Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhwSjHn-mSBmVaVKkMWrYfA23SE.roa
File: RhwSjHn-mSBmVaVKkMWrYfA23SE.roa (raw, json)
Hash identifier: KyD95ASDE/9RpjC3SAfw3u2AFQr7/OOpK8Rda8Q/dV4=
Subject key identifier: 46:1C:12:8C:79:FE:99:20:66:55:A5:4A:90:C5:AB:61:F0:36:DD:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192992C067DDC2EB896685F575FE9F8B7EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhwSjHn-mSBmVaVKkMWrYfA23SE.roa
Signing time: Thu 17 Oct 2024 06:30:52 +0000
ROA not before: Thu 17 Oct 2024 06:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.58.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.31.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
195.133.94.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 18 Oct 2024 09:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:2c:06:7d:dc:2e:b8:96:68:5f:57:5f:e9:f8:b7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 17 06:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=461c128c79fe99206655a54a90c5ab61f036dd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:be:b1:d9:a5:ab:0c:75:55:00:82:5c:fd:f6:
54:1e:d7:2d:bc:22:2e:0c:61:f5:83:7b:c3:f9:77:
a9:fa:77:a7:6a:b9:b5:1e:b3:74:cb:19:96:62:25:
4e:25:87:c9:67:32:1b:bb:6c:a2:03:d4:7a:8a:27:
ba:ec:45:c1:f3:70:7a:e4:04:59:04:47:12:d9:71:
59:e7:03:a3:0c:ae:1b:e2:0d:d8:af:11:b6:7d:52:
83:b1:00:c3:70:7f:cd:d6:69:b0:0d:dc:d7:e1:26:
00:70:79:5f:10:a8:88:c4:56:46:a0:09:b1:19:0e:
5e:9d:3a:07:c8:df:d4:11:15:91:7d:d0:da:6c:26:
33:63:8d:45:10:91:f9:7f:a6:31:a8:4c:01:c9:0d:
16:1b:70:c1:20:c3:96:5a:a6:34:e3:d3:34:1f:be:
c6:c8:f5:22:9a:b9:c2:4c:1c:50:f1:c5:a5:f1:13:
59:dc:16:f7:7d:47:e6:73:3f:c9:da:06:57:9f:de:
4a:40:35:aa:fb:0b:9e:60:3e:ac:99:63:53:d7:e5:
3a:3b:cf:0c:76:97:97:cf:2f:25:33:59:33:28:92:
50:09:6c:6a:ef:74:9b:58:84:9f:f4:0e:69:75:70:
4e:43:97:07:90:d1:49:06:70:89:fb:7a:81:5c:49:
bd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1C:12:8C:79:FE:99:20:66:55:A5:4A:90:C5:AB:61:F0:36:DD:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhwSjHn-mSBmVaVKkMWrYfA23SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.52.0/24
194.87.58.0/23
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.31.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0-195.133.94.255
212.192.1.0/24
212.193.25.0-212.193.27.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
28:1d:c6:07:29:4c:4d:0d:09:d6:09:0f:00:17:62:dc:c8:a5:
03:40:da:77:8a:a9:4b:f4:91:49:b3:a0:1a:46:67:9d:51:0d:
44:d0:f1:95:f9:8d:5d:40:2a:f9:33:84:04:fd:29:c9:ea:75:
2a:d0:71:08:f7:94:fb:ae:f0:3a:f9:07:13:14:93:ef:48:78:
1e:ae:40:31:b9:8f:3d:74:a5:c6:b6:79:60:35:96:c9:98:a5:
65:2c:23:5a:85:e7:32:3c:b5:41:f6:fe:6a:95:00:1d:23:67:
3a:ad:6a:92:b8:af:83:53:df:f6:06:a9:58:4c:39:c8:3e:ba:
af:76:94:5b:d3:85:04:5d:96:6f:21:69:60:16:4a:e4:6b:f1:
c3:49:57:a0:a4:92:66:af:d7:dc:2f:25:e2:29:62:88:e6:63:
d7:2d:fa:47:f0:04:3b:d2:82:64:97:dc:f0:bb:d6:02:ea:e5:
a9:df:48:79:26:5a:ef:46:01:db:f8:db:01:39:68:70:e7:ad:
15:0e:1e:3a:9e:4e:90:f5:b2:f1:15:70:b9:08:6f:13:f8:94:
7d:2b:9e:db:17:2e:f4:ea:ea:c6:2e:cb:5e:b9:0b:f9:ce:55:
26:d8:fd:db:30:c5:65:19:13:1f:09:11:8e:bb:54:e9:a0:e5:
29:26:0e:af
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZKZLAZ93C64lmhfV1/p+LfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE3MDYzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFjMTI4Yzc5ZmU5OTIwNjY1NWE1NGE5MGM1YWI2MWYwMzZkZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb6x2aWrDHVVAIJc/fZUHtctvCIu
DGH1g3vD+Xep+nenarm1HrN0yxmWYiVOJYfJZzIbu2yiA9R6iie67EXB83B65ARZ
BEcS2XFZ5wOjDK4b4g3YrxG2fVKDsQDDcH/N1mmwDdzX4SYAcHlfEKiIxFZGoAmx
GQ5enToHyN/UERWRfdDabCYzY41FEJH5f6YxqEwByQ0WG3DBIMOWWqY049M0H77G
yPUimrnCTBxQ8cWl8RNZ3Bb3fUfmcz/J2gZXn95KQDWq+wueYD6smWNT1+U6O88M
dpeXzy8lM1kzKJJQCWxq73SbWISf9A5pdXBOQ5cHkNFJBnCJ+3qBXEm9XQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFEYcEox5/pkgZlWlSpDFq2HwNt0hMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUmh3U2pIbi1tU0JtVmFWS2tNV3JZZkEyM1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwQAwHy0
AwQAwjqbAwQAwlc0AwQBwlc6AwQAwlepAwQAwleyAwQAwlfgAwQAwochAwQBw4UY
AwQAw4UfAwQBw4UoAwQBw4UyMAwDBALDhVwDBADDhV4DBADUwAEwDAMEANTBGQME
AtTBGDAUBAIAAjAOAwUDKgFXwAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBACgd
xgcpTE0NCdYJDwAXYtzIpQNA2neKqUv0kUmzoBpGZ51RDUTQ8ZX5jV1AKvkzhAT9
KcnqdSrQcQj3lPuu8Dr5BxMUk+9IeB6uQDG5jz10pca2eWA1lsmYpWUsI1qF5zI8
tUH2/mqVAB0jZzqtapK4r4NT3/YGqVhMOcg+uq92lFvThQRdlm8haWAWSuRr8cNJ
V6Ckkmav19wvJeIpYojmY9ct+kfwBDvSgmSX3PC71gLq5anfSHkmWu9GAdv42wE5
aHDnrRUOHjqeTpD1svEVcLkIbxP4lH0rntsXLvTq6sYuy165C/nOVSbY/dswxWUZ
Ex8JEY67VOmg5SkmDq8=
-----END CERTIFICATE-----
Generated at Fri Oct 18 13:32:51 2024 by rpki-client on console-ams.rpki-client.org