Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RzBFiAlCasKkujyF8Ervvwf0-74.roa
File: RzBFiAlCasKkujyF8Ervvwf0-74.roa (raw, json)
Hash identifier: 0BzkpDiciauMS33H4V1+jHtItaykCFLoi2jJKikz8rA=
Subject key identifier: 47:30:45:88:09:42:6A:C2:A4:BA:3C:85:F0:4A:EF:BF:07:F4:FB:BE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F539B9791F7867C0FD1F9803D463A7F96
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RzBFiAlCasKkujyF8Ervvwf0-74.roa
Signing time: Tue 07 May 2024 15:10:56 +0000
ROA not before: Tue 07 May 2024 15:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 13:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:9b:97:91:f7:86:7c:0f:d1:f9:80:3d:46:3a:7f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 7 15:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4730458809426ac2a4ba3c85f04aefbf07f4fbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:93:0a:22:51:d0:58:f9:a9:6d:52:70:24:4f:
c4:d3:71:f7:8b:67:fb:c2:3e:81:c4:13:35:87:b5:
72:15:32:6a:6c:5f:4a:cf:9b:5e:ca:9a:68:dc:75:
10:fe:dc:a0:80:39:36:c5:34:7a:b4:70:6b:c4:7b:
a7:f6:1f:1a:f1:bd:5e:fd:44:6e:fc:72:c3:11:a1:
17:9e:f6:db:d6:34:a0:c2:a9:cb:49:a9:58:4b:13:
65:65:7c:3d:0b:14:df:06:f6:3f:e3:53:84:ac:f2:
65:fd:36:62:53:a9:f0:38:e5:99:54:32:50:00:5f:
d0:ef:a5:1f:96:97:9f:05:dc:9c:49:70:af:8f:cc:
b3:eb:f0:89:90:ed:bd:cf:42:ce:44:65:29:7b:4c:
0f:75:70:fe:1f:29:46:38:ee:71:be:d0:da:11:50:
d2:32:4a:da:ee:1b:e0:d2:ad:bd:b1:66:f4:f1:e1:
15:60:b9:fb:4e:8d:b6:50:1e:c3:44:b6:ef:10:f8:
2e:43:d3:6f:9f:73:6c:30:c5:c3:3f:cf:e8:6a:0b:
63:82:64:d5:0c:a7:c2:9e:8f:aa:96:b4:ea:91:55:
6b:8e:73:e2:24:ef:f2:ef:e0:7f:95:92:72:81:24:
d7:0a:ee:8e:16:26:a2:ce:dd:87:e5:05:e2:b0:7a:
ee:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:30:45:88:09:42:6A:C2:A4:BA:3C:85:F0:4A:EF:BF:07:F4:FB:BE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RzBFiAlCasKkujyF8Ervvwf0-74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
8f:88:99:88:e7:31:12:6a:aa:6c:7a:e0:f1:1e:a2:a5:f6:b0:
e1:dd:4f:d2:82:2e:58:04:15:56:db:cc:9a:8d:5f:b8:12:ac:
fe:da:fb:e6:dc:a3:ea:ff:78:c7:4a:57:d4:84:2f:29:87:11:
70:18:8a:2c:63:7a:f0:d2:ee:1c:c1:df:44:ac:ec:9e:83:97:
fa:cc:96:0c:0e:e8:79:e0:5b:60:a1:01:40:c9:97:53:cd:3d:
ce:21:ba:b5:19:d2:86:f3:42:6b:ba:ba:b3:5e:11:46:4c:6a:
a9:52:64:1b:05:be:a8:13:53:c4:56:01:07:9d:78:3b:69:c3:
d5:72:a3:8d:ab:cc:ad:25:8e:94:f4:5b:84:47:ea:98:4b:1e:
23:45:63:a3:2b:e1:d9:93:6f:70:ac:39:db:fb:8b:92:e5:31:
4d:52:a4:d1:2f:3e:68:b8:ae:26:5e:09:57:17:db:4a:a8:84:
bd:82:75:d1:f0:8f:09:57:c6:1a:34:ab:98:d7:32:2d:85:b8:
e5:d8:53:8b:49:83:f9:6a:4f:4a:3f:03:2f:4b:5d:9e:09:2b:
5c:e2:c8:e4:9d:ba:51:5b:7a:5e:68:81:a7:38:b9:bf:22:03:
1b:f6:71:e6:1c:82:2f:0c:7b:ef:e1:76:a2:e4:bd:67:6a:8c:
49:48:57:92
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY9Tm5eR94Z8D9H5gD1GOn+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTA3MTUxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMwNDU4ODA5NDI2YWMyYTRiYTNjODVmMDRhZWZiZjA3ZjRmYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5MKIlHQWPmpbVJwJE/E03H3i2f7
wj6BxBM1h7VyFTJqbF9Kz5teyppo3HUQ/tyggDk2xTR6tHBrxHun9h8a8b1e/URu
/HLDEaEXnvbb1jSgwqnLSalYSxNlZXw9CxTfBvY/41OErPJl/TZiU6nwOOWZVDJQ
AF/Q76UflpefBdycSXCvj8yz6/CJkO29z0LORGUpe0wPdXD+HylGOO5xvtDaEVDS
Mkra7hvg0q29sWb08eEVYLn7To22UB7DRLbvEPguQ9Nvn3NsMMXDP8/oagtjgmTV
DKfCno+qlrTqkVVrjnPiJO/y7+B/lZJygSTXCu6OFiaizt2H5QXisHrunQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEcwRYgJQmrCpLo8hfBK778H9Pu+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUnpCRmlBbENhc0trdWp5RjhFcnZ2d2YwLTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQBwjo4AwQA
wleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQA1MABAwQA1MEEMBQEAgACMA4D
BQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAj4iZiOcxEmqqbHrg8R6i
pfaw4d1P0oIuWAQVVtvMmo1fuBKs/tr75tyj6v94x0pX1IQvKYcRcBiKLGN68NLu
HMHfRKzsnoOX+syWDA7oeeBbYKEBQMmXU809ziG6tRnShvNCa7q6s14RRkxqqVJk
GwW+qBNTxFYBB514O2nD1XKjjavMrSWOlPRbhEfqmEseI0Vjoyvh2ZNvcKw52/uL
kuUxTVKk0S8+aLiuJl4JVxfbSqiEvYJ10fCPCVfGGjSrmNcyLYW45dhTi0mD+WpP
Sj8DL0tdngkrXOLI5J26UVt6XmiBpzi5vyIDG/Zx5hyCLwx77+F2ouS9Z2qMSUhX
kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org