Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YV2I3V-oxxFOVjYviSt1rLFrAu4.roa
File: YV2I3V-oxxFOVjYviSt1rLFrAu4.roa (raw, json)
Hash identifier: SCAw6hMNu19L32QI1ysa6oxEXSc1NWCPxdbmXEhl8k4=
Subject key identifier: 61:5D:88:DD:5F:A8:C7:11:4E:56:36:2F:89:2B:75:AC:B1:6B:02:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189B618B5BABE5822655D007DDBB453D8E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YV2I3V-oxxFOVjYviSt1rLFrAu4.roa
Signing time: Wed 02 Aug 2023 11:53:39 +0000
ROA not before: Wed 02 Aug 2023 11:53:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.135.30.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 17:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:18:b5:ba:be:58:22:65:5d:00:7d:db:b4:53:d8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 11:53:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=615d88dd5fa8c7114e56362f892b75acb16b02ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:62:36:93:8f:13:f0:f8:4e:7f:56:31:c6:76:
ec:c6:5f:89:2e:54:6b:3c:58:59:9f:42:b5:32:9c:
c6:42:e0:85:5f:71:4f:0a:a9:32:60:87:a6:af:02:
11:b4:f8:b9:22:77:99:57:e6:b2:c2:bf:0b:66:44:
0f:2c:ef:8c:88:c6:43:68:e8:55:ec:37:11:08:8d:
5d:28:53:14:6c:d7:b4:cd:b6:0a:f8:87:6a:82:30:
16:fb:c5:3b:da:a5:1e:e9:d3:a1:c1:5a:7f:eb:ce:
9b:43:7f:15:67:02:5a:73:da:f6:29:69:83:e4:02:
22:76:8c:e1:41:ee:7d:9a:52:95:55:76:1b:04:2f:
6e:a5:ef:dc:04:4f:17:0d:f6:fc:fb:98:46:b0:c5:
f6:2e:02:99:90:7c:b7:90:d8:5e:2b:d1:6c:b7:d2:
c5:f4:12:30:73:e4:6f:4f:bc:4e:ce:43:22:93:b0:
70:2f:45:76:a8:27:bf:a3:bf:2f:32:d6:04:2e:1e:
1b:a6:d0:63:74:d1:e7:cd:c6:07:dd:62:97:d9:72:
d0:8c:99:b1:3f:09:17:ce:b5:2d:18:de:2a:b2:cb:
0e:4e:48:7f:8e:97:c0:77:65:5b:83:67:dd:91:f5:
00:52:77:50:ac:6c:9d:62:a2:46:0e:92:06:ba:b6:
34:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5D:88:DD:5F:A8:C7:11:4E:56:36:2F:89:2B:75:AC:B1:6B:02:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YV2I3V-oxxFOVjYviSt1rLFrAu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.201.0/24
194.87.181.0/24
194.135.30.0/24
212.192.0.0/24
212.192.248.0/24
212.192.250.0/23
Signature Algorithm: sha256WithRSAEncryption
25:42:63:b6:ae:f2:aa:29:12:4b:6f:84:e3:fd:31:7d:7b:96:
50:6d:79:c7:e3:4a:c4:da:2d:e2:21:e0:ac:13:bd:30:30:1e:
a2:fa:33:13:2e:fa:55:cf:4c:21:8d:16:c3:1a:f9:0f:1b:a4:
18:04:74:cb:a0:12:23:2f:ea:e9:1e:c8:9b:be:eb:e3:b9:04:
40:81:63:64:dd:24:cb:59:e6:9a:98:30:2d:41:88:02:9a:4f:
ac:fd:fd:13:33:0f:4e:a4:ea:ae:26:fb:bd:0c:13:2b:16:17:
c2:59:94:e8:b0:c1:b6:6a:2e:df:30:17:8d:ef:10:6d:93:6a:
11:a4:65:9f:c7:43:fe:eb:02:85:e7:61:8a:58:67:21:b3:df:
36:53:c2:99:c2:ce:9a:b6:47:da:dc:cb:ac:94:eb:58:c3:85:
7d:a4:66:9f:b8:e1:b1:05:c2:5f:83:89:ab:85:78:0c:23:61:
1c:f3:48:f6:73:ce:6a:85:86:83:69:10:3d:25:7a:22:4b:45:
cd:49:c2:d1:7f:5a:6f:9a:17:a7:11:ee:2f:f1:4a:80:51:3c:
4c:ad:84:f2:1a:4a:56:e4:6a:5e:a0:0e:d7:7c:66:87:eb:3a:
24:75:d3:56:11:80:5a:06:f3:d0:b9:4e:9d:9e:eb:7b:c4:86:
1c:1b:67:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYm2GLW6vlgiZV0Afdu0U9jmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAyMTE1MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVkODhkZDVmYThjNzExNGU1NjM2MmY4OTJiNzVhY2IxNmIwMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2I2k48T8PhOf1Yxxnbsxl+JLlRr
PFhZn0K1MpzGQuCFX3FPCqkyYIemrwIRtPi5IneZV+aywr8LZkQPLO+MiMZDaOhV
7DcRCI1dKFMUbNe0zbYK+IdqgjAW+8U72qUe6dOhwVp/686bQ38VZwJac9r2KWmD
5AIidozhQe59mlKVVXYbBC9upe/cBE8XDfb8+5hGsMX2LgKZkHy3kNheK9Fst9LF
9BIwc+RvT7xOzkMik7BwL0V2qCe/o78vMtYELh4bptBjdNHnzcYH3WKX2XLQjJmx
PwkXzrUtGN4qsssOTkh/jpfAd2Vbg2fdkfUAUndQrGydYqJGDpIGurY0jwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGFdiN1fqMcRTlY2L4krdayxawLuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVYySTNWLW94eEZPVmpZdmlTdDFyTEZyQXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXzJAwQA
wle1AwQAwoceAwQA1MAAAwQA1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUAA4IBAQAl
QmO2rvKqKRJLb4Tj/TF9e5ZQbXnH40rE2i3iIeCsE70wMB6i+jMTLvpVz0whjRbD
GvkPG6QYBHTLoBIjL+rpHsibvuvjuQRAgWNk3STLWeaamDAtQYgCmk+s/f0TMw9O
pOquJvu9DBMrFhfCWZTosMG2ai7fMBeN7xBtk2oRpGWfx0P+6wKF52GKWGchs982
U8KZws6atkfa3MuslOtYw4V9pGafuOGxBcJfg4mrhXgMI2Ec80j2c85qhYaDaRA9
JXoiS0XNScLRf1pvmhenEe4v8UqAUTxMrYTyGkpW5GpeoA7XfGaH6zokddNWEYBa
BvPQuU6dnut7xIYcG2eo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org