Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UT1fOgPwVa1KhTcDApDLno5vJOU.roa
File: UT1fOgPwVa1KhTcDApDLno5vJOU.roa (raw, json)
Hash identifier: j1LdFOf8Ys4ZEY3NPSC3ecohD/9ul1N/FBvC00ysXOE=
Subject key identifier: 51:3D:5F:3A:03:F0:55:AD:4A:85:37:03:02:90:CB:9E:8E:6F:24:E5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191C1E9129AD9D29463E254BA5A6E06BF00
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UT1fOgPwVa1KhTcDApDLno5vJOU.roa
Signing time: Thu 05 Sep 2024 11:19:22 +0000
ROA not before: Thu 05 Sep 2024 11:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 194.87.85.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:e9:12:9a:d9:d2:94:63:e2:54:ba:5a:6e:06:bf:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 5 11:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=513d5f3a03f055ad4a8537030290cb9e8e6f24e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:9e:d3:cb:63:ad:a1:d2:0e:d7:de:01:89:a4:
2c:7a:28:d0:9e:4e:c9:9d:75:a7:fc:77:b6:7f:37:
c9:70:8a:d9:32:08:98:e0:3d:cb:44:7a:7c:6b:f1:
43:7b:6c:54:fc:07:c3:c9:be:40:10:9d:75:65:b0:
53:ea:ff:7b:a3:d7:a5:af:10:47:d9:3b:5e:b6:ae:
80:a2:8a:78:a7:b2:64:40:85:19:38:14:5c:6e:c0:
ae:fc:bb:6e:39:b9:a8:c5:f5:a1:24:f4:fd:68:2f:
39:ba:c5:f6:6d:3f:d0:6f:a2:ab:ca:da:6a:8f:bd:
18:d3:c4:0d:96:0a:94:99:b7:b9:b7:84:54:14:24:
f8:8e:2f:3f:96:16:b8:68:fc:4d:f8:13:e1:2a:88:
49:40:1e:c5:e6:3f:c2:7c:75:d0:24:2b:75:6f:02:
02:71:5a:fd:38:56:06:4f:ff:03:92:ba:07:a1:4f:
bb:d7:3a:fd:0d:74:a9:30:42:ea:e8:30:e9:b9:3a:
b6:8c:07:f4:3d:25:0b:4b:ef:c6:42:f1:aa:d3:55:
27:40:f3:73:b6:72:10:ea:91:11:88:69:cc:d7:23:
c9:5e:45:86:00:38:fb:4b:2d:cc:2d:65:95:bf:11:
55:96:d8:9e:d8:26:65:ff:6a:be:ab:1a:d5:9a:ea:
0f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3D:5F:3A:03:F0:55:AD:4A:85:37:03:02:90:CB:9E:8E:6F:24:E5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UT1fOgPwVa1KhTcDApDLno5vJOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.85.0/24
195.133.18.0/24
195.133.26.0/24
212.192.246.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
20:ce:d4:b0:a9:0f:74:bc:93:7a:22:a1:78:b1:4a:65:5b:cf:
de:2e:e4:a4:bf:d1:37:29:8f:32:fd:c1:89:71:ea:03:0b:7b:
fb:b0:24:86:a8:d0:1c:39:07:62:52:92:96:cf:d3:5a:11:66:
5b:b0:97:85:ba:42:ae:18:94:c4:20:78:2c:ce:be:5b:dc:13:
06:84:de:d8:68:b9:a4:23:b5:84:25:4a:12:a8:73:46:52:a7:
2e:77:4a:5a:7a:10:4f:16:5b:c4:1c:f4:06:74:6d:ec:2c:53:
85:7a:03:c9:b2:ac:0f:81:7b:73:f8:ae:bd:fa:f7:3f:fe:7a:
4e:ba:5f:e1:2d:4a:95:7a:06:2c:52:fc:cd:02:e9:28:5c:8c:
67:e4:60:75:5d:35:58:e2:c2:76:03:15:3f:b3:03:e7:92:be:
b3:1d:4d:e0:07:b2:c7:08:05:48:b5:25:64:b2:9d:75:76:7b:
e9:e4:01:00:1f:d8:33:1d:3f:67:0c:aa:7f:7b:99:98:ae:2f:
68:79:89:46:4f:97:ac:8b:c9:35:be:b6:f8:33:4e:78:e9:d8:
2b:26:d5:79:6f:55:89:d0:1f:8d:38:56:be:63:5f:ed:bb:04:
56:36:ef:8d:01:db:7f:3e:14:0d:06:ea:55:62:ba:3b:d3:4b:
f4:62:79:ea
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHB6RKa2dKUY+JUulpuBr8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA1MTExOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNkNWYzYTAzZjA1NWFkNGE4NTM3MDMwMjkwY2I5ZThlNmYyNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8p7Ty2OtodIO194BiaQseijQnk7J
nXWn/He2fzfJcIrZMgiY4D3LRHp8a/FDe2xU/AfDyb5AEJ11ZbBT6v97o9elrxBH
2Ttetq6Aoop4p7JkQIUZOBRcbsCu/LtuObmoxfWhJPT9aC85usX2bT/Qb6Krytpq
j70Y08QNlgqUmbe5t4RUFCT4ji8/lha4aPxN+BPhKohJQB7F5j/CfHXQJCt1bwIC
cVr9OFYGT/8DkroHoU+71zr9DXSpMELq6DDpuTq2jAf0PSULS+/GQvGq01UnQPNz
tnIQ6pERiGnM1yPJXkWGADj7Sy3MLWWVvxFVltie2CZl/2q+qxrVmuoP3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFE9XzoD8FWtSoU3AwKQy56ObyTlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVVQxZk9nUHdWYTFLaFRjREFwRExubzV2Sk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwldVAwQA
w4USAwQAw4UaAwQA1MD2AwQA1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQAgztSwqQ90
vJN6IqF4sUplW8/eLuSkv9E3KY8y/cGJceoDC3v7sCSGqNAcOQdiUpKWz9NaEWZb
sJeFukKuGJTEIHgszr5b3BMGhN7YaLmkI7WEJUoSqHNGUqcud0paehBPFlvEHPQG
dG3sLFOFegPJsqwPgXtz+K69+vc//npOul/hLUqVegYsUvzNAukoXIxn5GB1XTVY
4sJ2AxU/swPnkr6zHU3gB7LHCAVItSVksp11dnvp5AEAH9gzHT9nDKp/e5mYri9o
eYlGT5esi8k1vrb4M0546dgrJtV5b1WJ0B+NOFa+Y1/tuwRWNu+NAdt/PhQNBupV
Yro700v0Ynnq
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:52 2024 by rpki-client on console-ams.rpki-client.org