Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Se-PjSqqiSn-7LkZbEkKBBerl3w.roa
File: Se-PjSqqiSn-7LkZbEkKBBerl3w.roa (raw, json)
Hash identifier: NR/fuXGAK/Dt5uoPy/cQWpao1lqX6BL2GZYpLcFB/nQ=
Subject key identifier: 49:EF:8F:8D:2A:AA:89:29:FE:EC:B9:19:6C:49:0A:04:17:AB:97:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F76BC59167BF41E5C3B5198F8C2F84DF3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Se-PjSqqiSn-7LkZbEkKBBerl3w.roa
Signing time: Tue 14 May 2024 10:53:26 +0000
ROA not before: Tue 14 May 2024 10:53:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.134.0/23 maxlen: 23
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 12:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:bc:59:16:7b:f4:1e:5c:3b:51:98:f8:c2:f8:4d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 14 10:53:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49ef8f8d2aaa8929feecb9196c490a0417ab977c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9b:7d:60:b0:f2:10:2d:09:e4:0d:ab:2a:73:
e4:63:6b:10:4b:9b:20:59:26:5b:64:90:cf:d2:b4:
04:dc:0d:8f:8c:2d:1d:61:e3:90:03:cb:8c:e1:95:
37:a9:99:4a:79:dd:76:73:57:23:f4:77:21:aa:d1:
75:21:12:92:8d:3a:dc:21:48:fe:71:15:60:e5:ae:
ee:73:a4:2d:cf:dc:fc:c0:9d:4f:a6:6b:d6:9c:88:
fa:9c:c2:4d:85:84:b4:27:d3:ec:8c:70:f5:e3:8d:
64:0d:f2:1e:aa:86:1e:63:ad:34:6f:b3:a6:ed:86:
89:65:a3:b1:c4:f3:a9:6c:5a:f6:12:6d:c8:46:0d:
bb:95:c2:8f:45:67:6e:20:3e:58:19:f8:1b:c2:34:
21:67:5c:28:55:64:41:86:cb:1d:b0:ce:f6:83:80:
c9:70:79:00:4a:e0:6e:fd:07:05:f4:c6:8e:4f:31:
68:08:fd:cc:38:c0:cd:c1:57:a5:15:8b:b6:e4:db:
ff:f1:51:c3:02:9b:19:0b:af:2b:ad:87:ff:94:ed:
71:bc:b5:77:5e:0d:78:3a:f2:ea:01:a2:d7:53:d4:
6e:f9:69:b2:d9:6d:3f:76:9d:c7:00:35:96:2f:3d:
8b:83:79:42:da:42:73:d3:ae:b6:d5:32:82:82:6b:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EF:8F:8D:2A:AA:89:29:FE:EC:B9:19:6C:49:0A:04:17:AB:97:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Se-PjSqqiSn-7LkZbEkKBBerl3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.11.0/24
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.114.0/23
194.87.134.0/23
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
54:53:50:7c:f0:fc:0e:ae:72:4e:fa:22:33:c9:47:ca:be:0e:
32:85:5c:91:db:de:c3:d6:ad:df:e0:0b:b1:b6:f7:f2:a2:5f:
01:a8:64:9e:07:91:44:58:14:f4:08:c6:0c:5c:da:d3:25:2f:
3f:20:91:1d:5d:f4:f8:d4:45:57:2a:d1:50:52:11:ee:00:39:
5e:07:67:03:b7:e3:35:98:a6:e2:5d:ea:5d:7b:4d:a1:a6:e9:
4f:0c:30:1f:e7:7f:c9:24:6a:02:d5:8a:c5:e2:42:f6:08:81:
f7:b0:25:2d:5b:bb:77:9a:50:eb:81:50:1c:7b:b4:ec:29:40:
3c:fd:05:9f:a4:71:38:5b:9d:28:c2:90:72:c5:c4:e2:21:80:
34:72:a4:32:5b:66:f0:95:93:d8:0e:0e:6f:96:df:a2:b7:4b:
b2:98:ae:8f:e3:1e:78:2c:6f:a1:10:d5:ba:a8:66:b0:28:97:
25:3c:c9:73:83:95:a9:75:5d:da:20:26:06:27:23:60:a9:1a:
fb:75:60:cd:18:04:67:b6:7b:c7:61:85:28:c5:0d:1a:fa:9a:
9b:e3:a4:73:a3:1a:0b:01:10:4d:ad:78:a0:28:a3:dd:48:01:
c8:71:0e:e6:50:b5:f6:26:55:34:f3:ba:c7:53:76:f1:4f:cd:
8f:cf:5e:a3
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY92vFkWe/QeXDtRmPjC+E3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTE0MTA1MzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWVmOGY4ZDJhYWE4OTI5ZmVlY2I5MTk2YzQ5MGEwNDE3YWI5NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5t9YLDyEC0J5A2rKnPkY2sQS5sg
WSZbZJDP0rQE3A2PjC0dYeOQA8uM4ZU3qZlKed12c1cj9HchqtF1IRKSjTrcIUj+
cRVg5a7uc6Qtz9z8wJ1PpmvWnIj6nMJNhYS0J9PsjHD1441kDfIeqoYeY600b7Om
7YaJZaOxxPOpbFr2Em3IRg27lcKPRWduID5YGfgbwjQhZ1woVWRBhssdsM72g4DJ
cHkASuBu/QcF9MaOTzFoCP3MOMDNwVelFYu25Nv/8VHDApsZC68rrYf/lO1xvLV3
Xg14OvLqAaLXU9Ru+Wmy2W0/dp3HADWWLz2Lg3lC2kJz06621TKCgmvEBQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEnvj40qqokp/uy5GWxJCgQXq5d8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU2UtUGpTcXFpU24tN0xrWmJFa0tCQmVybDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwHyyAwQA
wXxQAwQAwXyFAwQAwjovAwQAwlcLAwQAwlcSAwQAwlcVAwQAwlceAwQBwldyAwQB
wleGAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA1MDeMA0GCSqGSIb3DQEBCwUA
A4IBAQBUU1B88PwOrnJO+iIzyUfKvg4yhVyR297D1q3f4Auxtvfyol8BqGSeB5FE
WBT0CMYMXNrTJS8/IJEdXfT41EVXKtFQUhHuADleB2cDt+M1mKbiXepde02hpulP
DDAf53/JJGoC1YrF4kL2CIH3sCUtW7t3mlDrgVAce7TsKUA8/QWfpHE4W50owpBy
xcTiIYA0cqQyW2bwlZPYDg5vlt+it0uymK6P4x54LG+hENW6qGawKJclPMlzg5Wp
dV3aICYGJyNgqRr7dWDNGARntnvHYYUoxQ0a+pqb46RzoxoLARBNrXigKKPdSAHI
cQ7mULX2JlU087rHU3bxT82Pz16j
-----END CERTIFICATE-----
Generated at Mon Jun 3 19:46:00 2024 by rpki-client on console-ams.rpki-client.org