Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhEz0hMHfprO6sADd4OkuPvdNw0.roa
File: WhEz0hMHfprO6sADd4OkuPvdNw0.roa (raw, json)
Hash identifier: BE919rF8Tbis+A26HN8YmmNPQxbY4iQzMgEw+PfCznc=
Subject key identifier: 5A:11:33:D2:13:07:7E:9A:CE:EA:C0:03:77:83:A4:B8:FB:DD:37:0D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018824552FF717C386EB6F7BE75CEB4C3630
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhEz0hMHfprO6sADd4OkuPvdNw0.roa
Signing time: Tue 16 May 2023 11:32:22 +0000
ROA not before: Tue 16 May 2023 11:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:55:2f:f7:17:c3:86:eb:6f:7b:e7:5c:eb:4c:36:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 16 11:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a1133d213077e9aceeac0037783a4b8fbdd370d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:57:c2:8d:9c:31:c1:bf:5c:f8:52:6f:21:1e:
51:61:c8:05:18:11:09:34:4e:b6:f4:7d:34:72:bd:
85:c0:66:fe:a1:5d:21:b3:04:72:38:e1:d7:66:fa:
41:a3:47:ac:5d:69:d2:fd:27:62:83:89:1b:c1:d5:
ca:0e:6c:a0:72:d7:c1:7b:63:5c:fe:08:7b:15:aa:
10:74:2c:50:70:56:31:b2:eb:96:9e:40:6d:6b:76:
d0:95:0d:9b:87:42:f3:db:3b:57:4b:fc:4d:8f:2c:
71:a2:6e:2c:c8:7d:83:ff:c2:a6:1c:d2:cb:d1:e6:
37:21:8b:02:c9:08:c3:e9:51:d4:ea:7a:da:36:b6:
68:f5:bf:72:4b:cd:8e:15:1d:ff:55:57:04:00:b1:
e1:e6:d8:28:15:1d:77:1a:67:3f:a3:39:84:7a:07:
57:34:83:a5:34:c6:93:3e:9e:3f:27:ef:1d:a6:97:
d1:e3:5e:4b:a6:35:4e:74:58:5a:45:23:58:7a:fa:
b7:ed:69:2e:0a:c4:3b:c4:2d:db:4e:92:39:4d:3f:
77:37:c8:9e:05:06:34:22:de:17:ba:de:bc:7b:e0:
df:ef:22:f4:08:35:0e:21:15:9d:e6:96:ef:91:e8:
77:eb:09:3d:7c:5a:11:fe:da:e0:fe:8b:6e:7f:65:
ca:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:11:33:D2:13:07:7E:9A:CE:EA:C0:03:77:83:A4:B8:FB:DD:37:0D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WhEz0hMHfprO6sADd4OkuPvdNw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:89:98:6f:c9:be:27:ff:51:65:98:f6:09:f0:a3:fa:9e:b0:
af:c9:83:50:18:74:36:70:3a:52:cf:0c:9f:02:87:62:29:97:
36:32:d7:d1:3c:79:79:9b:38:bd:24:71:b0:52:6f:48:03:54:
ab:19:1f:23:40:98:9b:ab:49:85:f8:7d:6d:41:8c:c9:e8:e3:
38:ce:d9:2b:b0:4f:33:00:9a:f3:93:90:d8:bb:d7:14:89:96:
33:f9:f2:be:cb:47:89:85:fa:d2:dc:b0:64:26:e7:66:bb:85:
65:d7:dd:c1:75:e0:9c:f5:8c:2f:7b:8e:57:6f:76:2a:a2:21:
3b:6f:a9:90:71:0c:e5:f2:14:0d:7b:8d:ed:83:2b:17:09:f1:
9d:39:9e:9c:c0:69:5b:09:68:b0:52:b9:ef:b8:f3:24:86:f1:
5b:d3:4a:3c:e9:1e:f2:b0:01:89:16:11:c2:c5:24:30:e9:ef:
e1:7f:65:89:eb:3c:ec:04:fd:a7:cd:15:a5:62:6a:3c:9a:cb:
10:36:32:e6:4f:92:34:56:97:f8:15:02:f0:99:25:df:93:f5:
00:8a:04:50:2d:ca:08:ff:bb:68:73:f5:e2:a6:76:ae:e2:bf:
a9:2f:b4:12:1a:08:ba:7f:fc:97:70:81:5e:ee:41:f6:84:2f:
49:f1:70:f2
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYgkVS/3F8OG629751zrTDYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE2MTEzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTExMzNkMjEzMDc3ZTlhY2VlYWMwMDM3NzgzYTRiOGZiZGQzNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FfCjZwxwb9c+FJvIR5RYcgFGBEJ
NE629H00cr2FwGb+oV0hswRyOOHXZvpBo0esXWnS/Sdig4kbwdXKDmygctfBe2Nc
/gh7FaoQdCxQcFYxsuuWnkBta3bQlQ2bh0Lz2ztXS/xNjyxxom4syH2D/8KmHNLL
0eY3IYsCyQjD6VHU6nraNrZo9b9yS82OFR3/VVcEALHh5tgoFR13Gmc/ozmEegdX
NIOlNMaTPp4/J+8dppfR415LpjVOdFhaRSNYevq37WkuCsQ7xC3bTpI5TT93N8ie
BQY0It4Xut68e+Df7yL0CDUOIRWd5pbvkeh36wk9fFoR/trg/otuf2XK8wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFFoRM9ITB36azurAA3eDpLj73TcNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV2hFejBoTUhmcHJPNnNBRGQ0T2t1UHZkTncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAwXzLMAwD
BADCOi0DBATCOiADBADCVxsDBADCV3YDBADCV4gDBADCV6UDBADCV6sDBADCV8YD
BAHCV9ADBAHCV94DBAPDOjgDBADDhTcDBADDhcMDBAHUwAADBADUwQAwDQYJKoZI
hvcNAQELBQADggEBAD+JmG/Jvif/UWWY9gnwo/qesK/Jg1AYdDZwOlLPDJ8Ch2Ip
lzYy19E8eXmbOL0kcbBSb0gDVKsZHyNAmJurSYX4fW1BjMno4zjO2SuwTzMAmvOT
kNi71xSJljP58r7LR4mF+tLcsGQm52a7hWXX3cF14Jz1jC97jldvdiqiITtvqZBx
DOXyFA17je2DKxcJ8Z05npzAaVsJaLBSue+48ySG8VvTSjzpHvKwAYkWEcLFJDDp
7+F/ZYnrPOwE/afNFaViajyayxA2MuZPkjRWl/gVAvCZJd+T9QCKBFAtygj/u2hz
9eKmdq7iv6kvtBIaCLp//JdwgV7uQfaEL0nxcPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org