Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ol0iLNqJMrmRlZTaGiJni-KLyPQ.roa
File: Ol0iLNqJMrmRlZTaGiJni-KLyPQ.roa (raw, json)
Hash identifier: v47BPOV5uGCe5PCUcxXTltbUAqYllQjC77X2LfD2l/Q=
Subject key identifier: 3A:5D:22:2C:DA:89:32:B9:91:95:94:DA:1A:22:67:8B:E2:8B:C8:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01881B1DABD357CF536E04B28DF06203FFEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ol0iLNqJMrmRlZTaGiJni-KLyPQ.roa
Signing time: Sun 14 May 2023 16:35:09 +0000
ROA not before: Sun 14 May 2023 16:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.58.33.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 13:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1b:1d:ab:d3:57:cf:53:6e:04:b2:8d:f0:62:03:ff:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 14 16:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a5d222cda8932b9919594da1a22678be28bc8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:96:55:94:33:89:de:2e:aa:2f:15:8b:01:fe:
da:da:4d:51:d3:56:7b:cf:b5:f2:80:86:63:34:df:
b7:85:71:ba:cb:90:6a:69:c4:ad:ba:9b:21:ee:95:
aa:d8:10:70:e7:58:09:c1:62:da:8d:2e:9a:8a:97:
04:d8:8c:1b:5f:f6:b7:3c:35:db:94:08:cb:93:09:
60:3e:61:78:c7:d6:16:25:4d:3e:fe:4c:df:87:28:
0f:eb:5b:bf:a4:e5:c7:0e:ac:98:23:93:56:7e:1c:
44:82:97:04:2d:08:a0:95:96:a6:f0:76:49:55:82:
ea:13:a5:59:c5:30:b2:aa:d7:19:7b:ea:47:13:b6:
b6:32:60:0d:ef:69:10:d0:3c:e2:76:6b:bb:43:e7:
69:82:41:02:df:9c:57:ce:06:52:60:a4:a1:1b:20:
c7:41:69:ad:aa:6a:9b:75:a4:7a:b7:f6:f0:fc:6e:
3d:09:11:bf:50:dc:10:e2:7e:38:a5:0a:69:3a:fc:
05:77:58:eb:5e:21:ac:60:48:87:44:4c:ef:17:73:
86:34:8e:5f:ea:e5:1b:df:97:17:96:1d:03:12:65:
be:1a:cd:ba:2c:b4:46:fd:c7:e9:ad:1b:5d:1c:2c:
2f:d3:9e:50:7f:af:1c:06:6c:83:18:7f:fe:56:42:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5D:22:2C:DA:89:32:B9:91:95:94:DA:1A:22:67:8B:E2:8B:C8:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ol0iLNqJMrmRlZTaGiJni-KLyPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.33.0/24
194.87.199.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5c:24:ca:06:60:39:e6:f0:65:b2:c5:9a:b6:91:cc:fd:0d:
4a:aa:9a:d5:38:d9:65:5b:59:0e:a4:f0:9f:ff:90:de:f7:3a:
d8:8b:0e:23:77:24:93:a6:46:ff:59:c1:21:49:b7:f5:90:df:
2c:c9:d1:7b:55:6b:ff:db:d7:6f:20:11:7b:55:db:2b:0c:47:
c1:da:e6:9d:45:69:ac:53:17:07:1f:2b:ab:1f:20:6f:b2:1e:
d5:cf:57:cf:07:5a:be:75:3f:eb:6c:b4:50:05:f6:d5:f9:f5:
85:61:22:83:54:c6:b9:0b:49:04:47:3e:60:a9:25:e5:2c:ad:
63:90:4f:2a:43:b5:a5:8d:57:7c:a3:30:08:bf:6a:db:b7:73:
ed:d3:c7:8a:ad:a3:d7:f5:79:11:07:4c:ab:e1:c0:1e:3a:60:
27:08:37:aa:e2:8d:80:27:06:b6:73:63:7d:4c:60:11:91:51:
06:52:a3:b0:e7:72:a0:fe:a2:53:01:49:db:27:83:d4:90:e9:
73:24:0f:87:eb:e7:61:4f:57:9c:2a:af:86:1f:c1:7d:08:86:
34:66:03:23:21:26:24:11:b8:8e:56:c1:79:75:ca:d6:88:6c:
7e:1d:a2:06:51:41:af:5e:ac:56:8e:46:8a:fd:ad:3a:5b:52:
f4:57:2e:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgbHavTV89TbgSyjfBiA//vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE0MTYzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVkMjIyY2RhODkzMmI5OTE5NTk0ZGExYTIyNjc4YmUyOGJjOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5ZVlDOJ3i6qLxWLAf7a2k1R01Z7
z7XygIZjNN+3hXG6y5BqacStupsh7pWq2BBw51gJwWLajS6aipcE2IwbX/a3PDXb
lAjLkwlgPmF4x9YWJU0+/kzfhygP61u/pOXHDqyYI5NWfhxEgpcELQiglZam8HZJ
VYLqE6VZxTCyqtcZe+pHE7a2MmAN72kQ0Dzidmu7Q+dpgkEC35xXzgZSYKShGyDH
QWmtqmqbdaR6t/bw/G49CRG/UNwQ4n44pQppOvwFd1jrXiGsYEiHREzvF3OGNI5f
6uUb35cXlh0DEmW+Gs26LLRG/cfprRtdHCwv055Qf68cBmyDGH/+VkJomQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDpdIizaiTK5kZWU2hoiZ4vii8j0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT2wwaUxOcUpNcm1SbFpUYUdpSm5pLUtMeVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjohAwQA
wlfHAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQBVXCTKBmA55vBlssWatpHM/Q1K
qprVONllW1kOpPCf/5De9zrYiw4jdySTpkb/WcEhSbf1kN8sydF7VWv/29dvIBF7
VdsrDEfB2uadRWmsUxcHHyurHyBvsh7Vz1fPB1q+dT/rbLRQBfbV+fWFYSKDVMa5
C0kERz5gqSXlLK1jkE8qQ7WljVd8ozAIv2rbt3Pt08eKraPX9XkRB0yr4cAeOmAn
CDeq4o2AJwa2c2N9TGARkVEGUqOw53Kg/qJTAUnbJ4PUkOlzJA+H6+dhT1ecKq+G
H8F9CIY0ZgMjISYkEbiOVsF5dcrWiGx+HaIGUUGvXqxWjkaK/a06W1L0Vy58
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org