Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OpblDIkQp3fLKxSVJI45Q-9q__A.roa
File: OpblDIkQp3fLKxSVJI45Q-9q__A.roa (raw, json)
Hash identifier: E83zsdAsXZJZsj0tount9xBTnAug5IEaygATZo4NeZo=
Subject key identifier: 3A:96:E5:0C:89:10:A7:77:CB:2B:14:95:24:8E:39:43:EF:6A:FF:F0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01914FCFBC567D1DD8B8254B168CC4AFF8EC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OpblDIkQp3fLKxSVJI45Q-9q__A.roa
Signing time: Wed 14 Aug 2024 07:34:59 +0000
ROA not before: Wed 14 Aug 2024 07:34:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 20:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:cf:bc:56:7d:1d:d8:b8:25:4b:16:8c:c4:af:f8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 14 07:34:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a96e50c8910a777cb2b1495248e3943ef6afff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:18:42:4d:fc:69:6c:4c:9c:1a:e5:71:b9:
93:36:6b:e7:2a:45:e4:11:0e:d7:62:5d:a2:bf:0a:
53:ec:87:9a:fc:4b:99:dc:f2:cd:fe:46:09:a2:e1:
a2:eb:35:2a:b6:3e:19:62:df:5d:e9:cd:0a:dc:b1:
f1:f1:f2:bd:ec:4f:d9:c7:16:1d:80:67:bc:55:f0:
fc:c6:0c:69:b1:40:3e:86:d8:48:89:e2:4e:30:5f:
70:c4:35:2c:3f:64:b6:c6:c2:12:e7:dd:16:84:72:
70:17:cb:53:4e:a5:28:b8:fd:48:16:c3:d3:5c:da:
f4:9b:0f:c4:7d:cf:9a:0d:e9:a4:98:1e:ee:de:92:
ef:48:cd:90:ce:06:be:b1:79:76:fe:20:03:8e:e9:
a6:34:f1:5c:43:66:14:24:95:15:82:7c:a5:7a:50:
c1:1f:1a:d5:40:4d:f8:70:25:67:cb:ab:ce:bb:45:
06:a9:6b:5c:c7:0b:ab:0c:b1:13:4d:e1:aa:4c:9b:
8b:cc:51:2a:95:48:3e:e7:28:ab:b9:30:e7:2f:33:
aa:02:28:07:cb:a6:76:f1:03:b6:7c:d3:72:99:f1:
d7:3d:83:f5:85:ad:f9:ae:f9:eb:0e:9f:9a:ac:ca:
c5:15:9d:c9:1c:a9:fd:6c:b8:90:68:42:bf:99:0d:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:E5:0C:89:10:A7:77:CB:2B:14:95:24:8E:39:43:EF:6A:FF:F0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OpblDIkQp3fLKxSVJI45Q-9q__A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.83.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e5:39:48:dd:0d:9c:5e:2c:ae:a1:83:74:5e:05:07:19:03:
f8:4e:bc:f6:62:b7:e0:5b:74:3a:ce:56:22:ec:df:14:d5:28:
74:0d:32:24:89:03:64:cc:0f:c7:22:bd:23:dd:60:1d:36:d4:
23:db:2c:55:60:0b:fb:83:ff:f4:e3:8d:68:b3:6a:31:17:73:
d5:ff:e4:cf:f3:85:08:cd:5e:9f:57:6e:f5:c9:7b:28:91:72:
06:f0:01:79:c9:e4:b7:92:38:bc:69:97:09:d9:d5:87:2b:75:
23:12:d3:0a:ee:a6:fc:2d:c5:62:d2:56:1d:9d:fa:6c:b9:d7:
18:5a:88:82:ff:4b:72:f2:ef:96:85:48:e9:99:a3:96:0c:fd:
a5:06:ee:3b:92:c8:6c:d6:42:ab:db:4f:81:39:eb:65:52:9c:
1c:2d:4b:34:af:a0:44:9c:b5:aa:a6:56:9e:dd:57:08:c0:b9:
9a:77:00:25:ab:31:5c:fc:ac:b0:24:78:1b:2b:7a:23:03:5d:
58:1c:b0:9e:ed:2e:b1:0d:88:34:9b:cd:8f:d0:80:64:99:b9:
b0:5f:ad:0d:f2:91:47:f4:a7:b7:f0:79:f1:1a:33:a6:89:e5:
42:a2:b6:40:84:65:ac:39:3c:d4:3e:c7:40:ea:2d:57:c6:cc:
6a:e5:42:d8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFPz7xWfR3YuCVLFozEr/jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODE0MDczNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2ZTUwYzg5MTBhNzc3Y2IyYjE0OTUyNDhlMzk0M2VmNmFmZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxegYQk38aWxMnBrlcbmTNmvnKkXk
EQ7XYl2ivwpT7Iea/EuZ3PLN/kYJouGi6zUqtj4ZYt9d6c0K3LHx8fK97E/ZxxYd
gGe8VfD8xgxpsUA+hthIieJOMF9wxDUsP2S2xsIS590WhHJwF8tTTqUouP1IFsPT
XNr0mw/Efc+aDemkmB7u3pLvSM2Qzga+sXl2/iADjummNPFcQ2YUJJUVgnylelDB
HxrVQE34cCVny6vOu0UGqWtcxwurDLETTeGqTJuLzFEqlUg+5yiruTDnLzOqAigH
y6Z28QO2fNNymfHXPYP1ha35rvnrDp+arMrFFZ3JHKn9bLiQaEK/mQ3k/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDqW5QyJEKd3yysUlSSOOUPvav/wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3BibERJa1FwM2ZMS3hTVkpJNDVRLTlxX19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwPAwQA
wXwYAwQAwlcdAwQAwld7AwQAwodoAwQAw4VTAwQA1MEGMA0GCSqGSIb3DQEBCwUA
A4IBAQCW5TlI3Q2cXiyuoYN0XgUHGQP4Trz2YrfgW3Q6zlYi7N8U1Sh0DTIkiQNk
zA/HIr0j3WAdNtQj2yxVYAv7g//0441os2oxF3PV/+TP84UIzV6fV271yXsokXIG
8AF5yeS3kji8aZcJ2dWHK3UjEtMK7qb8LcVi0lYdnfpsudcYWoiC/0ty8u+WhUjp
maOWDP2lBu47kshs1kKr20+BOetlUpwcLUs0r6BEnLWqplae3VcIwLmadwAlqzFc
/KywJHgbK3ojA11YHLCe7S6xDYg0m82P0IBkmbmwX60N8pFH9Ke38HnxGjOmieVC
orZAhGWsOTzUPsdA6i1Xxsxq5ULY
-----END CERTIFICATE-----
Generated at Fri Sep 6 23:12:44 2024 by rpki-client on console-ams.rpki-client.org