Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WAvL_K3fHcL30GdibhUOlW_GQGk.roa
File: WAvL_K3fHcL30GdibhUOlW_GQGk.roa (raw, json)
Hash identifier: BjMopB0GS4CebWvJct6Fuviv2xMHFA8jk+ihFD+NyzQ=
Subject key identifier: 58:0B:CB:FC:AD:DF:1D:C2:F7:D0:67:62:6E:15:0E:95:6F:C6:40:69
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BCC4A35D447FB579522ACB690B584B371
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WAvL_K3fHcL30GdibhUOlW_GQGk.roa
Signing time: Tue 14 Nov 2023 05:24:57 +0000
ROA not before: Tue 14 Nov 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 193.124.36.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 10:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:4a:35:d4:47:fb:57:95:22:ac:b6:90:b5:84:b3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=580bcbfcaddf1dc2f7d067626e150e956fc64069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:23:bd:30:25:cd:05:2d:a8:79:32:79:87:79:
b8:ca:2e:c9:ab:5b:35:04:6e:53:ce:e9:e5:5f:68:
31:62:e9:7d:1c:6e:6f:fe:89:f8:42:1f:83:86:36:
5d:57:89:20:4f:e4:24:ab:a2:64:2a:cc:99:55:8a:
e2:01:4d:03:c8:ab:83:6a:33:b4:95:9a:18:87:65:
a4:8d:11:69:c9:a1:33:55:5a:f6:16:93:12:ea:35:
22:aa:ce:78:df:99:b1:f2:b3:e5:62:be:60:de:78:
f9:96:a2:8e:bb:12:f1:55:34:ae:f2:5f:c1:41:40:
86:94:57:52:82:21:dc:52:40:c8:2b:db:93:9b:97:
0c:17:18:1f:96:45:fd:3b:14:26:d5:0c:61:15:2b:
ab:03:64:05:e9:9f:59:14:62:17:4a:40:d9:b4:1c:
22:ae:d0:78:c8:76:86:d1:00:1b:75:b1:90:f1:b8:
c7:72:63:1b:43:c2:93:c7:23:42:92:e3:67:45:17:
a0:d1:d9:d7:68:a5:42:ea:70:6d:93:c2:18:5d:e7:
2e:70:49:65:8b:d4:55:1e:03:9b:c7:2f:e6:5c:5d:
74:f8:c3:f0:28:e3:75:9d:51:6a:6e:34:70:6e:69:
75:da:6b:56:11:0b:79:69:25:3b:f5:63:9f:4b:1d:
87:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0B:CB:FC:AD:DF:1D:C2:F7:D0:67:62:6E:15:0E:95:6F:C6:40:69
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WAvL_K3fHcL30GdibhUOlW_GQGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.36.0/24
195.58.36.0/24
212.192.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:77:b7:7e:6d:cf:bd:02:11:36:d7:6e:28:de:e8:63:d9:b4:
b5:40:a5:0f:be:59:60:f0:13:fe:d7:d8:d3:33:dc:da:35:2e:
fc:25:07:33:21:88:4a:b0:fd:f7:5f:2b:71:55:05:38:7b:cd:
04:3b:b8:31:d7:04:1f:e0:41:53:14:aa:89:38:d0:4e:95:b1:
a1:18:27:c6:c6:1b:7c:9e:94:90:ca:57:95:c0:d5:9b:d1:2a:
15:4e:b2:b7:57:9b:89:06:26:9d:df:c5:34:fb:52:e7:fb:d2:
47:8d:5b:70:73:87:26:c3:1c:d7:81:28:f2:09:1a:42:62:47:
8d:f2:7f:ff:40:ca:da:a5:b4:e8:0a:2c:64:3c:de:dd:50:f3:
12:10:15:ae:82:b8:2c:be:db:bd:f0:66:e0:8f:1e:3f:d1:a6:
20:70:4c:34:96:20:0e:64:74:9b:02:cb:25:5d:b6:32:54:70:
bd:53:61:bc:9b:be:55:96:bf:70:24:93:10:f4:66:93:bf:0a:
02:c9:05:3d:c5:20:84:df:26:e9:e9:37:4a:46:24:28:db:f6:
8a:db:55:1b:a8:9e:72:ca:7e:4e:dd:85:68:22:07:82:a6:35:
ca:fd:31:e7:7a:a3:ce:2c:8d:aa:ba:74:c3:95:13:02:50:ab:
5d:0f:7f:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvMSjXUR/tXlSKstpC1hLNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE0MDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODBiY2JmY2FkZGYxZGMyZjdkMDY3NjI2ZTE1MGU5NTZmYzY0MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCO9MCXNBS2oeTJ5h3m4yi7Jq1s1
BG5TzunlX2gxYul9HG5v/on4Qh+DhjZdV4kgT+Qkq6JkKsyZVYriAU0DyKuDajO0
lZoYh2WkjRFpyaEzVVr2FpMS6jUiqs5435mx8rPlYr5g3nj5lqKOuxLxVTSu8l/B
QUCGlFdSgiHcUkDIK9uTm5cMFxgflkX9OxQm1QxhFSurA2QF6Z9ZFGIXSkDZtBwi
rtB4yHaG0QAbdbGQ8bjHcmMbQ8KTxyNCkuNnRReg0dnXaKVC6nBtk8IYXecucEll
i9RVHgObxy/mXF10+MPwKON1nVFqbjRwbml12mtWEQt5aSU79WOfSx2HqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgLy/yt3x3C99BnYm4VDpVvxkBpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV0F2TF9LM2ZIY0wzMEdkaWJoVU9sV19HUUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwkAwQA
wzokAwQA1MDyMA0GCSqGSIb3DQEBCwUAA4IBAQArd7d+bc+9AhE2124o3uhj2bS1
QKUPvllg8BP+19jTM9zaNS78JQczIYhKsP33XytxVQU4e80EO7gx1wQf4EFTFKqJ
ONBOlbGhGCfGxht8npSQyleVwNWb0SoVTrK3V5uJBiad38U0+1Ln+9JHjVtwc4cm
wxzXgSjyCRpCYkeN8n//QMrapbToCixkPN7dUPMSEBWugrgsvtu98Gbgjx4/0aYg
cEw0liAOZHSbAsslXbYyVHC9U2G8m75Vlr9wJJMQ9GaTvwoCyQU9xSCE3ybp6TdK
RiQo2/aK21UbqJ5yyn5O3YVoIgeCpjXK/THneqPOLI2qunTDlRMCUKtdD38a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org