Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6Nm3etlXwcJCdFQYSW5bZUeGHg.roa
File: P6Nm3etlXwcJCdFQYSW5bZUeGHg.roa (raw, json)
Hash identifier: 759kFRfOA4DN1RnSngSSOzx2TRbFIO6FOw3JvKksU8w=
Subject key identifier: 3F:A3:66:DD:EB:65:5F:07:09:09:D1:50:61:25:B9:6D:95:1E:18:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F38018D797053CFFFF1D481758EADE2D8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6Nm3etlXwcJCdFQYSW5bZUeGHg.roa
Signing time: Thu 02 May 2024 06:32:56 +0000
ROA not before: Thu 02 May 2024 06:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 11 May 2024 10:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:01:8d:79:70:53:cf:ff:f1:d4:81:75:8e:ad:e2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 2 06:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa366ddeb655f070909d1506125b96d951e1878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:55:f8:83:c7:fb:3b:f5:1f:be:05:a0:f1:4a:
ea:f8:da:b4:4f:1e:83:82:d4:ab:0e:65:02:5a:a1:
5a:28:51:9a:05:f8:34:69:84:06:fc:0c:0f:f6:ea:
33:17:6e:a4:8b:8a:c4:73:1a:e4:5e:b0:99:72:20:
84:a4:d7:da:62:bf:e8:a0:37:93:ee:76:5c:3d:92:
a3:ea:ff:74:83:ec:d6:81:b0:ff:5e:80:3f:bc:0e:
77:dd:d5:6c:49:ca:2c:bb:20:72:9a:24:e3:37:ff:
c3:a5:f5:4c:fe:cf:f3:13:f7:e2:47:28:07:6d:45:
25:44:73:33:ea:a6:3d:dc:66:84:34:93:5f:a0:2b:
c5:bc:d5:cd:4b:a0:d3:33:ec:b6:ae:ac:40:8a:2c:
ab:34:a5:34:90:14:88:f0:94:4d:a7:f5:e3:ef:86:
67:19:ea:92:ba:b5:67:4f:2a:0d:fd:c3:11:3f:8f:
f6:2f:7e:04:ba:e8:6f:b5:9d:3f:09:e9:25:c1:05:
3c:d6:f8:7e:55:bf:66:66:35:ae:2e:b2:bd:71:9c:
0a:50:d7:97:2a:3f:a7:32:0f:4a:c8:17:83:12:43:
92:59:ed:cb:72:4f:a3:77:6b:fc:e8:64:c4:d1:50:
5c:38:6a:1f:ae:97:a9:86:3e:08:b5:d9:f1:39:a9:
ea:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A3:66:DD:EB:65:5F:07:09:09:D1:50:61:25:B9:6D:95:1E:18:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P6Nm3etlXwcJCdFQYSW5bZUeGHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.245.0/24
195.133.92.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:b0:b4:7b:fe:11:95:f3:e4:14:19:db:a5:59:41:40:f7:48:
d3:61:bf:69:7a:e9:9d:4c:ec:e0:9b:dc:12:ce:b1:32:ae:30:
57:d8:e5:e4:10:f7:9a:20:76:5d:4b:89:5c:9d:d9:30:39:15:
9c:59:d0:71:18:2e:6f:c7:fd:67:af:a1:79:5c:28:6d:fb:4c:
80:99:38:ab:1c:a2:6c:50:c5:4a:6f:a9:77:3d:05:c6:1b:db:
97:b4:0b:5c:7f:d2:dd:67:ac:70:51:ed:bc:67:84:98:bb:13:
1e:15:bd:b0:27:aa:14:af:ad:dc:04:a4:cb:79:ce:27:56:40:
39:52:b5:00:21:b3:58:ff:17:a4:27:b6:df:62:ca:ee:8d:6e:
f0:e9:36:aa:7c:68:e8:06:f6:f4:76:71:3e:2e:d6:0f:2c:94:
38:66:6e:a1:89:60:d4:24:a2:12:d2:7f:1a:01:6d:25:9f:40:
97:9e:77:fd:42:e0:4d:79:6c:61:cb:06:66:00:27:6d:b9:28:
49:2b:4c:95:25:51:00:d9:87:ba:56:a3:2f:ba:1e:ec:63:ff:
06:ed:6e:85:0c:47:27:02:7a:07:95:32:89:65:dd:80:b2:ca:
cf:d4:57:5e:0e:cc:9f:4b:e2:78:66:52:f5:e5:de:35:33:09:
54:c6:1c:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY84AY15cFPP//HUgXWOreLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTAyMDYzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmEzNjZkZGViNjU1ZjA3MDkwOWQxNTA2MTI1Yjk2ZDk1MWUxODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVX4g8f7O/UfvgWg8Urq+Nq0Tx6D
gtSrDmUCWqFaKFGaBfg0aYQG/AwP9uozF26ki4rEcxrkXrCZciCEpNfaYr/ooDeT
7nZcPZKj6v90g+zWgbD/XoA/vA533dVsScosuyBymiTjN//DpfVM/s/zE/fiRygH
bUUlRHMz6qY93GaENJNfoCvFvNXNS6DTM+y2rqxAiiyrNKU0kBSI8JRNp/Xj74Zn
GeqSurVnTyoN/cMRP4/2L34EuuhvtZ0/CeklwQU81vh+Vb9mZjWuLrK9cZwKUNeX
Kj+nMg9KyBeDEkOSWe3Lck+jd2v86GTE0VBcOGofrpephj4ItdnxOanqyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+jZt3rZV8HCQnRUGEluW2VHhh4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUDZObTNldGxYd2NKQ2RGUVlTVzViWlVlR0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwHAwQA
wlf1AwQBw4VcMA0GCSqGSIb3DQEBCwUAA4IBAQB9sLR7/hGV8+QUGdulWUFA90jT
Yb9peumdTOzgm9wSzrEyrjBX2OXkEPeaIHZdS4lcndkwORWcWdBxGC5vx/1nr6F5
XCht+0yAmTirHKJsUMVKb6l3PQXGG9uXtAtcf9LdZ6xwUe28Z4SYuxMeFb2wJ6oU
r63cBKTLec4nVkA5UrUAIbNY/xekJ7bfYsrujW7w6TaqfGjoBvb0dnE+LtYPLJQ4
Zm6hiWDUJKIS0n8aAW0ln0CXnnf9QuBNeWxhywZmACdtuShJK0yVJVEA2Ye6VqMv
uh7sY/8G7W6FDEcnAnoHlTKJZd2AssrP1FdeDsyfS+J4ZlL15d41MwlUxhz/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org