Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrqIYdSrFfuHMohzRraD7orCh7c.roa
File: MrqIYdSrFfuHMohzRraD7orCh7c.roa (raw, json)
Hash identifier: hsZNHpKowAVeDBZOZr5dgcTBBZq11NlfhVBqpIZaOYE=
Subject key identifier: 32:BA:88:61:D4:AB:15:FB:87:32:88:73:46:B6:83:EE:8A:C2:87:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F2F59C2842F667A61562CD6BFF8C09025
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrqIYdSrFfuHMohzRraD7orCh7c.roa
Signing time: Tue 30 Apr 2024 14:12:42 +0000
ROA not before: Tue 30 Apr 2024 14:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 May 2024 06:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:59:c2:84:2f:66:7a:61:56:2c:d6:bf:f8:c0:90:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 30 14:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32ba8861d4ab15fb8732887346b683ee8ac287b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d1:af:e0:76:72:4f:91:74:32:b7:dd:e5:b0:
76:de:34:a3:8c:a1:67:06:24:af:d1:2a:6c:1c:3e:
3b:ce:6d:b5:af:5e:1b:7e:5b:91:a8:81:73:84:fd:
2b:7e:51:62:24:4d:b7:1c:62:50:a6:82:b1:23:32:
a4:f9:49:e1:1b:0b:51:dc:93:15:30:b5:0c:02:59:
04:83:ff:84:42:b4:f6:33:ec:ef:b9:d2:a6:c2:74:
f1:98:1e:a3:10:15:72:ad:68:05:47:d4:db:44:a7:
d7:a2:69:51:3e:a1:8b:3b:ff:db:19:3e:79:06:c0:
9d:43:f6:7d:16:a7:d6:e9:d2:11:a7:77:44:b1:1a:
3a:4e:2a:47:1f:0b:22:c3:60:00:77:4f:db:61:da:
46:ee:cb:de:40:3b:93:f1:65:e9:79:3c:9e:2d:2a:
ce:41:68:77:4c:60:5f:b9:0e:64:fc:81:da:a0:c2:
b5:fa:70:41:c8:43:56:63:e9:f2:d1:0b:26:a7:3a:
0c:bd:f7:bc:16:2f:36:20:9a:73:41:78:1c:96:a1:
a3:8c:aa:6e:31:b4:5e:39:2d:dc:a0:c6:3f:ce:c6:
80:09:56:35:97:f9:48:6f:8f:b3:b9:ab:27:ff:93:
32:b5:f0:6b:69:ea:f0:c7:2e:90:bc:60:1a:6f:04:
ce:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BA:88:61:D4:AB:15:FB:87:32:88:73:46:B6:83:EE:8A:C2:87:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrqIYdSrFfuHMohzRraD7orCh7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
75:16:4e:1e:5a:96:61:76:0b:6a:87:97:cf:4d:30:49:f4:d2:
13:85:67:aa:5b:e5:c8:ce:ae:27:f2:ac:ee:db:36:2d:9b:81:
7c:d7:eb:80:0f:09:24:d3:d3:27:6f:19:0b:77:0c:12:75:b8:
2f:45:ed:9f:77:b6:d8:c9:07:6d:bc:be:ff:96:89:6f:47:6b:
a3:46:a1:ea:7f:b3:55:1c:8a:91:1d:16:79:0a:0c:e6:9c:cd:
05:07:31:ae:b8:86:72:92:02:a8:63:da:0f:0a:0b:64:bd:64:
c0:c0:8e:06:b5:c9:23:c1:cd:42:a4:00:e3:9d:7b:46:85:de:
ed:6e:ae:df:4c:8d:51:0d:72:45:b3:0d:02:f3:48:28:f8:8a:
c4:f1:da:9c:f2:39:07:52:bf:b2:f6:f9:6f:c4:b4:7a:01:f2:
3f:2a:2c:ee:7a:19:e0:d0:a5:d0:08:66:1a:91:41:fb:cb:d4:
43:c6:7d:97:ae:38:ab:d9:01:62:cb:1e:0c:f5:d7:17:0a:b7:
2f:f1:76:69:3f:a2:8f:40:b5:d4:f7:e9:28:a7:83:0f:9d:63:
03:99:69:6f:74:0b:9b:48:b1:cf:0a:db:7b:53:ee:72:12:69:
4f:48:86:85:40:d1:38:cc:81:b5:94:c9:79:3c:27:c5:5a:3e:
61:47:bf:97
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY8vWcKEL2Z6YVYs1r/4wJAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDMwMTQxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJhODg2MWQ0YWIxNWZiODczMjg4NzM0NmI2ODNlZThhYzI4N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNGv4HZyT5F0Mrfd5bB23jSjjKFn
BiSv0SpsHD47zm21r14bfluRqIFzhP0rflFiJE23HGJQpoKxIzKk+UnhGwtR3JMV
MLUMAlkEg/+EQrT2M+zvudKmwnTxmB6jEBVyrWgFR9TbRKfXomlRPqGLO//bGT55
BsCdQ/Z9FqfW6dIRp3dEsRo6TipHHwsiw2AAd0/bYdpG7sveQDuT8WXpeTyeLSrO
QWh3TGBfuQ5k/IHaoMK1+nBByENWY+ny0QsmpzoMvfe8Fi82IJpzQXgclqGjjKpu
MbReOS3coMY/zsaACVY1l/lIb4+zuasn/5MytfBraerwxy6QvGAabwTOnQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDK6iGHUqxX7hzKIc0a2g+6Kwoe3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXJxSVlkU3JGZnVITW9oelJyYUQ3b3JDaDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAwXwHAwQB
wjo4AwQAwleNAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABAwQA1MEEMBQEAgACMA4D
BQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAdRZOHlqWYXYLaoeXz00w
SfTSE4VnqlvlyM6uJ/Ks7ts2LZuBfNfrgA8JJNPTJ28ZC3cMEnW4L0Xtn3e22MkH
bby+/5aJb0dro0ah6n+zVRyKkR0WeQoM5pzNBQcxrriGcpICqGPaDwoLZL1kwMCO
BrXJI8HNQqQA4517RoXe7W6u30yNUQ1yRbMNAvNIKPiKxPHanPI5B1K/svb5b8S0
egHyPyos7noZ4NCl0AhmGpFB+8vUQ8Z9l644q9kBYsseDPXXFwq3L/F2aT+ij0C1
1PfpKKeDD51jA5lpb3QLm0ixzwrbe1PuchJpT0iGhUDROMyBtZTJeTwnxVo+YUe/
lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org