Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YmwUOQOqGfsAUToKCByElae276k.roa
File: YmwUOQOqGfsAUToKCByElae276k.roa (raw, json)
Hash identifier: 4Z3yWrELDEVec9qvz9/Cw+OK95dMQMccjt81jOhjcg4=
Subject key identifier: 62:6C:14:39:03:AA:19:FB:00:51:3A:0A:08:1C:84:95:A7:B6:EF:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E413C27F68709AC20FD7E0DCFDF476739
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YmwUOQOqGfsAUToKCByElae276k.roa
Signing time: Fri 15 Mar 2024 08:30:45 +0000
ROA not before: Fri 15 Mar 2024 08:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 16 Mar 2024 16:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:3c:27:f6:87:09:ac:20:fd:7e:0d:cf:df:47:67:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 08:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=626c143903aa19fb00513a0a081c8495a7b6efa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:62:ea:68:b7:66:71:ef:20:91:f6:f7:df:bf:
cd:f9:bd:cf:b7:3d:91:62:4a:b8:b7:61:4f:14:6f:
6d:c1:8c:79:e2:6d:97:1b:df:06:4c:b3:48:02:6d:
ef:10:47:57:d0:97:fd:27:77:9a:58:bd:fb:63:c6:
c8:b8:59:ec:92:ac:2c:1a:b7:a7:ca:cc:cd:28:b4:
9d:7a:91:8c:02:18:95:23:a6:02:9d:65:61:97:74:
1f:09:0d:f7:09:29:78:5c:63:62:a9:3d:19:d9:37:
d4:8a:af:ca:2e:91:11:94:6c:f9:1d:80:40:a6:71:
25:c3:43:69:77:2a:fb:1d:d4:00:2b:60:e7:64:fa:
50:4e:58:a8:15:f7:f6:19:c4:5f:e4:1d:8a:ec:e0:
e2:d2:cf:0c:af:ab:5c:cc:8a:87:e5:e1:c3:a3:a7:
b5:65:8d:42:b1:69:55:d1:74:48:fb:34:85:dd:71:
b6:e8:8a:40:2d:1c:6c:1e:1e:f2:b3:c3:d2:64:13:
04:d8:d3:47:24:97:90:13:5d:d3:2d:91:63:b0:96:
4b:53:5d:dd:d1:4e:90:6d:f7:80:82:11:30:f2:71:
5e:d0:fc:b8:50:7b:e9:75:83:17:52:24:36:9d:6d:
24:55:9f:ff:68:d3:73:83:d5:fe:62:42:36:e0:83:
9d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6C:14:39:03:AA:19:FB:00:51:3A:0A:08:1C:84:95:A7:B6:EF:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YmwUOQOqGfsAUToKCByElae276k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
44:6a:d4:19:06:0c:6e:9d:55:78:21:08:65:0a:f5:80:9d:b9:
7e:e8:22:5b:da:c4:31:f3:d3:dc:bb:45:b6:55:73:6a:ef:11:
44:ed:c7:db:ab:29:a4:0c:2c:f5:4e:56:7c:15:6b:ff:08:ff:
c0:8c:1c:4d:88:70:6a:90:fb:20:09:69:c4:f8:46:5f:c6:fd:
6f:94:89:21:a3:42:71:8b:fe:5d:fc:49:34:7f:be:62:c9:bd:
f4:f7:d9:d9:c3:dd:cf:c3:fc:be:0a:6b:bb:fb:e2:7e:d6:81:
11:3a:27:1b:19:2c:99:84:89:19:20:be:90:b7:7d:15:d5:8a:
bc:ac:33:a7:24:25:9c:7c:15:99:75:cc:d6:bb:85:11:87:26:
72:26:5a:ac:14:8f:88:c7:0e:04:95:e4:18:b7:44:72:7b:ae:
e4:9a:7d:6a:37:5f:31:c9:fb:92:fa:ff:3a:7d:42:86:9a:a5:
39:47:de:e2:9b:4b:7d:29:f0:f3:22:2f:2b:b2:46:db:7d:13:
f0:a3:f4:39:f7:26:f7:e2:fe:ae:bb:92:a1:df:1c:5e:c7:05:
80:7b:a2:4a:2f:51:93:5b:ee:7b:49:a3:5a:e5:e4:a8:c2:96:
e0:11:0b:76:0f:7f:71:fe:ab:ed:4e:2a:b4:67:99:0a:eb:fb:
15:53:cf:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY5BPCf2hwmsIP1+Dc/fR2c5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzE1MDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZjMTQzOTAzYWExOWZiMDA1MTNhMGEwODFjODQ5NWE3YjZlZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2LqaLdmce8gkfb337/N+b3Ptz2R
Ykq4t2FPFG9twYx54m2XG98GTLNIAm3vEEdX0Jf9J3eaWL37Y8bIuFnskqwsGren
yszNKLSdepGMAhiVI6YCnWVhl3QfCQ33CSl4XGNiqT0Z2TfUiq/KLpERlGz5HYBA
pnElw0Npdyr7HdQAK2DnZPpQTlioFff2GcRf5B2K7ODi0s8Mr6tczIqH5eHDo6e1
ZY1CsWlV0XRI+zSF3XG26IpALRxsHh7ys8PSZBME2NNHJJeQE13TLZFjsJZLU13d
0U6QbfeAghEw8nFe0Py4UHvpdYMXUiQ2nW0kVZ//aNNzg9X+YkI24IOdwQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGJsFDkDqhn7AFE6CggchJWntu+pMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWW13VU9RT3FHZnNBVVRvS0NCeUVsYWUyNzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAwXwHAwQA
wlepAwQAwlf1AwQAw4UZAwQA1MABMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkq
hkiG9w0BAQsFAAOCAQEARGrUGQYMbp1VeCEIZQr1gJ25fugiW9rEMfPT3LtFtlVz
au8RRO3H26sppAws9U5WfBVr/wj/wIwcTYhwapD7IAlpxPhGX8b9b5SJIaNCcYv+
XfxJNH++Ysm99PfZ2cPdz8P8vgpru/viftaBETonGxksmYSJGSC+kLd9FdWKvKwz
pyQlnHwVmXXM1ruFEYcmciZarBSPiMcOBJXkGLdEcnuu5Jp9ajdfMcn7kvr/On1C
hpqlOUfe4ptLfSnw8yIvK7JG230T8KP0Ofcm9+L+rruSod8cXscFgHuiSi9Rk1vu
e0mjWuXkqMKW4BELdg9/cf6r7U4qtGeZCuv7FVPP7g==
-----END CERTIFICATE-----
Generated at Sat Mar 16 17:35:45 2024 by rpki-client on console-fra.rpki-client.org