Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a1n9WQeHQ0ieEGEEnhddgjrGfYI.roa
File: a1n9WQeHQ0ieEGEEnhddgjrGfYI.roa (raw, json)
Hash identifier: boNCTNHvwHdC9Bd5Zw33Ci11siwc3Ki5z6znUAFDQqo=
Subject key identifier: 6B:59:FD:59:07:87:43:48:9E:10:61:04:9E:17:5D:82:3A:C6:7D:82
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191412DC748A54751586BABE9CD27F95B03
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a1n9WQeHQ0ieEGEEnhddgjrGfYI.roa
Signing time: Sun 11 Aug 2024 11:23:24 +0000
ROA not before: Sun 11 Aug 2024 11:23:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.26.0/23 maxlen: 24
195.133.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 14 Aug 2024 07:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:2d:c7:48:a5:47:51:58:6b:ab:e9:cd:27:f9:5b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 11:23:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b59fd59078743489e1061049e175d823ac67d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:38:4d:cb:01:32:67:7c:cb:51:59:8d:a0:8e:
2d:ab:22:6a:29:01:14:8e:a9:58:3b:25:ef:7a:96:
2e:f8:c0:71:6f:84:d4:8f:be:06:d6:5a:6e:e5:b1:
78:ff:6d:b1:9c:dd:bc:7a:a8:da:15:f9:72:97:74:
36:d2:e4:90:32:0a:61:8a:50:a7:b2:0e:97:4a:4d:
60:1a:a8:f6:58:32:b7:f0:d7:61:eb:5c:d7:c5:9b:
c7:a6:cb:82:73:b4:ce:48:65:f7:4a:36:25:6f:1a:
b5:a3:13:65:3d:70:f3:16:3a:e0:57:60:1b:a3:71:
f2:72:c2:d7:b9:11:27:48:73:e1:b1:6b:c5:c3:e0:
2a:c4:0d:e1:a1:de:8f:76:ec:f4:66:47:8f:bc:0d:
c2:90:26:95:48:1b:39:38:5b:4c:b4:2c:59:9d:10:
59:79:dc:95:be:08:4a:6e:de:f1:9a:46:27:f8:09:
c8:f3:e0:56:f6:ae:13:66:3a:14:c3:bb:98:0d:94:
9f:06:7a:1e:bd:b8:7b:7e:cb:1e:d1:56:da:65:44:
67:22:ab:e3:9a:b1:58:95:49:76:03:18:64:67:c8:
7b:01:e2:bb:29:72:03:84:19:8d:9f:7a:2c:8c:d8:
f7:60:93:76:02:a9:ba:61:fb:2c:e0:90:7c:64:d1:
68:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:59:FD:59:07:87:43:48:9E:10:61:04:9E:17:5D:82:3A:C6:7D:82
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a1n9WQeHQ0ieEGEEnhddgjrGfYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.118.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
Signature Algorithm: sha256WithRSAEncryption
60:6a:1b:38:01:8d:ce:6c:f1:c2:c3:e4:5b:b8:15:f5:c3:6a:
71:51:79:38:60:f0:77:ad:d9:22:82:fc:2e:b9:99:c0:00:f7:
4f:0c:3b:59:ae:06:33:11:90:56:fd:c0:35:a1:7c:67:71:a2:
09:db:8b:09:99:58:4b:2d:85:d9:b0:e0:61:99:f1:3f:09:c3:
14:f9:2f:b4:d6:bc:a7:fd:00:91:10:44:b0:d2:2b:08:6c:72:
93:41:05:8c:62:92:b6:4c:2a:6e:41:ef:a3:84:9e:63:96:a5:
28:5a:c8:15:b6:05:ef:68:c7:a8:52:28:99:4b:78:92:34:cd:
13:25:5d:48:00:58:33:f4:93:4d:c8:32:3a:d2:a8:a4:5d:4c:
8f:30:d5:36:78:d3:2f:4e:dd:a2:30:ea:8c:e3:68:14:9a:af:
7e:73:84:1a:f3:94:d1:9e:71:29:aa:06:35:a0:da:4b:18:60:
d0:36:3a:4b:cd:f9:12:b5:30:8c:27:7a:6e:45:a4:57:5b:fd:
2e:fc:ff:22:e1:00:db:e4:de:e1:5e:da:f8:e5:93:23:97:a8:
71:ab:90:67:17:1c:db:d7:e5:d6:da:a6:9a:a1:1e:26:e4:6b:
64:04:dd:7e:1d:ba:84:66:c6:6f:bd:1d:5e:fd:a3:db:d8:a8:
1a:93:ee:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFBLcdIpUdRWGur6c0n+VsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODExMTEyMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU5ZmQ1OTA3ODc0MzQ4OWUxMDYxMDQ5ZTE3NWQ4MjNhYzY3ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDhNywEyZ3zLUVmNoI4tqyJqKQEU
jqlYOyXvepYu+MBxb4TUj74G1lpu5bF4/22xnN28eqjaFflyl3Q20uSQMgphilCn
sg6XSk1gGqj2WDK38Ndh61zXxZvHpsuCc7TOSGX3SjYlbxq1oxNlPXDzFjrgV2Ab
o3HycsLXuREnSHPhsWvFw+AqxA3hod6Pduz0ZkePvA3CkCaVSBs5OFtMtCxZnRBZ
edyVvghKbt7xmkYn+AnI8+BW9q4TZjoUw7uYDZSfBnoevbh7fsse0VbaZURnIqvj
mrFYlUl2AxhkZ8h7AeK7KXIDhBmNn3osjNj3YJN2Aqm6Yfss4JB8ZNFoswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGtZ/VkHh0NInhBhBJ4XXYI6xn2CMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYTFuOVdRZUhRMGllRUdFRW5oZGRnanJHZllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwld2AwQB
w4UKAwQBw4UaAwQBw4U0MA0GCSqGSIb3DQEBCwUAA4IBAQBgahs4AY3ObPHCw+Rb
uBX1w2pxUXk4YPB3rdkigvwuuZnAAPdPDDtZrgYzEZBW/cA1oXxncaIJ24sJmVhL
LYXZsOBhmfE/CcMU+S+01ryn/QCREESw0isIbHKTQQWMYpK2TCpuQe+jhJ5jlqUo
WsgVtgXvaMeoUiiZS3iSNM0TJV1IAFgz9JNNyDI60qikXUyPMNU2eNMvTt2iMOqM
42gUmq9+c4Qa85TRnnEpqgY1oNpLGGDQNjpLzfkStTCMJ3puRaRXW/0u/P8i4QDb
5N7hXtr45ZMjl6hxq5BnFxzb1+XW2qaaoR4m5GtkBN1+HbqEZsZvvR1e/aPb2Kga
k+4a
-----END CERTIFICATE-----
Generated at Wed Aug 14 08:58:52 2024 by rpki-client on console-fra.rpki-client.org