Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OyMg2Zn1WtYwWuj7OF6b9dKS4-Q.roa
File: OyMg2Zn1WtYwWuj7OF6b9dKS4-Q.roa (raw, json)
Hash identifier: JdOfyE0CBubIA/9gWfzMp2WCxkFw3HBSBTz/sCgzWjQ=
Subject key identifier: 3B:23:20:D9:99:F5:5A:D6:30:5A:E8:FB:38:5E:9B:F5:D2:92:E3:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187C2DCC88BCFD22153BBF740DBDFA3F1B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OyMg2Zn1WtYwWuj7OF6b9dKS4-Q.roa
Signing time: Thu 27 Apr 2023 13:17:41 +0000
ROA not before: Thu 27 Apr 2023 13:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:dc:c8:8b:cf:d2:21:53:bb:f7:40:db:df:a3:f1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 27 13:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2320d999f55ad6305ae8fb385e9bf5d292e3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:df:6d:3f:68:39:4d:cf:21:98:f7:f8:39:81:
c4:f2:45:01:43:39:c7:aa:81:52:34:20:c2:14:ac:
3a:99:f9:8d:16:db:cb:d5:9b:25:40:78:8f:f2:89:
e8:71:09:7d:cb:af:96:b3:8f:d7:90:85:58:9d:7b:
a7:71:c6:7a:d1:ad:e9:c1:88:ac:94:21:2a:3a:7c:
97:9b:ea:38:b3:26:87:b2:a6:0d:b2:fe:91:1d:cc:
4e:83:0e:d0:df:d8:d1:8a:0c:e0:58:be:92:6a:67:
65:d4:1b:66:00:bd:28:72:94:d8:70:13:7d:ef:95:
b4:50:a9:58:c1:70:4f:5c:e6:e3:de:58:89:c6:f3:
ec:95:7e:14:cd:e1:61:a8:a0:ab:25:2f:9e:a7:31:
ab:7b:87:76:0d:ce:f8:90:1b:65:28:e6:ea:6d:f1:
9f:41:68:62:bb:a2:62:6d:11:4f:c2:67:36:0f:e9:
a5:f0:29:6e:d6:ae:6c:ef:b9:66:ff:30:c0:d1:d4:
0e:bd:65:76:76:8d:a5:9d:57:76:1d:7e:93:2b:12:
fc:9d:5f:92:38:11:fe:4c:01:b1:98:f8:13:05:e1:
f8:1f:99:4c:1d:e7:cd:8c:41:6b:c9:d0:d2:bd:6d:
ea:d9:01:97:c0:d5:0a:f9:31:dc:8c:47:47:85:42:
29:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:23:20:D9:99:F5:5A:D6:30:5A:E8:FB:38:5E:9B:F5:D2:92:E3:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OyMg2Zn1WtYwWuj7OF6b9dKS4-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.87.76.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.15.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e7:d0:3c:41:b5:e0:c0:c5:1c:88:db:00:02:bb:2f:a6:ce:
ae:db:8c:14:30:7b:ed:28:d8:ff:8b:54:86:43:f9:e3:66:bc:
95:94:a7:f5:2c:cd:6f:59:22:97:3a:d7:76:4d:60:52:6b:e5:
26:c0:dd:d7:59:ae:c3:04:4b:96:2f:3b:62:bd:14:9e:ab:d6:
00:10:bf:16:79:6d:24:a5:47:2a:e0:d7:a5:a4:61:c4:78:ca:
24:0c:ba:3d:3a:bf:0e:ae:05:68:35:00:88:05:ab:8f:5f:9d:
86:5a:ff:28:53:9d:f0:3a:87:20:32:c2:9c:0f:bd:b8:cc:99:
5d:a4:31:91:3d:fe:ee:29:7f:95:6b:f2:1d:23:b7:3b:47:29:
2d:91:55:74:c9:47:2b:4b:03:3d:4c:35:05:df:18:87:9b:19:
32:49:f6:a4:b1:95:3a:30:9e:56:aa:23:5f:6d:1e:55:74:a9:
b3:c0:e6:ba:f2:aa:a6:ac:73:4f:d6:1d:1b:6f:e2:02:90:0b:
3e:b1:0f:45:40:40:83:ea:f7:35:f1:1d:a5:46:3b:e0:57:c0:
0f:a8:e5:76:da:bf:4e:1c:42:4e:b7:5e:bc:9e:33:d0:9c:3a:
09:04:a8:a7:fe:4f:66:c7:5b:6a:24:c4:2f:99:bc:d7:2e:1d:
83:41:28:d9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYfC3MiLz9IhU7v3QNvfo/G2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI3MTMxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjIzMjBkOTk5ZjU1YWQ2MzA1YWU4ZmIzODVlOWJmNWQyOTJlM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl99tP2g5Tc8hmPf4OYHE8kUBQznH
qoFSNCDCFKw6mfmNFtvL1ZslQHiP8onocQl9y6+Ws4/XkIVYnXunccZ60a3pwYis
lCEqOnyXm+o4syaHsqYNsv6RHcxOgw7Q39jRigzgWL6Samdl1BtmAL0ocpTYcBN9
75W0UKlYwXBPXObj3liJxvPslX4UzeFhqKCrJS+epzGre4d2Dc74kBtlKObqbfGf
QWhiu6JibRFPwmc2D+ml8Clu1q5s77lm/zDA0dQOvWV2do2lnVd2HX6TKxL8nV+S
OBH+TAGxmPgTBeH4H5lMHefNjEFrydDSvW3q2QGXwNUK+THcjEdHhUIpBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDsjINmZ9VrWMFro+zhem/XSkuPkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3lNZzJabjFXdFl3V3VqN09GNmI5ZEtTNC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwHy0AwQA
wldMAwQAwlfQAwQAwlfiAwQAwlfnAwQAw4UPAwQA1MAEAwQA1MEOMA0GCSqGSIb3
DQEBCwUAA4IBAQBa59A8QbXgwMUciNsAArsvps6u24wUMHvtKNj/i1SGQ/njZryV
lKf1LM1vWSKXOtd2TWBSa+UmwN3XWa7DBEuWLztivRSeq9YAEL8WeW0kpUcq4Nel
pGHEeMokDLo9Or8OrgVoNQCIBauPX52GWv8oU53wOocgMsKcD724zJldpDGRPf7u
KX+Va/IdI7c7RyktkVV0yUcrSwM9TDUF3xiHmxkySfaksZU6MJ5WqiNfbR5VdKmz
wOa68qqmrHNP1h0bb+ICkAs+sQ9FQECD6vc18R2lRjvgV8APqOV22r9OHEJOt168
njPQnDoJBKin/k9mx1tqJMQvmbzXLh2DQSjZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org