Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LtqcFHD3HdfisxWh27qhpHJTUjM.roa
File: LtqcFHD3HdfisxWh27qhpHJTUjM.roa (raw, json)
Hash identifier: q9SXBvRaD36H9+fBNB4fIae6PKYzraUuih1IfzXUsVs=
Subject key identifier: 2E:DA:9C:14:70:F7:1D:D7:E2:B3:15:A1:DB:BA:A1:A4:72:53:52:33
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018723387C084972B187FFBBBE58D38A2174
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LtqcFHD3HdfisxWh27qhpHJTUjM.roa
Signing time: Mon 27 Mar 2023 13:18:36 +0000
ROA not before: Mon 27 Mar 2023 13:18:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 212.193.29.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
212.192.216.0/22 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.87.67.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 16:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:38:7c:08:49:72:b1:87:ff:bb:be:58:d3:8a:21:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 27 13:18:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eda9c1470f71dd7e2b315a1dbbaa1a472535233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6d:66:c7:cf:a4:c6:ba:22:4c:67:0c:94:2c:
6a:81:f5:98:3f:78:80:98:b7:df:f3:0e:ba:60:cc:
fd:f5:4c:24:4a:8c:41:c2:02:8d:d9:02:54:3e:4f:
e7:5c:7d:7b:a2:c3:02:a1:c0:4c:1f:fe:ad:80:26:
2a:ce:14:09:72:4e:66:73:ed:d4:53:28:41:8c:9e:
39:7d:69:35:e5:88:1e:55:e8:38:70:fc:7f:51:56:
29:77:0f:49:a4:28:dd:55:4b:cd:cb:45:ef:af:8c:
a6:38:ba:95:86:68:f3:a4:65:d5:a2:20:a8:9e:b6:
f8:18:72:bd:d1:51:12:5a:d0:c0:f8:91:91:f9:fb:
2a:84:8f:19:2d:59:64:7b:c0:a2:26:10:27:17:1d:
8e:08:34:83:02:06:01:75:cc:cb:bb:d2:ce:cf:da:
6c:d4:13:9c:7e:b8:ae:a8:2c:65:54:3c:eb:87:5a:
e9:3f:63:a7:75:a7:50:f3:7a:bf:fd:40:10:1a:f2:
61:ab:58:e0:95:fe:7b:94:fe:2c:2d:a4:b2:0c:00:
a5:e3:2e:f6:12:d8:23:a5:cc:e2:9a:27:08:3d:e3:
b6:f2:c6:ef:9b:88:9e:35:ef:af:4c:b6:12:da:45:
a7:68:58:7d:1c:53:09:dc:8d:71:81:45:bd:00:63:
13:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DA:9C:14:70:F7:1D:D7:E2:B3:15:A1:DB:BA:A1:A4:72:53:52:33
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LtqcFHD3HdfisxWh27qhpHJTUjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.248.0/24
194.85.250.0/24
194.87.67.0/24
194.87.227.0/24
195.133.39.0/24
212.192.216.0/22
212.192.244.0/22
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e8:e9:1a:d9:f5:94:be:05:59:4a:c4:26:f9:45:6a:21:99:
96:a9:3a:6c:7f:cb:c1:04:d4:3f:44:1e:f6:bd:b1:16:97:4f:
82:ba:e1:fa:31:4d:c4:e2:10:e1:ad:99:b9:e6:f9:99:ab:66:
57:21:e1:6c:a9:3c:76:fd:fb:89:6a:5c:75:b6:d9:f5:ab:64:
bb:a7:73:ff:73:1d:37:05:ff:fe:c1:fe:34:90:5e:30:5d:ed:
5d:d4:9e:d5:f9:8c:61:d0:7e:6a:af:4e:3f:67:f7:3e:b3:ca:
e0:b4:2a:45:93:31:fc:c5:a7:4c:d9:a8:19:77:e4:63:04:6d:
8d:34:df:10:c0:98:64:18:2e:bc:e2:8d:ca:cf:e8:93:a2:67:
5d:35:d4:d3:0a:d8:88:d8:a9:52:77:9c:60:2d:fa:79:ad:2d:
0c:d9:cf:e4:e5:78:d6:94:13:a3:92:48:1a:db:61:3c:10:dc:
a3:91:c1:58:e9:8a:ef:53:27:c6:01:ad:cf:63:26:18:34:d5:
91:a5:b7:bf:5c:02:74:1a:7a:28:be:5f:0d:c7:c1:d8:db:bd:
90:9f:aa:d8:41:8c:39:20:25:da:e0:49:06:2f:20:94:a5:e9:
4f:1f:08:be:70:d0:69:e5:c0:71:c9:0c:0f:66:5b:33:2d:eb:
10:7c:4a:0b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYcjOHwISXKxh/+7vljTiiF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI3MTMxODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRhOWMxNDcwZjcxZGQ3ZTJiMzE1YTFkYmJhYTFhNDcyNTM1MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG1mx8+kxroiTGcMlCxqgfWYP3iA
mLff8w66YMz99UwkSoxBwgKN2QJUPk/nXH17osMCocBMH/6tgCYqzhQJck5mc+3U
UyhBjJ45fWk15YgeVeg4cPx/UVYpdw9JpCjdVUvNy0Xvr4ymOLqVhmjzpGXVoiCo
nrb4GHK90VESWtDA+JGR+fsqhI8ZLVlke8CiJhAnFx2OCDSDAgYBdczLu9LOz9ps
1BOcfriuqCxlVDzrh1rpP2OndadQ83q//UAQGvJhq1jglf57lP4sLaSyDACl4y72
EtgjpczimicIPeO28sbvm4ieNe+vTLYS2kWnaFh9HFMJ3I1xgUW9AGMTzQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFC7anBRw9x3X4rMVodu6oaRyU1IzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTHRxY0ZIRDNIZGZpc3hXaDI3cWhwSEpUVWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwlX4AwQA
wlX6AwQAwldDAwQAwlfjAwQAw4UnAwQC1MDYAwQC1MD0AwQA1MEdMA0GCSqGSIb3
DQEBCwUAA4IBAQCY6Oka2fWUvgVZSsQm+UVqIZmWqTpsf8vBBNQ/RB72vbEWl0+C
uuH6MU3E4hDhrZm55vmZq2ZXIeFsqTx2/fuJalx1ttn1q2S7p3P/cx03Bf/+wf40
kF4wXe1d1J7V+Yxh0H5qr04/Z/c+s8rgtCpFkzH8xadM2agZd+RjBG2NNN8QwJhk
GC684o3Kz+iTomddNdTTCtiI2KlSd5xgLfp5rS0M2c/k5XjWlBOjkkga22E8ENyj
kcFY6YrvUyfGAa3PYyYYNNWRpbe/XAJ0Gnoovl8Nx8HY272Qn6rYQYw5ICXa4EkG
LyCUpelPHwi+cNBp5cBxyQwPZlszLesQfEoL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org