Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Um5NXV7AvrLJt1L58L03Oa-6rwg.roa
File: Um5NXV7AvrLJt1L58L03Oa-6rwg.roa (raw, json)
Hash identifier: nqa+KZySpTV/nkvOA/gP5evUnFiH9He93VOTd+Wlzng=
Subject key identifier: 52:6E:4D:5D:5E:C0:BE:B2:C9:B7:52:F9:F0:BD:37:39:AF:BA:AF:08
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F942C444A7D36815EC74388FEB514D716
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Um5NXV7AvrLJt1L58L03Oa-6rwg.roa
Signing time: Mon 20 May 2024 04:04:39 +0000
ROA not before: Mon 20 May 2024 04:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.134.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.54.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Jun 2024 12:40:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:2c:44:4a:7d:36:81:5e:c7:43:88:fe:b5:14:d7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 20 04:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=526e4d5d5ec0beb2c9b752f9f0bd3739afbaaf08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c0:1f:4b:51:18:82:59:e3:e4:3f:8b:f6:ab:
20:49:72:3d:47:b8:72:a1:9c:6f:67:40:c9:ad:d4:
63:e0:33:e9:8d:91:0b:ce:08:f9:25:3a:91:e0:00:
64:cb:ce:fd:01:47:53:5d:5e:5e:43:a0:1c:b3:26:
b1:62:d4:70:f1:f5:6e:00:dd:91:6f:4e:87:45:87:
08:ab:4d:5a:d0:8e:f8:d8:46:53:a4:79:fa:05:70:
fc:29:fb:95:24:74:66:c0:a8:99:d5:b0:65:fc:71:
3b:aa:88:bf:eb:98:c0:15:45:15:45:14:01:75:1d:
2e:79:61:9f:7d:29:26:3a:6e:22:e7:42:2a:20:d7:
c0:b9:ba:91:cc:71:25:74:58:14:a7:ed:61:4e:5b:
8e:db:50:30:22:a6:05:78:89:06:67:c4:cf:8e:fc:
0d:7f:ea:f4:2c:18:77:b3:66:66:68:94:3a:97:35:
e8:1d:9d:81:40:d7:5e:0a:a2:17:95:63:80:a6:99:
f7:14:09:d1:4a:c1:33:c1:eb:3f:d6:68:72:d2:f4:
cf:8c:33:cd:96:6d:e2:d6:0d:d1:a7:27:61:16:b7:
72:b1:a5:d8:e7:7e:b8:81:77:f8:fd:39:67:34:4b:
24:4d:b9:20:b0:6f:b3:7a:19:e5:e1:7f:69:a6:cf:
74:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6E:4D:5D:5E:C0:BE:B2:C9:B7:52:F9:F0:BD:37:39:AF:BA:AF:08
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Um5NXV7AvrLJt1L58L03Oa-6rwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.134.0/24
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
195.133.54.0/24
195.133.92.0/23
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
91:19:30:de:04:97:a6:44:2a:60:8d:8f:81:5a:25:b6:cb:ed:
67:09:50:98:a4:36:18:ae:b5:c7:ad:7f:49:c9:34:48:c1:9e:
5c:01:1e:67:d1:3b:c2:be:76:c2:fd:dd:f9:fb:a1:7b:f5:4d:
8b:de:7c:1a:90:4a:e3:d5:6e:38:75:fe:f0:19:68:87:28:d1:
7c:da:d2:f5:ce:ee:b1:2f:c9:28:d3:d0:35:9b:74:2f:e0:11:
8a:19:be:37:f8:9c:26:04:88:73:af:0b:e2:2c:1d:bc:74:fd:
40:d0:ac:f8:38:66:c8:79:17:17:41:01:31:e0:9d:85:4f:24:
e1:d2:ed:4b:e3:9b:7a:60:0c:94:76:0f:e7:ad:a0:5f:1b:04:
8a:2d:1b:1e:cb:04:04:d2:c6:bb:65:f7:a4:45:fe:5a:f3:cb:
56:e9:23:54:b4:60:44:74:47:91:e2:2f:c9:c2:ed:f6:81:95:
6d:44:34:9a:cc:d2:c5:6e:0e:91:7c:43:34:5f:9f:6c:d9:8d:
ad:13:c8:77:c3:8c:84:98:a0:aa:55:e5:08:57:24:13:af:d5:
ad:76:ba:5f:de:b4:e3:c3:16:49:65:b8:38:ff:6e:38:2c:00:
fb:76:f8:f9:14:ee:28:3e:b1:24:4e:99:ef:31:b5:72:04:8c:
88:3c:3d:b6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY+ULERKfTaBXsdDiP61FNcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTIwMDQwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZlNGQ1ZDVlYzBiZWIyYzliNzUyZjlmMGJkMzczOWFmYmFhZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycAfS1EYglnj5D+L9qsgSXI9R7hy
oZxvZ0DJrdRj4DPpjZELzgj5JTqR4ABky879AUdTXV5eQ6AcsyaxYtRw8fVuAN2R
b06HRYcIq01a0I742EZTpHn6BXD8KfuVJHRmwKiZ1bBl/HE7qoi/65jAFUUVRRQB
dR0ueWGffSkmOm4i50IqINfAubqRzHEldFgUp+1hTluO21AwIqYFeIkGZ8TPjvwN
f+r0LBh3s2ZmaJQ6lzXoHZ2BQNdeCqIXlWOAppn3FAnRSsEzwes/1mhy0vTPjDPN
lm3i1g3RpydhFrdysaXY5364gXf4/TlnNEskTbkgsG+zehnl4X9pps90twIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFJuTV1ewL6yybdS+fC9Nzmvuq8IMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVW01TlhWN0F2ckxKdDFMNThMMDNPYS02cndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQBwjo4AwQA
wleGAwQAwleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQAw4U2AwQBw4VcAwQA
1MABAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOC
AQEAkRkw3gSXpkQqYI2PgVoltsvtZwlQmKQ2GK61x61/Sck0SMGeXAEeZ9E7wr52
wv3d+fuhe/VNi958GpBK49VuOHX+8BlohyjRfNrS9c7usS/JKNPQNZt0L+ARihm+
N/icJgSIc68L4iwdvHT9QNCs+DhmyHkXF0EBMeCdhU8k4dLtS+ObemAMlHYP562g
XxsEii0bHssEBNLGu2X3pEX+WvPLVukjVLRgRHRHkeIvycLt9oGVbUQ0mszSxW4O
kXxDNF+fbNmNrRPId8OMhJigqlXlCFckE6/VrXa6X96048MWSWW4OP9uOCwA+3b4
+RTuKD6xJE6Z7zG1cgSMiDw9tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org