Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y1JFwDgmirHyv5Tb9FDOHVC7fwo.roa
File: Y1JFwDgmirHyv5Tb9FDOHVC7fwo.roa (raw, json)
Hash identifier: pzvjKQgFkDP3/vBxPF06eo4F0mQaYcfCgRNBiqAuP44=
Subject key identifier: 63:52:45:C0:38:26:8A:B1:F2:BF:94:DB:F4:50:CE:1D:50:BB:7F:0A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191FFC9ED20F1725871F3D26AE9422782B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y1JFwDgmirHyv5Tb9FDOHVC7fwo.roa
Signing time: Tue 17 Sep 2024 11:41:49 +0000
ROA not before: Tue 17 Sep 2024 11:41:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 194.87.77.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 18:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:c9:ed:20:f1:72:58:71:f3:d2:6a:e9:42:27:82:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 17 11:41:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=635245c038268ab1f2bf94dbf450ce1d50bb7f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:d6:53:2f:7c:b9:bf:27:7e:2f:de:7f:89:
b8:f7:21:a4:7a:81:59:82:5a:43:27:70:4d:53:b1:
4e:2e:74:89:55:55:9c:d5:64:19:c1:ec:e4:61:82:
85:4f:21:2e:13:76:5b:9b:76:2b:3c:3a:79:f8:4f:
76:70:a6:d2:eb:51:3c:77:5f:cc:7a:42:e7:a5:b6:
d9:b2:85:25:6f:30:83:3a:b2:42:72:7c:07:f2:1e:
62:0a:c3:14:7e:ba:7c:b3:0b:5a:26:15:44:fd:fd:
05:3c:0e:a4:69:40:bc:d5:2d:c8:f0:52:db:b6:bf:
5b:90:cc:87:79:55:cb:27:78:1d:2b:64:d1:23:d8:
0d:90:51:98:a3:e8:2c:18:5b:00:70:10:2f:01:21:
d4:28:f3:50:e7:98:84:f6:70:dd:d8:f0:c3:1c:09:
5b:11:81:c9:74:1d:58:56:97:a6:b8:72:b7:32:47:
6c:cc:44:89:a4:19:2a:56:9d:8c:66:e7:0f:8d:8b:
c7:f3:a9:46:b2:f5:2c:e1:26:87:a5:b7:67:31:43:
b2:48:4d:d0:af:0d:51:14:5d:30:e6:5f:65:7e:59:
e8:f3:da:8f:70:43:79:13:8f:30:04:9a:9c:db:1d:
33:9b:d1:93:10:80:4c:a7:09:ef:99:6d:0b:5f:87:
8c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:52:45:C0:38:26:8A:B1:F2:BF:94:DB:F4:50:CE:1D:50:BB:7F:0A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Y1JFwDgmirHyv5Tb9FDOHVC7fwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.77.0/24
194.87.85.0/24
195.133.18.0/24
195.133.26.0/24
212.192.246.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ee:e1:90:5b:41:b0:f5:ab:5f:02:da:55:e1:1a:90:4d:35:
9e:90:ba:30:48:e3:a0:28:21:88:02:fe:74:6b:2e:19:ee:45:
cb:28:4b:98:4d:57:7c:44:5d:54:1a:10:1b:2a:25:39:0f:cc:
a7:16:83:25:60:91:b3:33:02:ee:8b:73:3f:b2:05:b5:4e:9e:
a1:28:0b:6b:00:33:21:2b:a2:a5:48:a9:03:74:8f:f1:6a:5b:
8f:ad:05:2a:9c:b3:0f:9e:69:07:39:8b:1b:91:a3:92:02:15:
75:fa:8e:fd:f7:56:8a:44:fd:c7:41:34:8d:98:14:d3:db:24:
f8:d4:2e:4d:ce:64:4f:dd:fb:d8:17:d5:31:39:ed:03:94:52:
82:85:5a:81:1b:14:96:24:64:d5:8c:b7:dc:22:10:2d:3f:e0:
fd:6a:cf:f2:f0:08:58:0a:ce:55:3f:d5:64:0b:b4:76:16:2e:
37:b8:0e:0f:59:20:08:d8:d1:2f:d7:a8:93:5a:6b:00:59:e7:
1f:8a:03:50:ac:9a:91:b8:22:e8:54:88:01:b8:8c:f9:f2:23:
e0:03:64:3b:b1:b7:74:f8:96:73:8b:03:63:ab:3d:ab:dc:a4:
1a:3f:09:30:53:14:3c:43:f8:4f:43:38:f2:2c:c2:08:63:4a:
21:7e:5e:ba
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZH/ye0g8XJYcfPSaulCJ4K2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTE3MTE0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzUyNDVjMDM4MjY4YWIxZjJiZjk0ZGJmNDUwY2UxZDUwYmI3ZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBzWUy98ub8nfi/ef4m49yGkeoFZ
glpDJ3BNU7FOLnSJVVWc1WQZwezkYYKFTyEuE3Zbm3YrPDp5+E92cKbS61E8d1/M
ekLnpbbZsoUlbzCDOrJCcnwH8h5iCsMUfrp8swtaJhVE/f0FPA6kaUC81S3I8FLb
tr9bkMyHeVXLJ3gdK2TRI9gNkFGYo+gsGFsAcBAvASHUKPNQ55iE9nDd2PDDHAlb
EYHJdB1YVpemuHK3MkdszESJpBkqVp2MZucPjYvH86lGsvUs4SaHpbdnMUOySE3Q
rw1RFF0w5l9lflno89qPcEN5E48wBJqc2x0zm9GTEIBMpwnvmW0LX4eM2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGNSRcA4Joqx8r+U2/RQzh1Qu38KMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWTFKRndEZ21pckh5djVUYjlGRE9IVkM3ZndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwldNAwQA
wldVAwQAw4USAwQAw4UaAwQA1MD2AwQA1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQBT
7uGQW0Gw9atfAtpV4RqQTTWekLowSOOgKCGIAv50ay4Z7kXLKEuYTVd8RF1UGhAb
KiU5D8ynFoMlYJGzMwLui3M/sgW1Tp6hKAtrADMhK6KlSKkDdI/xaluPrQUqnLMP
nmkHOYsbkaOSAhV1+o7991aKRP3HQTSNmBTT2yT41C5NzmRP3fvYF9UxOe0DlFKC
hVqBGxSWJGTVjLfcIhAtP+D9as/y8AhYCs5VP9VkC7R2Fi43uA4PWSAI2NEv16iT
WmsAWecfigNQrJqRuCLoVIgBuIz58iPgA2Q7sbd0+JZziwNjqz2r3KQaPwkwUxQ8
Q/hPQzjyLMIIY0ohfl66
-----END CERTIFICATE-----
Generated at Tue Sep 17 21:03:17 2024 by rpki-client on console-ams.rpki-client.org