Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WT7lIqOafiysg9pRGRmUt0fMF7Q.roa
File: WT7lIqOafiysg9pRGRmUt0fMF7Q.roa (raw, json)
Hash identifier: IJHJ7d6pxFJOU7qmpv44y8BbhpF6JXB5ZHTMcGLb5DI=
Subject key identifier: 59:3E:E5:22:A3:9A:7E:2C:AC:83:DA:51:19:19:94:B7:47:CC:17:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A744068619CD99A14D28D9BCAA3C0BB58
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WT7lIqOafiysg9pRGRmUt0fMF7Q.roa
Signing time: Fri 08 Sep 2023 10:04:52 +0000
ROA not before: Fri 08 Sep 2023 10:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 08:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:40:68:61:9c:d9:9a:14:d2:8d:9b:ca:a3:c0:bb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 8 10:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=593ee522a39a7e2cac83da51191994b747cc17b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:14:67:c5:02:fc:1a:a7:0d:6b:7e:a9:9b:ba:
5b:3b:10:5f:94:7d:88:51:0b:f6:d2:82:82:2d:c3:
5f:25:be:3c:5e:80:55:b8:fc:ed:7a:a0:09:42:3f:
3f:7a:32:9f:21:5a:89:6e:72:74:09:fd:47:b4:1f:
95:82:26:91:dd:a5:84:49:11:b7:03:2c:f5:00:04:
c6:7e:d9:d7:6e:70:c2:15:41:78:71:a3:4c:90:bc:
4b:a4:99:ec:a2:36:a6:99:39:48:42:76:4d:be:59:
9c:cd:3f:07:ee:7e:03:50:77:c3:58:bb:79:df:07:
af:9c:70:eb:3c:95:2e:3c:10:6b:9a:9c:4c:dc:61:
90:74:38:5e:68:74:6e:f0:0e:2f:72:5f:df:68:43:
a3:81:fe:86:dc:e8:61:24:e9:3d:c0:f0:ee:e8:0c:
5b:45:8c:ef:53:f1:91:f5:16:14:33:95:e3:9f:d2:
32:77:81:c6:af:c4:77:4b:2b:89:eb:2e:8d:15:6c:
ad:b6:21:60:86:d8:e4:45:27:0f:12:d0:6a:79:d3:
82:bf:a5:8a:14:10:72:10:50:ae:3f:fb:e2:f3:14:
a2:f7:cf:78:47:ff:06:7d:85:c1:57:d2:1d:10:cc:
bb:ba:47:e4:3a:60:0b:27:cb:03:a2:01:42:b6:2e:
59:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3E:E5:22:A3:9A:7E:2C:AC:83:DA:51:19:19:94:B7:47:CC:17:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WT7lIqOafiysg9pRGRmUt0fMF7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
193.124.90.0/24
194.58.42.0/24
194.87.76.0/24
194.87.81.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.14.0/23
195.133.25.0/24
195.133.27.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
42:dc:f9:49:d2:66:6f:a1:75:2c:56:ad:39:91:6a:04:a4:65:
1a:ec:74:58:fc:99:a0:90:4b:71:92:f2:1e:83:a9:22:ca:c4:
75:65:19:7a:fa:2e:e9:7c:40:aa:f1:36:22:0d:63:ba:4d:2d:
d9:ee:51:aa:45:e3:99:bb:11:2e:e4:83:19:26:28:c7:47:75:
60:14:47:fe:83:81:20:00:af:9c:3c:71:22:81:c6:2a:8f:0e:
33:03:39:ed:fe:2b:ba:71:6c:14:91:b1:6c:37:66:d3:3f:1b:
4d:34:c1:98:8d:00:a5:4a:70:51:54:cf:97:6e:33:d7:20:d0:
0d:c6:a8:35:3a:29:10:fe:e5:18:4d:66:3d:e1:cc:cb:64:2f:
c2:ec:f8:80:1e:ed:81:d6:34:f1:48:65:6b:3b:09:de:01:b7:
4d:c9:7a:cf:4d:82:d7:37:da:ac:d2:0d:92:5b:4a:99:79:01:
c2:bd:d3:b0:33:fe:27:e4:3f:35:03:18:f8:e8:98:6b:e9:06:
c2:b5:ba:92:5c:48:ba:e0:ed:e2:5f:c0:ab:17:53:aa:c2:b6:
4b:d3:cc:90:51:00:a3:f8:77:32:c1:a7:af:9e:43:d8:5f:be:
b5:57:a8:5c:b8:10:61:8f:86:0e:5a:0a:7f:cc:6c:c3:79:1b:
83:77:2c:ae
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYp0QGhhnNmaFNKNm8qjwLtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA4MTAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNlZTUyMmEzOWE3ZTJjYWM4M2RhNTExOTE5OTRiNzQ3Y2MxN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhRnxQL8GqcNa36pm7pbOxBflH2I
UQv20oKCLcNfJb48XoBVuPzteqAJQj8/ejKfIVqJbnJ0Cf1HtB+VgiaR3aWESRG3
Ayz1AATGftnXbnDCFUF4caNMkLxLpJnsojammTlIQnZNvlmczT8H7n4DUHfDWLt5
3wevnHDrPJUuPBBrmpxM3GGQdDheaHRu8A4vcl/faEOjgf6G3OhhJOk9wPDu6Axb
RYzvU/GR9RYUM5Xjn9Iyd4HGr8R3SyuJ6y6NFWyttiFghtjkRScPEtBqedOCv6WK
FBByEFCuP/vi8xSi9894R/8GfYXBV9IdEMy7ukfkOmALJ8sDogFCti5Z9QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFk+5SKjmn4srIPaURkZlLdHzBe0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV1Q3bElxT2FmaXlzZzlwUkdSbVV0MGZNRjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHy0AwQA
wXxaAwQAwjoqAwQAwldMAwQAwldRAwQAwlesAwQAwlfQAwQAwlfiAwQAwlfnAwQB
w4UOAwQAw4UZAwQAw4UbAwQA1MAEAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQBC
3PlJ0mZvoXUsVq05kWoEpGUa7HRY/JmgkEtxkvIeg6kiysR1ZRl6+i7pfECq8TYi
DWO6TS3Z7lGqReOZuxEu5IMZJijHR3VgFEf+g4EgAK+cPHEigcYqjw4zAznt/iu6
cWwUkbFsN2bTPxtNNMGYjQClSnBRVM+XbjPXINANxqg1OikQ/uUYTWY94czLZC/C
7PiAHu2B1jTxSGVrOwneAbdNyXrPTYLXN9qs0g2SW0qZeQHCvdOwM/4n5D81Axj4
6Jhr6QbCtbqSXEi64O3iX8CrF1OqwrZL08yQUQCj+HcywaevnkPYX761V6hcuBBh
j4YOWgp/zGzDeRuDdyyu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org