Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Stukxpo8nwQrsW-2Bz0P8k39Hn4.roa
File: Stukxpo8nwQrsW-2Bz0P8k39Hn4.roa (raw, json)
Hash identifier: s5/nXZgBY5US2zB969nFMOdxBgHvRo2+klOeARpCueU=
Subject key identifier: 4A:DB:A4:C6:9A:3C:9F:04:2B:B1:6F:B6:07:3D:0F:F2:4D:FD:1E:7E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192B8B585DC3BF908E9F942BCC64514B8DC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Stukxpo8nwQrsW-2Bz0P8k39Hn4.roa
Signing time: Wed 23 Oct 2024 09:29:16 +0000
ROA not before: Wed 23 Oct 2024 09:29:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Oct 2024 10:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:b5:85:dc:3b:f9:08:e9:f9:42:bc:c6:45:14:b8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 23 09:29:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4adba4c69a3c9f042bb16fb6073d0ff24dfd1e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:11:d7:2d:72:19:bd:b0:46:52:1d:4e:98:8c:
e2:ab:a0:43:fc:b4:fc:8e:d1:89:72:91:4d:0c:a4:
0a:3d:dc:2e:b6:ef:1f:a7:9d:f7:02:20:ba:a3:74:
96:e8:96:9a:2f:01:14:da:70:81:39:64:f5:8e:be:
5a:27:07:8d:15:e7:98:46:d7:15:74:c8:e4:2b:d9:
40:fc:dc:90:de:e2:a2:52:3e:61:ad:13:59:e6:1b:
07:a8:1a:71:e0:b3:4e:91:8f:95:b7:82:78:52:2e:
ee:8e:00:00:fc:59:34:59:ed:00:42:13:44:7a:6b:
63:64:7d:43:28:ce:ca:3f:49:25:43:b1:ee:87:a0:
32:13:58:4e:d4:6b:b3:b9:d7:db:7c:d3:78:a0:f6:
54:05:8a:a3:00:b3:76:86:25:5f:6a:aa:92:7c:f1:
20:f0:72:98:e3:63:af:d8:58:f6:e6:b8:06:07:0d:
e7:59:2d:ac:42:33:db:1c:21:36:3c:d7:97:66:81:
0f:f5:0f:2b:07:63:b9:01:6d:95:e5:12:10:4c:3d:
01:ba:41:73:74:06:8a:e3:4e:d1:58:42:99:91:93:
69:ba:c5:09:20:18:1e:c0:65:15:0e:0e:bd:0f:4e:
99:55:f2:fe:eb:ea:43:fc:2e:98:b9:9a:2c:2b:4a:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DB:A4:C6:9A:3C:9F:04:2B:B1:6F:B6:07:3D:0F:F2:4D:FD:1E:7E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Stukxpo8nwQrsW-2Bz0P8k39Hn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.25.0-212.193.27.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
97:85:bc:8b:09:9c:f1:c8:02:ae:ce:ef:01:a0:c7:6d:4e:72:
57:64:de:19:1d:e2:63:87:65:9c:65:70:2a:36:7f:5a:3a:19:
2b:5e:76:c5:2c:36:dd:e1:56:36:41:a9:f8:33:43:71:a5:f6:
6a:b2:e2:af:04:3e:84:88:1c:c1:b6:6b:c4:1a:3f:5c:89:71:
b9:4c:69:54:db:7d:67:03:94:6b:ab:b5:30:83:14:f5:79:76:
e8:d5:06:e3:31:60:c7:ec:26:8f:03:cb:d7:dd:c6:fe:18:0d:
71:cd:77:5c:5c:05:cb:ce:d7:72:61:10:73:b8:1c:96:31:3f:
b5:f0:74:12:e3:0d:28:05:7f:ab:6b:cf:34:f2:84:2b:ae:0c:
1f:09:47:e3:1d:a5:38:30:6f:8a:f5:56:56:07:f8:ee:f9:7e:
cd:39:96:10:25:6d:34:00:c7:44:36:21:4a:7a:cc:58:b0:e3:
f5:11:28:d5:b4:d9:10:db:83:68:4c:81:cb:3e:d4:6b:39:38:
b2:0b:37:9c:eb:d9:87:36:e6:a7:c5:c8:d9:05:e2:e5:68:a3:
ec:cd:f2:63:79:b4:bf:ef:0d:90:f1:cf:43:36:e7:7c:ab:36:
88:ff:20:c3:56:e2:17:c7:61:ee:0e:9a:67:ef:f5:db:d5:70:
80:17:d0:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZK4tYXcO/kI6flCvMZFFLjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDIzMDkyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRiYTRjNjlhM2M5ZjA0MmJiMTZmYjYwNzNkMGZmMjRkZmQxZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBHXLXIZvbBGUh1OmIziq6BD/LT8
jtGJcpFNDKQKPdwutu8fp533AiC6o3SW6JaaLwEU2nCBOWT1jr5aJweNFeeYRtcV
dMjkK9lA/NyQ3uKiUj5hrRNZ5hsHqBpx4LNOkY+Vt4J4Ui7ujgAA/Fk0We0AQhNE
emtjZH1DKM7KP0klQ7Huh6AyE1hO1GuzudfbfNN4oPZUBYqjALN2hiVfaqqSfPEg
8HKY42Ov2Fj25rgGBw3nWS2sQjPbHCE2PNeXZoEP9Q8rB2O5AW2V5RIQTD0BukFz
dAaK407RWEKZkZNpusUJIBgewGUVDg69D06ZVfL+6+pD/C6YuZosK0pj5wIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFErbpMaaPJ8EK7Fvtgc9D/JN/R5+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU3R1a3hwbzhud1Fyc1ctMkJ6MFA4azM5SG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQAwHy0AwQA
wjqbAwQAwlepAwQAwleyAwQAwlfgAwQAwochAwQBw4UYAwQBw4UoAwQBw4UyAwQB
w4VcAwQA1MABMAwDBADUwRkDBALUwRgwFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0G
CSqGSIb3DQEBCwUAA4IBAQCXhbyLCZzxyAKuzu8BoMdtTnJXZN4ZHeJjh2WcZXAq
Nn9aOhkrXnbFLDbd4VY2Qan4M0NxpfZqsuKvBD6EiBzBtmvEGj9ciXG5TGlU231n
A5Rrq7UwgxT1eXbo1QbjMWDH7CaPA8vX3cb+GA1xzXdcXAXLztdyYRBzuByWMT+1
8HQS4w0oBX+ra8808oQrrgwfCUfjHaU4MG+K9VZWB/ju+X7NOZYQJW00AMdENiFK
esxYsOP1ESjVtNkQ24NoTIHLPtRrOTiyCzec69mHNuanxcjZBeLlaKPszfJjebS/
7w2Q8c9DNud8qzaI/yDDVuIXx2HuDppn7/Xb1XCAF9Ao
-----END CERTIFICATE-----
Generated at Mon Oct 28 12:17:12 2024 by rpki-client on console-ams.rpki-client.org