Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/STfd4kgUop0jdsnLRU_X-Pg9V4M.roa
File: STfd4kgUop0jdsnLRU_X-Pg9V4M.roa (raw, json)
Hash identifier: wygp8GPBaBhFtxAxHW9VGc9CiPKTQwPdcK/+t23sga0=
Subject key identifier: 49:37:DD:E2:48:14:A2:9D:23:76:C9:CB:45:4F:D7:F8:F8:3D:57:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185FCAB129182D20B5AD56918B697666D66
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/STfd4kgUop0jdsnLRU_X-Pg9V4M.roa
Signing time: Sun 29 Jan 2023 08:35:47 +0000
ROA not before: Sun 29 Jan 2023 08:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.255.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Feb 2023 09:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fc:ab:12:91:82:d2:0b:5a:d5:69:18:b6:97:66:6d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 08:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4937dde24814a29d2376c9cb454fd7f8f83d5783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dd:2d:9b:94:8e:91:df:96:19:be:70:6c:9e:
5b:bd:2c:40:02:0a:17:f9:0f:49:0f:f6:b2:37:90:
22:db:aa:76:48:6e:58:bd:fc:55:32:35:98:86:42:
09:ba:71:6c:0f:a0:40:51:bf:78:dd:bf:22:c7:97:
fd:20:36:07:96:c5:72:27:e3:fe:18:cc:2d:17:2b:
ed:5b:84:7b:30:b0:78:ce:b7:7d:a9:49:37:b9:a5:
2b:d2:2f:d0:22:53:e2:64:ec:27:de:96:6e:59:24:
e2:4b:c0:14:5a:d7:72:ea:19:d3:26:2e:98:25:39:
2d:d7:82:6c:da:65:e2:7c:8d:16:b1:79:88:93:ec:
fe:cf:27:9e:ee:02:43:ef:52:9d:70:de:05:34:68:
7e:35:9d:a5:09:98:3c:ae:f0:89:7c:49:35:cf:0a:
d6:cf:71:59:e5:f4:6e:be:19:06:23:70:ac:c8:ed:
36:42:5d:d9:59:24:d6:85:2d:74:14:95:63:f6:29:
29:db:57:59:a4:d1:e0:e8:89:31:a2:97:4a:b2:0a:
51:ef:9e:0e:13:25:5d:e8:ed:6c:c4:66:de:fe:de:
3c:b4:d7:30:a0:80:89:3b:f2:1d:a2:6b:65:b1:26:
c2:3d:cb:f1:e5:d5:52:53:14:47:f5:24:20:cf:77:
b5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:37:DD:E2:48:14:A2:9D:23:76:C9:CB:45:4F:D7:F8:F8:3D:57:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/STfd4kgUop0jdsnLRU_X-Pg9V4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.58.154.0/24
194.87.180.0/24
194.87.191.0/24
194.87.255.0/24
212.193.5.0/24
212.193.9.0/24
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:70:49:31:12:ae:3a:45:be:0a:9a:46:9c:05:26:63:3f:a2:
3a:81:75:91:e9:49:63:e4:b8:d7:0a:e1:63:f5:35:72:21:4f:
80:d9:be:1f:50:ed:26:e4:77:a5:5d:72:26:51:65:87:7f:ce:
5a:be:ed:44:69:e8:4a:69:df:a9:0c:db:0f:73:19:6a:ba:53:
02:95:02:b9:f8:21:db:e2:b0:6f:99:27:70:99:3b:68:bb:b9:
df:b6:40:eb:6f:51:44:83:56:e9:0a:89:bf:d8:68:fc:8b:33:
1a:f9:44:47:97:0d:9f:f1:76:fa:ea:63:36:c2:02:9d:78:a0:
58:c7:11:90:3e:a9:da:03:c5:98:e3:6c:12:b3:ae:3f:eb:94:
b6:9b:7e:3c:33:d5:5b:da:9e:61:9a:26:70:93:ae:d6:65:e6:
83:6a:4f:2d:c0:6e:f7:f2:96:71:a2:3f:9b:b5:20:0f:b5:26:
84:82:07:63:dd:4c:24:e6:51:cf:26:31:da:ca:4a:50:8f:21:
ce:75:e2:a0:09:5f:9a:de:78:4d:0f:fd:05:88:6b:d0:33:59:
9d:5b:0f:84:72:71:25:01:78:ec:9c:7c:42:4e:27:c3:c9:04:
35:41:b6:a6:74:04:8e:3e:ed:b9:f7:c4:a8:ec:8d:cf:bd:75:
60:97:dd:9b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYX8qxKRgtILWtVpGLaXZm1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI5MDgzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTM3ZGRlMjQ4MTRhMjlkMjM3NmM5Y2I0NTRmZDdmOGY4M2Q1NzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt0tm5SOkd+WGb5wbJ5bvSxAAgoX
+Q9JD/ayN5Ai26p2SG5YvfxVMjWYhkIJunFsD6BAUb943b8ix5f9IDYHlsVyJ+P+
GMwtFyvtW4R7MLB4zrd9qUk3uaUr0i/QIlPiZOwn3pZuWSTiS8AUWtdy6hnTJi6Y
JTkt14Js2mXifI0WsXmIk+z+zyee7gJD71KdcN4FNGh+NZ2lCZg8rvCJfEk1zwrW
z3FZ5fRuvhkGI3CsyO02Ql3ZWSTWhS10FJVj9ikp21dZpNHg6IkxopdKsgpR754O
EyVd6O1sxGbe/t48tNcwoICJO/IdomtlsSbCPcvx5dVSUxRH9SQgz3e1VwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEk33eJIFKKdI3bJy0VP1/j4PVeDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1RmZDRrZ1VvcDBqZHNuTFJVX1gtUGc5VjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwjo9AwQA
wjqaAwQAwle0AwQAwle/AwQAwlf/AwQA1MEFAwQA1MEJAwQA1MELMA0GCSqGSIb3
DQEBCwUAA4IBAQA8cEkxEq46Rb4KmkacBSZjP6I6gXWR6Ulj5LjXCuFj9TVyIU+A
2b4fUO0m5HelXXImUWWHf85avu1EaehKad+pDNsPcxlqulMClQK5+CHb4rBvmSdw
mTtou7nftkDrb1FEg1bpCom/2Gj8izMa+URHlw2f8Xb66mM2wgKdeKBYxxGQPqna
A8WY42wSs64/65S2m348M9Vb2p5hmiZwk67WZeaDak8twG738pZxoj+btSAPtSaE
ggdj3Uwk5lHPJjHaykpQjyHOdeKgCV+a3nhND/0FiGvQM1mdWw+EcnElAXjsnHxC
TifDyQQ1QbamdASOPu2598So7I3PvXVgl92b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org