Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q_0g6OETAj2wSG7QUQoorgw-gcE.roa
File: Q_0g6OETAj2wSG7QUQoorgw-gcE.roa (raw, json)
Hash identifier: 0dWVRH/lTAyBXbqEJ4YLdxWNfv2ygGH9dEGneI11bNo=
Subject key identifier: 43:FD:20:E8:E1:13:02:3D:B0:48:6E:D0:51:0A:28:AE:0C:3E:81:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F14790E12330E4CC51567BA5CAE992917
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q_0g6OETAj2wSG7QUQoorgw-gcE.roa
Signing time: Thu 25 Apr 2024 08:57:08 +0000
ROA not before: Thu 25 Apr 2024 08:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 27 Apr 2024 12:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:79:0e:12:33:0e:4c:c5:15:67:ba:5c:ae:99:29:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 25 08:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43fd20e8e113023db0486ed0510a28ae0c3e81c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:83:ef:3d:d3:39:55:4a:c8:f2:c6:16:da:
f4:aa:64:b0:5e:49:83:b1:4d:e0:a1:b1:57:b7:fb:
f5:24:fa:1b:2e:91:5a:9d:e6:fc:0e:05:d2:33:b0:
04:34:63:59:f4:cd:75:e2:04:47:69:21:e6:3a:68:
8b:fb:0c:6d:4c:0e:03:f5:ee:cc:53:cc:49:21:03:
5e:26:41:ab:78:8e:94:37:0f:03:b3:55:de:56:cb:
9c:3b:a9:50:8f:d6:40:b9:00:53:d6:b3:59:8a:8f:
5f:be:23:4a:e3:8d:2d:86:19:73:17:f9:54:55:7b:
1e:07:59:fb:dc:fa:0d:a4:4f:2f:4f:53:dc:af:27:
67:72:20:c6:ad:b3:86:76:f5:89:65:cd:38:56:83:
33:c4:e6:25:51:d3:cf:c3:41:37:97:b5:2b:91:43:
82:2c:7b:5f:c8:87:8c:4f:a8:78:d6:ac:02:59:87:
d6:2b:0e:f1:6a:d2:13:5b:df:d0:03:69:10:22:a1:
16:92:b3:07:dd:a3:1d:15:c0:ed:ed:2b:9f:22:94:
d3:1c:67:98:d7:c4:ed:6d:be:68:10:d2:41:cf:cd:
b6:4e:94:a9:ee:fa:48:69:e2:77:9a:ff:e6:5d:44:
3a:7e:c1:e5:70:3c:5d:dc:62:8b:e4:1f:7c:55:61:
9f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FD:20:E8:E1:13:02:3D:B0:48:6E:D0:51:0A:28:AE:0C:3E:81:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q_0g6OETAj2wSG7QUQoorgw-gcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
193.124.90.0/24
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.192.208.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
34:24:e3:32:db:53:34:20:10:4c:4a:3c:6a:de:e3:6c:09:84:
51:44:f4:aa:85:41:57:f3:65:21:52:2b:b1:67:04:4e:2c:f4:
46:70:6f:66:22:f4:10:4b:79:c0:76:55:d6:5e:97:0d:a9:9c:
1e:bd:1d:e4:b3:83:db:e6:4e:b5:5d:e3:1a:8a:9f:d1:f0:23:
74:cf:6d:17:4d:19:e1:2f:1b:6e:b1:cc:e8:49:30:dc:1a:61:
d2:af:60:32:a8:d2:d5:cc:f4:26:6c:1c:89:29:a6:81:5c:67:
48:a6:fa:26:dd:71:3d:b5:34:40:45:f8:41:b7:9d:48:8c:87:
f4:8d:41:84:97:d1:0a:8b:be:88:d4:27:50:a4:52:0a:7e:d3:
94:bd:6b:b3:30:e3:1a:cc:fe:d5:56:a9:3b:47:1d:a0:52:e8:
40:5c:06:52:15:2f:cb:3e:b2:05:c9:0c:a9:d9:69:85:8c:0b:
ab:52:89:a3:33:d9:41:ac:fc:b8:91:3d:4d:6c:f7:85:ba:24:
6c:3f:49:38:03:d9:9c:b3:1e:93:a1:1c:40:b2:15:0e:26:a1:
22:9b:3e:e9:4b:a4:ae:05:ba:85:6e:1c:6e:ed:11:75:7d:4d:
ea:9d:c8:bc:b0:93:51:60:1b:2e:f6:8e:25:e3:d9:69:30:6a:
f3:c4:3e:1d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY8UeQ4SMw5MxRVnulyumSkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDI1MDg1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZkMjBlOGUxMTMwMjNkYjA0ODZlZDA1MTBhMjhhZTBjM2U4MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcmD7z3TOVVKyPLGFtr0qmSwXkmD
sU3gobFXt/v1JPobLpFaneb8DgXSM7AENGNZ9M114gRHaSHmOmiL+wxtTA4D9e7M
U8xJIQNeJkGreI6UNw8Ds1XeVsucO6lQj9ZAuQBT1rNZio9fviNK440thhlzF/lU
VXseB1n73PoNpE8vT1PcrydnciDGrbOGdvWJZc04VoMzxOYlUdPPw0E3l7UrkUOC
LHtfyIeMT6h41qwCWYfWKw7xatITW9/QA2kQIqEWkrMH3aMdFcDt7SufIpTTHGeY
18Ttbb5oENJBz822TpSp7vpIaeJ3mv/mXUQ6fsHlcDxd3GKL5B98VWGfeQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEP9IOjhEwI9sEhu0FEKKK4MPoHBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUV8wZzZPRVRBajJ3U0c3UVVRb29yZ3ctZ2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQAwHysAwQA
wXwHAwQAwXxaAwQBwjo4AwQAwleNAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABAwQA
1MDQAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOC
AQEANCTjMttTNCAQTEo8at7jbAmEUUT0qoVBV/NlIVIrsWcETiz0RnBvZiL0EEt5
wHZV1l6XDamcHr0d5LOD2+ZOtV3jGoqf0fAjdM9tF00Z4S8bbrHM6Ekw3Bph0q9g
MqjS1cz0JmwciSmmgVxnSKb6Jt1xPbU0QEX4QbedSIyH9I1BhJfRCou+iNQnUKRS
Cn7TlL1rszDjGsz+1VapO0cdoFLoQFwGUhUvyz6yBckMqdlphYwLq1KJozPZQaz8
uJE9TWz3hbokbD9JOAPZnLMek6EcQLIVDiahIps+6UukrgW6hW4cbu0RdX1N6p3I
vLCTUWAbLvaOJePZaTBq88Q+HQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org