Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V2epvPclAMQdg3dFjAfB_t9m1Dc.roa
File: V2epvPclAMQdg3dFjAfB_t9m1Dc.roa (raw, json)
Hash identifier: Ko/sNgfI+QbjDsNAT+VnKEnZ95wRIjnzOsxvDo/axiA=
Subject key identifier: 57:67:A9:BC:F7:25:00:C4:1D:83:77:45:8C:07:C1:FE:DF:66:D4:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01901C76EE182BA5AE7BA67B12CAC02040EF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V2epvPclAMQdg3dFjAfB_t9m1Dc.roa
Signing time: Sat 15 Jun 2024 15:14:34 +0000
ROA not before: Sat 15 Jun 2024 15:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.134.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 18 Jun 2024 15:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:76:ee:18:2b:a5:ae:7b:a6:7b:12:ca:c0:20:40:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 15 15:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5767a9bcf72500c41d8377458c07c1fedf66d437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:74:e3:b5:ed:59:97:dd:92:ed:8e:79:5a:eb:
68:44:b3:58:bd:23:e8:ee:82:71:aa:73:e9:8f:d0:
8f:b9:fb:69:bf:5e:ae:ad:88:6e:20:28:6e:45:7d:
23:4f:c1:98:4f:86:43:f7:e7:01:5c:90:e0:1f:60:
6b:46:cc:58:82:d3:dd:42:01:32:86:4f:a6:c1:2c:
19:c4:61:ce:56:d0:34:cc:08:da:dc:3c:eb:ff:1a:
a4:56:cc:10:41:94:b1:56:4d:46:65:10:be:36:6b:
a1:75:20:a7:f3:dc:bc:06:d0:70:81:eb:54:8d:a2:
5d:15:2a:35:81:b9:44:8d:ba:33:5e:1d:c9:bd:33:
e9:82:08:3f:49:07:90:5d:cd:e2:b7:a1:26:b9:bf:
95:fa:cd:58:ce:26:24:0c:91:ec:dc:d5:eb:bc:eb:
d5:8c:85:2c:b8:c6:00:c3:e2:32:3a:ca:d5:7f:52:
24:3c:b4:02:b8:b5:30:a4:75:3b:2e:39:9a:49:a9:
87:d6:ae:74:d2:c5:65:32:49:79:be:dc:7d:fe:0f:
bf:8b:78:cb:1b:37:76:d7:b9:a8:f2:b2:5e:4f:f2:
1b:9e:da:08:51:7d:9f:25:32:00:f2:5e:18:c5:b3:
7b:28:d1:35:b0:9b:a9:8d:1e:a6:4a:a0:e8:b4:fb:
ef:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:67:A9:BC:F7:25:00:C4:1D:83:77:45:8C:07:C1:FE:DF:66:D4:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/V2epvPclAMQdg3dFjAfB_t9m1Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.134.0/24
194.87.141.0/24
194.87.169.0/24
195.58.39.0/24
195.133.25.0/24
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
42:32:cb:79:13:e8:28:22:a9:6d:d2:e3:9b:04:0a:b7:bc:1f:
a4:89:6b:a9:14:78:96:1f:65:f8:2d:8a:b4:0f:9f:c0:52:fc:
f8:53:e8:e7:b3:b5:d2:1a:5b:04:b7:b9:1c:02:6b:44:71:68:
fe:ba:5a:db:1d:88:9a:bb:80:9f:fa:a4:8d:a3:53:d4:32:13:
cc:2f:2e:f8:51:13:b8:4a:37:b5:7f:e2:e7:bf:00:af:0e:50:
e1:f0:fd:e8:af:dc:99:fd:d0:00:70:1b:79:be:1f:a0:21:28:
5f:1b:de:16:c2:a4:e5:ca:0a:94:b9:ee:86:5e:8e:25:33:aa:
03:52:17:05:c2:ca:51:e8:ec:2f:1c:51:e1:15:21:3a:2a:b1:
eb:db:f8:bb:18:d1:79:1a:21:69:84:1d:56:ae:21:1b:ea:3f:
88:d0:75:f7:ff:d6:d7:59:f4:f5:ef:77:43:6c:59:39:83:c1:
9d:d6:f0:b6:55:ab:4f:c5:29:92:8b:4b:00:1f:41:32:12:85:
55:5d:b3:2b:ee:1f:22:4f:4a:21:fa:36:91:a1:43:17:5c:87:
76:fa:8a:84:6d:ad:09:e8:38:72:5c:28:b2:42:0b:a4:9f:86:
f6:ff:58:8e:a5:ff:7d:5c:72:ee:52:a0:52:3a:d1:b5:14:2a:
1b:16:07:ae
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZAcdu4YK6Wue6Z7EsrAIEDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjE1MTUxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzY3YTliY2Y3MjUwMGM0MWQ4Mzc3NDU4YzA3YzFmZWRmNjZkNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXTjte1Zl92S7Y55WutoRLNYvSPo
7oJxqnPpj9CPuftpv16urYhuIChuRX0jT8GYT4ZD9+cBXJDgH2BrRsxYgtPdQgEy
hk+mwSwZxGHOVtA0zAja3Dzr/xqkVswQQZSxVk1GZRC+NmuhdSCn89y8BtBwgetU
jaJdFSo1gblEjbozXh3JvTPpggg/SQeQXc3it6Emub+V+s1YziYkDJHs3NXrvOvV
jIUsuMYAw+IyOsrVf1IkPLQCuLUwpHU7LjmaSamH1q500sVlMkl5vtx9/g+/i3jL
Gzd217mo8rJeT/IbntoIUX2fJTIA8l4YxbN7KNE1sJupjR6mSqDotPvvQQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFdnqbz3JQDEHYN3RYwHwf7fZtQ3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVjJlcHZQY2xBTVFkZzNkRmpBZkJfdDltMURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQBwjo4AwQA
wleGAwQAwleNAwQAwlepAwQAwzonAwQAw4UZAwQBw4UyAwQBw4VcAwQA1MABAwQA
1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAQjLL
eRPoKCKpbdLjmwQKt7wfpIlrqRR4lh9l+C2KtA+fwFL8+FPo57O10hpbBLe5HAJr
RHFo/rpa2x2ImruAn/qkjaNT1DITzC8u+FETuEo3tX/i578Arw5Q4fD96K/cmf3Q
AHAbeb4foCEoXxveFsKk5coKlLnuhl6OJTOqA1IXBcLKUejsLxxR4RUhOiqx69v4
uxjReRohaYQdVq4hG+o/iNB19//W11n09e93Q2xZOYPBndbwtlWrT8UpkotLAB9B
MhKFVV2zK+4fIk9KIfo2kaFDF1yHdvqKhG2tCeg4clwoskILpJ+G9v9YjqX/fVxy
7lKgUjrRtRQqGxYHrg==
-----END CERTIFICATE-----
Generated at Tue Jun 18 20:03:10 2024 by rpki-client on console-fra.rpki-client.org