijBSkpSUGYdOyZDAka+Yv6
-----END CERTIFICATE-----
Generated at Wed Sep 4 15:47:48 2024 by rpki-client on console-fra.rpki-client.org