Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aqLhiQ-FZMyWQrC6lGneHF-oQaw.roa
File: aqLhiQ-FZMyWQrC6lGneHF-oQaw.roa (raw, json)
Hash identifier: /ODGFh/WN6Hr/YfUdPR1Sd1nDh1VOr9jvoHE3oQ4g2M=
Subject key identifier: 6A:A2:E1:89:0F:85:64:CC:96:42:B0:BA:94:69:DE:1C:5F:A8:41:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01894346F88284775271647ADA081E3F9407
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aqLhiQ-FZMyWQrC6lGneHF-oQaw.roa
Signing time: Tue 11 Jul 2023 04:47:51 +0000
ROA not before: Tue 11 Jul 2023 04:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jul 2023 11:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:46:f8:82:84:77:52:71:64:7a:da:08:1e:3f:94:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 04:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa2e1890f8564cc9642b0ba9469de1c5fa841ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2d:06:07:a2:4f:97:67:10:68:a3:20:ee:b8:
b0:4d:0b:c4:85:67:84:fb:46:32:90:d7:e3:86:c8:
33:38:61:3b:31:15:d9:07:eb:0c:d4:dd:92:1d:3a:
b7:c5:93:e7:16:bf:07:da:7c:1e:a4:f7:c3:18:9b:
ff:a2:27:e7:eb:be:8c:ed:df:2b:27:17:c8:11:7e:
c7:e4:5e:08:d3:31:a0:70:a4:81:08:0a:37:35:e2:
5b:fb:4f:ec:ce:1e:86:da:97:26:ce:5a:1f:fb:5e:
d4:48:0c:82:fd:35:1d:5e:24:d3:d0:aa:25:0a:19:
40:8f:37:3d:bd:d0:cf:c8:26:ba:d9:ba:75:c3:6e:
bc:1c:d9:94:c9:42:27:aa:80:3b:6d:09:cc:61:0d:
23:ec:0d:65:68:ec:58:e1:53:df:f6:a6:54:63:9f:
8c:f6:d2:bb:41:7b:d1:e8:aa:88:1e:3d:bb:c2:f2:
af:7b:82:04:12:f0:8f:ba:59:6f:03:1c:8c:2a:3e:
69:72:91:67:b8:d5:8e:6a:5a:2e:0a:ab:53:37:76:
45:1c:b6:20:8f:c9:87:c2:0b:b4:0e:95:6d:52:72:
8c:3a:7d:84:4c:01:76:72:1c:86:4b:8b:10:c3:6e:
43:86:c5:fd:39:be:06:c7:74:41:4a:bb:b6:f8:85:
2c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A2:E1:89:0F:85:64:CC:96:42:B0:BA:94:69:DE:1C:5F:A8:41:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aqLhiQ-FZMyWQrC6lGneHF-oQaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
193.124.3.0/24
193.124.8.0/24
194.58.59.0/24
194.87.22.0/24
194.87.161.0/24
194.87.229.0/24
195.133.28.0/24
212.192.30.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7e:6b:80:a1:e9:94:60:14:2b:ed:3d:e5:2f:f7:d4:74:01:
27:23:a2:14:22:c6:cd:d2:c5:94:27:57:44:69:c3:71:57:6b:
27:57:d7:f3:f3:af:80:ad:31:0b:7e:55:46:4d:7e:dd:3d:28:
f2:f5:50:f4:fb:4b:79:e7:22:5a:b8:71:be:d3:81:a9:9f:b3:
03:e4:74:f3:2f:30:d6:80:db:c2:15:89:17:db:60:cc:0c:8d:
db:e7:9c:44:ab:cd:b7:aa:65:31:0e:e6:55:00:46:f1:70:28:
9a:61:e6:02:d7:e5:9d:bb:e7:61:ab:3a:23:1f:74:4d:39:57:
65:55:0d:75:ba:bd:0d:5c:be:89:9b:a8:60:ea:65:a4:66:d8:
18:ab:57:38:7b:0f:5a:1b:26:c8:85:c5:d3:7e:aa:a4:62:aa:
9f:fe:a0:5a:ec:a0:3c:46:0e:4b:55:bb:89:96:a9:6a:0f:39:
81:21:bb:e1:6c:03:29:09:e3:f8:df:1e:bd:26:8b:cd:60:ea:
ac:7a:68:fc:7c:9c:5a:f1:4b:77:4e:38:f0:3e:d5:12:43:b9:
38:49:03:45:1e:2e:2e:98:fe:94:fc:5c:c4:ca:6b:fa:a4:4a:
c1:fb:d6:27:1f:fa:55:5a:ad:10:d5:c6:2c:73:b0:d2:92:cb:
58:03:9d:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlDRviChHdScWR62ggeP5QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMDQ0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEyZTE4OTBmODU2NGNjOTY0MmIwYmE5NDY5ZGUxYzVmYTg0MWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS0GB6JPl2cQaKMg7riwTQvEhWeE
+0YykNfjhsgzOGE7MRXZB+sM1N2SHTq3xZPnFr8H2nwepPfDGJv/oifn676M7d8r
JxfIEX7H5F4I0zGgcKSBCAo3NeJb+0/szh6G2pcmzlof+17USAyC/TUdXiTT0Kol
ChlAjzc9vdDPyCa62bp1w268HNmUyUInqoA7bQnMYQ0j7A1laOxY4VPf9qZUY5+M
9tK7QXvR6KqIHj27wvKve4IEEvCPullvAxyMKj5pcpFnuNWOalouCqtTN3ZFHLYg
j8mHwgu0DpVtUnKMOn2ETAF2chyGS4sQw25DhsX9Ob4Gx3RBSru2+IUsWwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGqi4YkPhWTMlkKwupRp3hxfqEGsMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYXFMaGlRLUZaTXlXUXJDNmxHbmVIRi1vUWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAuUgLAwQA
wXwDAwQAwXwIAwQAwjo7AwQAwlcWAwQAwlehAwQAwlflAwQAw4UcAwQA1MAeAwQA
1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQBgfmuAoemUYBQr7T3lL/fUdAEnI6IUIsbN
0sWUJ1dEacNxV2snV9fz86+ArTELflVGTX7dPSjy9VD0+0t55yJauHG+04Gpn7MD
5HTzLzDWgNvCFYkX22DMDI3b55xEq823qmUxDuZVAEbxcCiaYeYC1+Wdu+dhqzoj
H3RNOVdlVQ11ur0NXL6Jm6hg6mWkZtgYq1c4ew9aGybIhcXTfqqkYqqf/qBa7KA8
Rg5LVbuJlqlqDzmBIbvhbAMpCeP43x69JovNYOqsemj8fJxa8Ut3TjjwPtUSQ7k4
SQNFHi4umP6U/FzEymv6pErB+9YnH/pVWq0Q1cYsc7DSkstYA52G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org