Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sd8GH7_HEj0XQOJs03ihO3z6hAk.roa
File: Sd8GH7_HEj0XQOJs03ihO3z6hAk.roa (raw, json)
Hash identifier: VjIjM5uNH+doJzvBLMgqni2wCJZmLHdaUmg9lltsaQM=
Subject key identifier: 49:DF:06:1F:BF:C7:12:3D:17:40:E2:6C:D3:78:A1:3B:7C:FA:84:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018FE7885BBD1CCB87C61EC766370535BFFB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sd8GH7_HEj0XQOJs03ihO3z6hAk.roa
Signing time: Wed 05 Jun 2024 08:33:44 +0000
ROA not before: Wed 05 Jun 2024 08:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.249.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jul 2024 16:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:88:5b:bd:1c:cb:87:c6:1e:c7:66:37:05:35:bf:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 5 08:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49df061fbfc7123d1740e26cd378a13b7cfa8409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0c:74:95:f1:95:65:a1:65:0b:f1:0e:67:c7:
bc:39:fe:8c:37:88:2d:63:18:4f:7d:48:2b:9c:00:
1b:d2:33:8a:dd:79:f6:03:a1:03:32:9a:40:d5:a6:
01:5d:90:82:5a:c1:3d:aa:cc:90:88:f5:6c:a4:54:
1f:f8:77:15:63:ea:19:59:da:65:a0:77:33:a5:ae:
81:fd:86:6d:26:1e:0e:a7:df:b6:67:a3:9b:04:ca:
43:40:8a:20:fa:00:d6:e9:56:44:fc:78:7b:d7:19:
98:56:82:59:c2:26:de:a0:03:cb:da:f0:e5:b4:82:
4c:af:35:2b:28:d8:8f:76:df:2b:14:c3:c9:6a:64:
4b:3d:dc:95:f2:3b:0f:88:fc:b8:86:ea:94:5e:5f:
53:99:c6:d9:46:2d:d3:fe:5e:4e:bb:37:1a:5f:34:
e6:3d:c5:b7:4d:fc:61:da:0e:6d:ca:d2:b3:84:e7:
6f:eb:a7:a3:70:77:23:94:75:2c:5f:dd:73:63:d8:
e3:3e:6b:1a:46:ae:81:c7:a1:53:88:c2:83:36:b1:
36:66:1f:1b:8d:cc:b4:28:13:e1:14:81:2c:46:04:
36:ed:e5:2d:29:16:7a:46:f4:15:a3:b9:5d:27:35:
b1:a7:c2:e5:e0:18:ae:ef:9e:71:80:c1:91:63:11:
01:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DF:06:1F:BF:C7:12:3D:17:40:E2:6C:D3:78:A1:3B:7C:FA:84:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Sd8GH7_HEj0XQOJs03ihO3z6hAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.249.0-194.85.250.255
195.133.39.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:0c:7c:eb:63:74:21:06:80:26:78:8d:da:d8:9f:45:6f:79:
80:af:fc:13:b6:18:52:7f:32:67:9f:86:94:1d:06:fc:e5:47:
70:d6:17:45:24:81:dd:1d:80:ef:ca:36:b3:3c:9b:a3:9e:3a:
f5:be:95:bf:32:5c:19:88:62:a8:9d:b6:24:f3:9a:6f:eb:b1:
05:dd:60:e0:6e:68:4b:cd:c4:ed:6c:f8:32:f6:c9:4a:d2:da:
b0:2f:9f:f8:a8:aa:64:51:69:84:bb:ed:bb:1a:ea:3c:29:32:
00:63:8d:45:f3:2b:87:cc:6a:31:be:d6:0c:f3:d7:ff:97:09:
01:9a:6c:55:5c:d3:20:ad:d5:8d:ca:35:55:31:44:77:4f:e2:
cf:21:9b:ab:39:f7:e1:1d:39:bb:99:89:d0:9f:1d:71:2a:3f:
7a:e7:84:ae:fe:ec:c4:b9:24:7a:5d:9f:90:f2:44:58:05:f4:
01:f4:3f:4a:dc:30:74:d0:0e:06:e6:db:2c:55:74:7c:5d:79:
5b:0b:fa:9b:22:a0:90:93:9c:ee:c4:25:37:60:49:ed:ff:50:
a6:b2:b6:c8:ec:2f:87:7f:2f:04:d7:ba:c7:cf:f0:08:70:39:
62:0f:bf:f5:5a:8c:3d:d9:bc:7b:40:bc:7d:7f:b8:7b:e6:01:
98:13:18:4c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/niFu9HMuHxh7HZjcFNb/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjA1MDgzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRmMDYxZmJmYzcxMjNkMTc0MGUyNmNkMzc4YTEzYjdjZmE4NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gx0lfGVZaFlC/EOZ8e8Of6MN4gt
YxhPfUgrnAAb0jOK3Xn2A6EDMppA1aYBXZCCWsE9qsyQiPVspFQf+HcVY+oZWdpl
oHczpa6B/YZtJh4Op9+2Z6ObBMpDQIog+gDW6VZE/Hh71xmYVoJZwibeoAPL2vDl
tIJMrzUrKNiPdt8rFMPJamRLPdyV8jsPiPy4huqUXl9TmcbZRi3T/l5OuzcaXzTm
PcW3Tfxh2g5tytKzhOdv66ejcHcjlHUsX91zY9jjPmsaRq6Bx6FTiMKDNrE2Zh8b
jcy0KBPhFIEsRgQ27eUtKRZ6RvQVo7ldJzWxp8Ll4Biu755xgMGRYxEBTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEnfBh+/xxI9F0DibNN4oTt8+oQJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU2Q4R0g3X0hFajBYUU9KczAzaWhPM3o2aEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCVfkD
BADCVfoDBADDhScDBADUwPUwDQYJKoZIhvcNAQELBQADggEBAHsMfOtjdCEGgCZ4
jdrYn0VveYCv/BO2GFJ/MmefhpQdBvzlR3DWF0Ukgd0dgO/KNrM8m6OeOvW+lb8y
XBmIYqidtiTzmm/rsQXdYOBuaEvNxO1s+DL2yUrS2rAvn/ioqmRRaYS77bsa6jwp
MgBjjUXzK4fMajG+1gzz1/+XCQGabFVc0yCt1Y3KNVUxRHdP4s8hm6s59+EdObuZ
idCfHXEqP3rnhK7+7MS5JHpdn5DyRFgF9AH0P0rcMHTQDgbm2yxVdHxdeVsL+psi
oJCTnO7EJTdgSe3/UKaytsjsL4d/LwTXusfP8AhwOWIPv/VajD3ZvHtAvH1/uHvm
AZgTGEw=
-----END CERTIFICATE-----
Generated at Sat Jul 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org