Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_zuB0dtivm-oV5Y8fJEJyhIczs8.roa
File: _zuB0dtivm-oV5Y8fJEJyhIczs8.roa (raw, json)
Hash identifier: FlUSm2vqzs9GTq3nuFizqn9tV05K1Hz6QeenaeCX+OM=
Subject key identifier: FF:3B:81:D1:DB:62:BE:6F:A8:57:96:3C:7C:91:09:CA:12:1C:CE:CF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189501F8E5AA595BF128A31613AE1785019
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_zuB0dtivm-oV5Y8fJEJyhIczs8.roa
Signing time: Thu 13 Jul 2023 16:39:52 +0000
ROA not before: Thu 13 Jul 2023 16:39:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jul 2023 15:56:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:1f:8e:5a:a5:95:bf:12:8a:31:61:3a:e1:78:50:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 13 16:39:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff3b81d1db62be6fa857963c7c9109ca121ccecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:84:67:a9:cb:75:a4:e7:4a:08:40:f7:3f:12:
f8:db:08:bc:a0:0d:ed:49:0a:73:34:a3:01:68:6f:
ee:92:7c:d6:44:ed:bf:55:b8:2e:0a:ec:0a:ee:2d:
01:59:dc:f4:c1:79:21:75:d1:cb:6e:e2:ff:e6:02:
51:1f:ec:34:6b:de:08:67:5f:b7:a3:bb:47:5e:1e:
89:73:ea:6f:ca:4d:2a:64:66:47:44:ee:3d:a0:43:
45:45:73:d6:13:10:a7:96:7c:f1:18:5e:38:fc:b9:
92:2e:c6:6f:cb:80:a9:d6:bf:4f:7b:a9:8d:95:f8:
e0:ac:7d:4c:f9:6b:d9:07:66:1f:46:ff:63:59:77:
8e:da:e3:b5:cd:f1:19:89:86:9a:c0:91:01:52:25:
9e:7d:a6:02:db:b5:ef:a3:b5:a3:69:5b:2b:4c:93:
0b:db:05:74:72:ac:3d:47:3e:56:2a:81:b4:16:b9:
37:65:83:9c:20:33:5f:8c:5e:27:74:98:b4:f5:1b:
6e:75:2d:24:b1:27:2c:74:db:69:05:a1:c0:d6:22:
02:ee:56:86:de:2e:d7:0a:56:ff:9c:40:b4:64:b4:
9f:97:fa:2f:80:85:ad:e5:38:a8:69:5c:23:3c:cb:
63:7f:b8:0d:34:00:51:56:f0:19:3c:45:57:0c:05:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3B:81:D1:DB:62:BE:6F:A8:57:96:3C:7C:91:09:CA:12:1C:CE:CF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_zuB0dtivm-oV5Y8fJEJyhIczs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.53.0/24
194.87.160.0/24
194.87.243.0/24
194.135.23.0/24
194.135.46.0/24
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a6:0b:76:e8:34:8d:96:11:91:20:95:42:69:3d:0e:76:b8:
52:cf:83:b1:ab:0a:de:a7:19:89:3c:ce:c4:09:31:09:06:85:
cc:c3:95:ce:a2:07:77:14:aa:a2:65:81:5e:21:d5:85:10:51:
7e:e4:e4:6e:b2:ee:84:57:48:fe:8e:93:82:d1:73:0d:44:8e:
a9:d7:62:16:4c:bb:ec:00:ad:e6:e0:ce:5f:41:84:61:82:4f:
bd:53:61:d9:db:a7:25:a5:01:d0:3f:60:52:f1:9d:87:f8:7f:
80:05:a4:df:13:5a:62:1d:ae:2b:5d:6a:fa:6f:1d:2b:2d:2f:
2a:a9:5c:7f:f8:66:ad:fa:b3:2a:0d:e3:fe:45:57:2b:49:73:
59:08:d6:09:a8:1e:b7:26:9e:02:15:b6:c3:c9:69:01:5c:c7:
9a:cc:a6:6a:2f:fa:f6:69:09:63:ad:64:29:26:5b:e6:62:a8:
e8:a3:16:0e:6c:5f:43:fd:0e:e5:8f:60:cf:79:70:99:35:0d:
51:b4:db:a8:f4:d3:6c:62:0e:2b:ca:09:de:f0:17:ac:b3:df:
b8:4a:9a:fc:55:de:b4:54:81:bf:4b:9f:80:67:32:48:a9:28:
14:02:fa:4c:62:53:76:38:cc:66:09:49:b3:10:1c:8f:09:19:
c1:c3:46:49
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlQH45apZW/EooxYTrheFAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEzMTYzOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNiODFkMWRiNjJiZTZmYTg1Nzk2M2M3YzkxMDljYTEyMWNjZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYRnqct1pOdKCED3PxL42wi8oA3t
SQpzNKMBaG/uknzWRO2/VbguCuwK7i0BWdz0wXkhddHLbuL/5gJRH+w0a94IZ1+3
o7tHXh6Jc+pvyk0qZGZHRO49oENFRXPWExCnlnzxGF44/LmSLsZvy4Cp1r9Pe6mN
lfjgrH1M+WvZB2YfRv9jWXeO2uO1zfEZiYaawJEBUiWefaYC27Xvo7WjaVsrTJML
2wV0cqw9Rz5WKoG0Frk3ZYOcIDNfjF4ndJi09RtudS0ksScsdNtpBaHA1iIC7laG
3i7XClb/nEC0ZLSfl/ovgIWt5TioaVwjPMtjf7gNNABRVvAZPEVXDAVWIQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP87gdHbYr5vqFeWPHyRCcoSHM7PMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX3p1QjBkdGl2bS1vVjVZOGZKRUp5aEljenM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlc1AwQAwlegAwQAwlfzAwQAwocXAwQAwocuAwQA
w4UlMA0GCSqGSIb3DQEBCwUAA4IBAQALpgt26DSNlhGRIJVCaT0OdrhSz4Oxqwre
pxmJPM7ECTEJBoXMw5XOogd3FKqiZYFeIdWFEFF+5ORusu6EV0j+jpOC0XMNRI6p
12IWTLvsAK3m4M5fQYRhgk+9U2HZ26clpQHQP2BS8Z2H+H+ABaTfE1piHa4rXWr6
bx0rLS8qqVx/+Gat+rMqDeP+RVcrSXNZCNYJqB63Jp4CFbbDyWkBXMeazKZqL/r2
aQljrWQpJlvmYqjooxYObF9D/Q7lj2DPeXCZNQ1RtNuo9NNsYg4rygne8Bess9+4
Spr8Vd60VIG/S5+AZzJIqSgUAvpMYlN2OMxmCUmzEByPCRnBw0ZJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org