Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_mXRZx2Ra5heKvfutaSb8mYP40k.roa
File: _mXRZx2Ra5heKvfutaSb8mYP40k.roa (raw, json)
Hash identifier: JhkpKXrBwYfUxJMm6iYdzll2He4vQxk7Nr7XXWLMf08=
Subject key identifier: FE:65:D1:67:1D:91:6B:98:5E:2A:F7:EE:B5:A4:9B:F2:66:0F:E3:49
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189BA2BC641CC58539A7987D82B3443A2E7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_mXRZx2Ra5heKvfutaSb8mYP40k.roa
Signing time: Thu 03 Aug 2023 06:52:58 +0000
ROA not before: Thu 03 Aug 2023 06:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 22
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
192.124.189.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 12:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:2b:c6:41:cc:58:53:9a:79:87:d8:2b:34:43:a2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 06:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe65d1671d916b985e2af7eeb5a49bf2660fe349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fc:1c:7e:51:e9:0d:7d:71:40:39:a0:a0:91:
ad:5b:b8:35:14:64:d2:df:da:0b:c6:38:84:44:07:
d2:94:0e:ca:8b:a2:76:7d:32:e0:e3:5f:97:cf:12:
30:a3:67:c9:7b:57:4d:39:78:62:84:c6:2d:0f:6c:
e4:48:15:fa:fd:be:cb:16:1b:31:41:78:b0:38:10:
a3:56:9b:f8:3d:ee:35:88:d3:9f:00:1c:22:94:a3:
88:ec:bd:6f:5b:a0:0b:3b:37:dc:67:d0:02:fd:ea:
8a:4b:94:bb:10:9d:ca:1a:be:7e:d2:b6:f1:3d:a8:
30:a1:66:72:08:a0:6d:f2:d0:8d:41:68:9f:53:aa:
d5:a6:d3:51:2b:4d:c0:ed:9f:8e:d5:50:1f:b9:86:
18:0b:76:0a:e8:ce:5b:f0:a7:dd:c5:dc:41:92:c8:
50:ab:53:d0:a8:0e:32:31:92:9c:b2:00:ba:19:bd:
af:90:90:90:c2:6d:84:b7:8b:70:3f:a2:fc:f9:db:
41:a3:f8:7b:79:d4:10:a6:2a:4d:7e:88:2a:83:29:
66:62:43:34:7d:78:fe:03:a6:b5:40:ad:9b:02:85:
7c:b9:39:b4:1c:27:5b:7a:c7:6e:9a:42:53:69:89:
cd:26:c9:73:ec:8f:63:03:da:b9:21:f6:18:90:68:
f3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:65:D1:67:1D:91:6B:98:5E:2A:F7:EE:B5:A4:9B:F2:66:0F:E3:49
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_mXRZx2Ra5heKvfutaSb8mYP40k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
193.124.15.0/24
193.124.24.0/24
194.58.223.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
195.133.83.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
17:00:19:41:c6:fb:ec:d3:0b:fe:98:62:05:51:e5:8c:f7:c4:
26:b7:8b:30:1f:71:17:0e:59:d2:5c:58:70:86:03:83:f0:0d:
26:4c:d1:fe:19:09:07:77:69:ac:8f:d9:54:0e:e1:99:ed:d2:
84:e4:e7:13:47:f4:4e:2b:6a:a9:25:c8:52:a0:f0:ee:c0:f0:
19:67:8f:ea:b3:ab:b5:99:e0:23:3a:06:9f:20:a1:64:43:f1:
da:e2:de:ab:9e:5a:aa:27:bf:e9:8c:aa:e3:91:23:f5:94:0e:
f6:08:cb:53:30:52:2e:0a:b3:eb:f4:6c:39:8b:89:f3:46:0d:
b5:f6:d0:c9:29:92:2a:c8:9e:e7:17:2c:c4:5a:29:ee:4a:5d:
e6:57:76:d1:9d:38:33:95:c4:fa:c7:8b:4a:cc:2d:08:39:ee:
69:10:58:41:6c:2c:6e:18:a5:26:8a:03:90:e2:fc:06:b4:77:
4a:e0:70:e6:06:87:19:3d:7a:a0:31:e0:ff:73:b1:b9:7a:02:
2d:f1:a9:70:29:6a:0f:f3:4a:12:a5:8b:d6:ed:4d:99:fa:91:
62:8a:bd:2e:1a:0d:d6:f9:ec:ae:00:34:b1:25:7c:95:08:55:
16:6c:20:ed:a0:02:f4:9b:20:13:09:f5:42:45:89:a8:85:b4:
8a:d2:7e:bc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYm6K8ZBzFhTmnmH2Cs0Q6LnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAzMDY1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY1ZDE2NzFkOTE2Yjk4NWUyYWY3ZWViNWE0OWJmMjY2MGZlMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfwcflHpDX1xQDmgoJGtW7g1FGTS
39oLxjiERAfSlA7Ki6J2fTLg41+XzxIwo2fJe1dNOXhihMYtD2zkSBX6/b7LFhsx
QXiwOBCjVpv4Pe41iNOfABwilKOI7L1vW6ALOzfcZ9AC/eqKS5S7EJ3KGr5+0rbx
PagwoWZyCKBt8tCNQWifU6rVptNRK03A7Z+O1VAfuYYYC3YK6M5b8KfdxdxBkshQ
q1PQqA4yMZKcsgC6Gb2vkJCQwm2Et4twP6L8+dtBo/h7edQQpipNfogqgylmYkM0
fXj+A6a1QK2bAoV8uTm0HCdbesdumkJTaYnNJslz7I9jA9q5IfYYkGjzaQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFP5l0WcdkWuYXir37rWkm/JmD+NJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX21YUlp4MlJhNWhlS3ZmdXRhU2I4bVlQNDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwHy9AwQA
wXwPAwQAwXwYAwQAwjrfAwQAwlcdAwQAwld7AwQAwodoAwQAw4UVAwQBw4UaAwQA
w4U7AwQAw4VTAwQC1MEYMA0GCSqGSIb3DQEBCwUAA4IBAQAXABlBxvvs0wv+mGIF
UeWM98Qmt4swH3EXDlnSXFhwhgOD8A0mTNH+GQkHd2msj9lUDuGZ7dKE5OcTR/RO
K2qpJchSoPDuwPAZZ4/qs6u1meAjOgafIKFkQ/Ha4t6rnlqqJ7/pjKrjkSP1lA72
CMtTMFIuCrPr9Gw5i4nzRg219tDJKZIqyJ7nFyzEWinuSl3mV3bRnTgzlcT6x4tK
zC0IOe5pEFhBbCxuGKUmigOQ4vwGtHdK4HDmBocZPXqgMeD/c7G5egIt8alwKWoP
80oSpYvW7U2Z+pFiir0uGg3W+eyuADSxJXyVCFUWbCDtoAL0myATCfVCRYmohbSK
0n68
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org