Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OuRC9LRZXM9p4Vl0R1ZAylDZvfA.roa
File: OuRC9LRZXM9p4Vl0R1ZAylDZvfA.roa (raw, json)
Hash identifier: suWvhjl2SnhADtM1IBxQxSMvfaMJcOJ1VfrglcZA8vo=
Subject key identifier: 3A:E4:42:F4:B4:59:5C:CF:69:E1:59:74:47:56:40:CA:50:D9:BD:F0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188FBE591D832DA6FB0D1545BDDBBD6CBB1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OuRC9LRZXM9p4Vl0R1ZAylDZvfA.roa
Signing time: Tue 27 Jun 2023 08:08:26 +0000
ROA not before: Tue 27 Jun 2023 08:08:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.18.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 08:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:e5:91:d8:32:da:6f:b0:d1:54:5b:dd:bb:d6:cb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 27 08:08:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae442f4b4595ccf69e15974475640ca50d9bdf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:52:3a:f3:bc:0d:3a:e2:5a:5f:cd:1f:1a:8e:
72:ec:be:b0:7f:2c:f9:d6:bf:ad:6d:ae:a5:06:e4:
39:03:73:f0:8d:da:a6:41:2e:34:2a:2d:e4:cb:66:
1a:36:25:58:2d:bb:d9:18:2c:95:82:1b:e2:81:24:
51:e0:58:7e:5d:15:47:3e:de:79:15:1f:ab:8f:2d:
70:dd:e5:22:4a:65:29:99:79:51:04:6d:5d:f3:25:
df:96:a3:75:fc:98:f6:b9:6e:f0:0c:ba:88:6f:f2:
f2:1e:ca:16:af:3e:2a:ea:1b:f8:b1:9a:d1:8b:ba:
63:be:79:9c:4d:8c:2b:19:f2:e2:9b:ae:eb:46:2c:
07:05:09:bf:7e:e8:e2:10:0b:aa:b6:cc:8f:2d:50:
de:67:a0:fc:4e:2b:9c:a1:52:11:dd:72:83:3f:76:
40:e7:25:98:a2:de:00:ba:ef:c8:a4:ff:78:64:a0:
85:4f:1f:5d:ad:a1:40:5d:5b:f3:d3:fd:a4:4e:c4:
0e:4a:03:08:ec:77:cc:9f:2e:7f:65:d2:b2:70:78:
11:0c:bb:88:c4:53:4d:8c:ea:70:45:cb:1b:fc:e9:
9c:ae:d5:99:98:e1:7f:3e:02:3c:58:ad:3e:ed:b6:
5a:78:23:00:b3:76:b8:ae:fc:87:78:38:83:0f:bd:
1f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E4:42:F4:B4:59:5C:CF:69:E1:59:74:47:56:40:CA:50:D9:BD:F0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OuRC9LRZXM9p4Vl0R1ZAylDZvfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.46.0/24
194.85.249.0-194.85.250.255
194.87.176.0/24
195.133.18.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
08:43:15:37:c4:4e:d8:9c:c2:ed:17:f6:14:2a:c9:c9:d1:75:
45:45:e9:dd:02:87:4e:ac:47:e5:2b:f1:95:d0:16:56:a3:c0:
61:be:c3:94:14:6b:26:56:29:de:70:74:79:76:0f:57:3d:4d:
83:f5:03:ab:9e:35:ec:5a:d0:d0:08:5a:b1:31:d3:42:ee:3e:
ef:24:25:36:6c:ea:d9:7f:5b:82:d8:cf:3f:d6:ee:0d:82:96:
bc:34:4a:a2:77:95:0a:b8:34:61:b5:43:cf:b3:8f:7e:d8:31:
4a:2e:52:95:c8:68:f2:5f:cb:e0:12:86:39:a2:b8:03:49:c7:
17:a7:2f:4b:9a:d8:d0:20:38:cb:c0:0d:fb:24:87:4f:d8:51:
d9:78:1b:96:76:42:ea:f4:8e:dd:26:51:ef:76:34:48:c6:a6:
fa:1f:dc:be:d2:f4:54:3e:35:4f:31:4b:f8:3c:2c:e4:7d:e1:
71:5d:a9:b0:99:3a:ec:ca:47:e5:0b:d0:bf:f5:d8:e7:dd:f0:
13:c5:96:c5:06:4a:c7:4f:3a:3c:88:03:42:4d:ca:24:95:d9:
83:a5:8e:c0:14:af:24:70:8b:94:5f:7f:28:13:5b:f4:08:cf:
17:3d:90:59:8b:61:45:f7:a7:47:0e:8a:36:e7:c1:aa:5b:be:
4f:af:76:e6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYj75ZHYMtpvsNFUW9271suxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjI3MDgwODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU0NDJmNGI0NTk1Y2NmNjllMTU5NzQ0NzU2NDBjYTUwZDliZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVI687wNOuJaX80fGo5y7L6wfyz5
1r+tba6lBuQ5A3PwjdqmQS40Ki3ky2YaNiVYLbvZGCyVghvigSRR4Fh+XRVHPt55
FR+rjy1w3eUiSmUpmXlRBG1d8yXflqN1/Jj2uW7wDLqIb/LyHsoWrz4q6hv4sZrR
i7pjvnmcTYwrGfLim67rRiwHBQm/fujiEAuqtsyPLVDeZ6D8TiucoVIR3XKDP3ZA
5yWYot4Auu/IpP94ZKCFTx9draFAXVvz0/2kTsQOSgMI7HfMny5/ZdKycHgRDLuI
xFNNjOpwRcsb/OmcrtWZmOF/PgI8WK0+7bZaeCMAs3a4rvyHeDiDD70fjQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDrkQvS0WVzPaeFZdEdWQMpQ2b3wMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3VSQzlMUlpYTTlwNFZsMFIxWkF5bERadmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAwjouMAwD
BADCVfkDBADCVfoDBADCV7ADBADDhRIDBADDhScwDAMEANTA9QMEANTA9jANBgkq
hkiG9w0BAQsFAAOCAQEACEMVN8RO2JzC7Rf2FCrJydF1RUXp3QKHTqxH5SvxldAW
VqPAYb7DlBRrJlYp3nB0eXYPVz1Ng/UDq5417FrQ0AhasTHTQu4+7yQlNmzq2X9b
gtjPP9buDYKWvDRKoneVCrg0YbVDz7OPftgxSi5Slcho8l/L4BKGOaK4A0nHF6cv
S5rY0CA4y8AN+ySHT9hR2XgblnZC6vSO3SZR73Y0SMam+h/cvtL0VD41TzFL+Dws
5H3hcV2psJk67MpH5QvQv/XY593wE8WWxQZKx086PIgDQk3KJJXZg6WOwBSvJHCL
lF9/KBNb9AjPFz2QWYthRfenRw6KNufBqlu+T6925g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org