Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PE6iQO0jRMU6U9U7BAyvJqqiybI.roa
File: PE6iQO0jRMU6U9U7BAyvJqqiybI.roa (raw, json)
Hash identifier: 01lutiYvQuJe+WoDqZnyMKVMMA88wNuQFVH8/ppQDGc=
Subject key identifier: 3C:4E:A2:40:ED:23:44:C5:3A:53:D5:3B:04:0C:AF:26:AA:A2:C9:B2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C8FB0D12C685445678B152208EA29407F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PE6iQO0jRMU6U9U7BAyvJqqiybI.roa
Signing time: Fri 22 Dec 2023 04:02:58 +0000
ROA not before: Fri 22 Dec 2023 04:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 17:04:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8f:b0:d1:2c:68:54:45:67:8b:15:22:08:ea:29:40:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 22 04:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c4ea240ed2344c53a53d53b040caf26aaa2c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6d:c3:fe:53:82:58:36:7a:4e:74:c7:2e:00:
67:20:6b:3b:f9:8b:c6:ef:ca:71:15:35:26:1c:f9:
7c:db:ab:3e:72:98:ec:83:80:3c:f9:ab:d8:99:e5:
dc:de:7e:cd:d6:4a:09:5c:70:14:a1:2f:e9:4b:5f:
b0:1e:6b:a4:f1:c8:a6:e1:d5:af:f4:52:c0:92:37:
ae:8c:99:5b:aa:24:81:d8:a1:16:53:f1:13:d4:65:
93:41:bf:b7:61:26:74:ff:7a:dc:87:ea:29:9a:f8:
32:fb:30:7b:d5:15:13:03:6e:66:11:5c:5a:89:58:
f1:1f:3a:98:17:b9:2b:05:34:d8:1e:90:7d:74:3b:
cd:77:8c:56:c7:71:50:4c:da:13:9d:69:d2:b3:41:
2d:bf:71:3e:d4:79:bf:14:ea:37:fa:b3:29:82:52:
ae:07:5d:6c:bb:db:0e:ff:ad:2e:da:53:b5:c2:5b:
4b:83:7b:2d:15:24:c2:5c:66:b3:04:25:54:d4:80:
25:21:ed:5b:3c:eb:1e:47:9c:9e:ff:7d:c4:33:ca:
12:e7:e2:cf:be:44:f7:30:50:34:ed:97:a2:c2:49:
bf:de:af:5d:8e:c1:44:92:0a:51:ac:bb:c1:94:aa:
06:ed:95:08:0a:48:dd:ee:ea:97:41:6d:4f:97:00:
0a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4E:A2:40:ED:23:44:C5:3A:53:D5:3B:04:0C:AF:26:AA:A2:C9:B2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PE6iQO0jRMU6U9U7BAyvJqqiybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.26.0/24
194.87.141.0/24
194.87.168.0/24
194.87.170.0/24
194.87.224.0/24
194.87.229.0/24
195.58.54.0/24
195.58.63.0/24
212.192.1.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
98:49:32:1c:d4:9a:71:71:ea:e1:88:31:1c:9b:aa:95:1d:3a:
73:b4:cc:4c:ff:c1:9a:61:e2:6b:6a:3a:24:d4:88:80:f7:fc:
24:aa:47:f4:bc:4b:7d:7c:8f:5e:00:a3:e6:e3:d7:16:07:7c:
76:38:85:41:06:31:7a:f1:71:bd:69:6c:f4:be:b0:77:8a:c9:
e3:fc:13:7b:22:c0:08:5e:34:45:1b:c6:5b:9c:d7:43:f3:77:
19:e6:41:69:de:33:a5:e4:a9:37:45:8f:d2:96:d5:92:50:7e:
44:32:af:d9:3f:c3:0f:ce:e6:47:70:e4:e9:9c:b3:97:09:8d:
81:9e:3e:29:94:50:90:98:f1:46:4a:6a:3b:81:09:36:d3:f4:
28:2b:6c:cc:e5:d2:91:38:aa:ac:9c:6b:e4:f6:b8:d7:30:f8:
a5:e7:0b:b2:fc:0a:51:d0:73:5c:51:73:49:2e:7f:21:94:c1:
e3:e0:ce:c9:0b:b5:e0:3b:d5:c4:4b:9a:66:aa:b6:d1:81:7a:
68:b6:e2:f8:02:a2:5f:a3:2b:67:32:0c:b2:e1:8f:d1:64:e5:
f1:0d:95:dc:a3:b9:96:51:16:33:1a:ed:71:42:a1:2c:62:b4:
c8:6b:60:ef:dd:07:e4:14:d2:34:67:6e:0e:22:2b:6e:10:51:
30:3d:49:cf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYyPsNEsaFRFZ4sVIgjqKUB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjIyMDQwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRlYTI0MGVkMjM0NGM1M2E1M2Q1M2IwNDBjYWYyNmFhYTJjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG3D/lOCWDZ6TnTHLgBnIGs7+YvG
78pxFTUmHPl826s+cpjsg4A8+avYmeXc3n7N1koJXHAUoS/pS1+wHmuk8cim4dWv
9FLAkjeujJlbqiSB2KEWU/ET1GWTQb+3YSZ0/3rch+opmvgy+zB71RUTA25mEVxa
iVjxHzqYF7krBTTYHpB9dDvNd4xWx3FQTNoTnWnSs0Etv3E+1Hm/FOo3+rMpglKu
B11su9sO/60u2lO1wltLg3stFSTCXGazBCVU1IAlIe1bPOseR5ye/33EM8oS5+LP
vkT3MFA07Zeiwkm/3q9djsFEkgpRrLvBlKoG7ZUICkjd7uqXQW1PlwAKuQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDxOokDtI0TFOlPVOwQMryaqosmyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUEU2aVFPMGpSTVU2VTlVN0JBeXZKcXFpeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwlcaAwQA
wleNAwQAwleoAwQAwleqAwQAwlfgAwQAwlflAwQAwzo2AwQAwzo/AwQA1MABAwQA
1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQCYSTIc1JpxcerhiDEcm6qVHTpztMxM/8Ga
YeJrajok1IiA9/wkqkf0vEt9fI9eAKPm49cWB3x2OIVBBjF68XG9aWz0vrB3isnj
/BN7IsAIXjRFG8ZbnNdD83cZ5kFp3jOl5Kk3RY/SltWSUH5EMq/ZP8MPzuZHcOTp
nLOXCY2Bnj4plFCQmPFGSmo7gQk20/QoK2zM5dKROKqsnGvk9rjXMPil5wuy/ApR
0HNcUXNJLn8hlMHj4M7JC7XgO9XES5pmqrbRgXpotuL4AqJfoytnMgyy4Y/RZOXx
DZXco7mWURYzGu1xQqEsYrTIa2Dv3QfkFNI0Z24OIituEFEwPUnP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org