Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X06RRd0i-nPrB-xdxSsB3iinJLQ.roa
File: X06RRd0i-nPrB-xdxSsB3iinJLQ.roa (raw, json)
Hash identifier: yd4C6m52TNMEFkw/uNRTCD+nTVSHWMM8aOcX2bYmL+A=
Subject key identifier: 5F:4E:91:45:DD:22:FA:73:EB:07:EC:5D:C5:2B:01:DE:28:A7:24:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E0E5D05BF013E1807200BC27F1AEC500B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X06RRd0i-nPrB-xdxSsB3iinJLQ.roa
Signing time: Tue 05 Mar 2024 11:26:01 +0000
ROA not before: Tue 05 Mar 2024 11:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 18:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:5d:05:bf:01:3e:18:07:20:0b:c2:7f:1a:ec:50:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 5 11:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f4e9145dd22fa73eb07ec5dc52b01de28a724b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:b0:86:d3:81:7d:53:d9:8f:58:fc:52:fa:
3a:f4:13:55:7d:66:3d:aa:e4:4e:ea:36:17:fc:0c:
e5:4b:d7:bf:62:1c:19:80:9a:24:da:e0:96:dc:94:
63:72:b8:e6:8b:e6:0e:e4:d8:4a:53:28:55:de:f1:
0c:63:43:16:57:c0:ff:aa:dd:db:e8:cd:3d:ff:19:
ea:ec:77:08:3f:f6:ba:30:ad:9e:c5:06:c1:8f:ef:
45:c0:00:10:bb:55:09:fa:0d:da:d2:51:45:a8:82:
98:bc:94:b0:10:f5:e9:5f:52:f7:6c:17:f0:f9:91:
d5:63:75:6b:de:b1:94:76:b9:9c:65:cc:84:04:36:
c1:b4:dc:6b:4d:12:88:96:74:cb:ab:a1:c8:35:8e:
43:79:92:7a:0c:ae:38:10:b4:7a:91:bf:4a:81:a9:
74:11:b6:1c:1c:fa:f8:22:86:fc:d2:55:02:a7:4e:
ed:85:1e:d5:9f:27:ca:35:2e:ac:91:3b:e0:35:dd:
51:04:31:fa:87:17:cf:5a:be:29:95:a7:c9:d1:bc:
9f:19:54:34:20:b8:e5:13:7d:db:d7:52:a5:26:12:
80:d8:63:67:50:e2:a8:29:cf:9c:d7:6c:59:e8:ed:
11:16:59:56:fe:66:d2:a1:c1:27:ca:19:da:a0:90:
ed:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4E:91:45:DD:22:FA:73:EB:07:EC:5D:C5:2B:01:DE:28:A7:24:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X06RRd0i-nPrB-xdxSsB3iinJLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.203.0/24
194.87.22.0/24
194.87.32.0/24
194.87.142.0/24
194.87.169.0/24
194.87.245.0/24
195.133.6.0/24
195.133.25.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
81:66:fa:f1:bf:2d:c7:7b:78:a1:99:96:14:10:3c:2a:3c:c4:
53:2d:a9:73:e5:bf:f5:8f:eb:5c:04:15:9d:67:0a:44:f4:06:
b6:c5:bf:b3:30:6b:72:2c:b7:ab:a4:cb:ac:de:3e:80:8f:ab:
82:47:6a:18:9f:c0:e8:96:24:e1:0c:7b:87:b4:b0:42:19:24:
40:41:85:5d:52:9e:69:0a:6f:d9:be:36:ba:52:a0:40:5d:d4:
d1:3b:cf:8f:6a:20:b5:18:a7:0f:6c:7a:d2:98:b4:b2:76:b5:
e7:47:f8:3a:78:0e:22:c2:4c:ee:5e:ec:9b:01:03:ca:a7:71:
2b:1f:e8:0a:65:9d:78:99:7e:99:43:4c:7a:e4:66:b3:19:e7:
29:d7:ac:db:ff:1d:41:40:5f:7e:da:18:e0:6c:f7:3a:a3:27:
bc:f6:e7:47:62:e9:09:48:f4:a8:55:de:4b:ef:9f:40:3b:c9:
87:6c:cf:0c:69:a7:89:36:b1:e0:a9:2b:77:3a:a7:eb:a1:56:
c6:07:cb:92:10:aa:50:f7:5e:74:91:e2:7d:17:77:6f:55:e5:
0d:71:61:f4:65:e5:7c:0b:15:23:53:1a:b6:e1:1c:91:1d:a1:
48:ce:cb:cd:f0:69:fa:7c:c3:d4:8b:8e:73:f4:ff:ed:52:eb:
56:cc:37:d6
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY4OXQW/AT4YByALwn8a7FALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA1MTEyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjRlOTE0NWRkMjJmYTczZWIwN2VjNWRjNTJiMDFkZTI4YTcyNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiiwhtOBfVPZj1j8Uvo69BNVfWY9
quRO6jYX/AzlS9e/YhwZgJok2uCW3JRjcrjmi+YO5NhKUyhV3vEMY0MWV8D/qt3b
6M09/xnq7HcIP/a6MK2exQbBj+9FwAAQu1UJ+g3a0lFFqIKYvJSwEPXpX1L3bBfw
+ZHVY3Vr3rGUdrmcZcyEBDbBtNxrTRKIlnTLq6HINY5DeZJ6DK44ELR6kb9Kgal0
EbYcHPr4Iob80lUCp07thR7VnyfKNS6skTvgNd1RBDH6hxfPWr4plafJ0byfGVQ0
ILjlE33b11KlJhKA2GNnUOKoKc+c12xZ6O0RFllW/mbSocEnyhnaoJDt/QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF9OkUXdIvpz6wfsXcUrAd4opyS0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWDA2UlJkMGktblByQi14ZHhTc0IzaWluSkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwHAwQA
wXzLAwQAwlcWAwQAwlcgAwQAwleOAwQAwlepAwQAwlf1AwQAw4UGAwQAw4UZAwQA
w4VVAwQAw4XAAwQA1MABAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQCBZvrxvy3H
e3ihmZYUEDwqPMRTLalz5b/1j+tcBBWdZwpE9Aa2xb+zMGtyLLerpMus3j6Aj6uC
R2oYn8DoliThDHuHtLBCGSRAQYVdUp5pCm/Zvja6UqBAXdTRO8+PaiC1GKcPbHrS
mLSydrXnR/g6eA4iwkzuXuybAQPKp3ErH+gKZZ14mX6ZQ0x65GazGecp16zb/x1B
QF9+2hjgbPc6oye89udHYukJSPSoVd5L759AO8mHbM8MaaeJNrHgqSt3OqfroVbG
B8uSEKpQ9150keJ9F3dvVeUNcWH0ZeV8CxUjUxq24RyRHaFIzsvN8Gn6fMPUi45z
9P/tUutWzDfW
-----END CERTIFICATE-----
Generated at Thu Mar 7 22:37:29 2024 by rpki-client on console-ams.rpki-client.org