Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b83nL0MZEA8056vFb-Ce0cEGa6w.roa
File: b83nL0MZEA8056vFb-Ce0cEGa6w.roa (raw, json)
Hash identifier: lmQ5UrosWiZvXBMqmvte89eapO2GZftIPbLFk2IMCy0=
Subject key identifier: 6F:CD:E7:2F:43:19:10:0F:34:E7:AB:C5:6F:E0:9E:D1:C1:06:6B:AC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CB49CD6AC85880E69E29BC8770FE358A7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b83nL0MZEA8056vFb-Ce0cEGa6w.roa
Signing time: Fri 29 Dec 2023 08:07:06 +0000
ROA not before: Fri 29 Dec 2023 08:07:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210107
IP address blocks: 194.58.42.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:9c:d6:ac:85:88:0e:69:e2:9b:c8:77:0f:e3:58:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 29 08:07:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fcde72f4319100f34e7abc56fe09ed1c1066bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:72:b7:a6:3d:da:30:7a:76:fb:13:ea:1b:23:
22:7b:fe:22:79:9a:86:6d:68:7a:77:5f:61:04:35:
03:59:f0:b4:5f:44:e3:3c:98:4d:bd:a3:f0:6e:09:
5c:54:42:94:e9:f5:7e:65:40:c8:78:07:c2:32:d2:
df:9d:86:f8:47:d2:fd:9e:04:8e:af:1e:9d:32:17:
fc:a4:5e:b2:23:45:e4:0a:10:8a:14:10:d6:f1:83:
6d:84:06:ca:61:8b:aa:95:cb:cc:b4:eb:f2:a1:65:
88:4f:24:f6:5a:47:af:93:b3:4b:d5:03:5a:0b:be:
f4:23:52:4f:e4:c1:a4:1c:dd:d3:74:70:ad:e1:b1:
ba:df:1c:15:2c:a8:56:ef:5f:c8:dd:fe:0a:dd:33:
ec:13:84:5d:c3:ff:86:98:23:3d:49:ca:11:0c:be:
fe:98:0c:a2:51:7a:17:2c:34:5a:56:ef:8b:6f:61:
20:67:94:29:2f:29:d5:6e:7b:88:04:b3:74:9f:b4:
4f:38:32:6a:1f:81:bf:66:eb:a0:95:26:08:dc:d5:
51:8d:3e:a8:cf:a6:46:e8:cb:00:bc:85:d0:9c:d5:
07:20:49:d9:ce:51:17:f2:3e:c5:c2:f4:73:34:7c:
69:13:40:13:79:c2:8f:86:9f:c8:00:b9:4a:7a:cb:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CD:E7:2F:43:19:10:0F:34:E7:AB:C5:6F:E0:9E:D1:C1:06:6B:AC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b83nL0MZEA8056vFb-Ce0cEGa6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
194.58.42.0/24
194.87.81.0/24
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
15:95:70:29:41:9f:a8:34:bf:76:26:7d:68:07:a7:49:e6:69:
9f:47:05:da:84:43:6a:64:3d:ef:94:42:f0:06:ce:b4:8f:5d:
b4:cd:e3:4d:99:d4:80:76:82:aa:ee:f7:b8:87:bc:85:d0:f0:
e1:73:05:9e:a8:a9:1c:bd:03:08:6a:7d:cf:57:66:b9:c7:a4:
a3:05:df:f1:76:87:0c:22:55:50:31:4e:28:de:56:d0:28:ee:
bc:60:64:f4:2a:ff:a9:03:21:09:ad:74:15:61:15:55:73:77:
45:17:68:77:ae:51:9b:cb:4b:9d:c8:f9:58:e2:b6:11:b2:f6:
44:02:8b:1e:4e:4e:0a:02:ff:ee:56:6f:e6:0f:4e:12:fc:d0:
26:b8:81:da:44:e4:d0:4a:94:69:38:70:74:e5:4a:a2:ce:59:
19:4a:2f:dd:66:83:84:08:3e:9d:7d:e1:41:ad:4e:9b:a0:a6:
9a:6e:f0:aa:b6:e0:ac:26:32:e7:5d:b2:c4:e5:ab:f8:8a:1c:
67:82:63:9b:bb:52:2b:8d:29:17:76:c3:83:17:dd:fc:75:d8:
78:57:24:e0:9b:09:e2:8d:c3:0e:34:6d:2f:fa:f7:d7:2a:a0:
0b:3e:b1:07:90:9d:32:1b:4e:30:c1:70:9d:33:ac:5e:5e:ce:
88:d5:04:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYy0nNashYgOaeKbyHcP41inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI5MDgwNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNkZTcyZjQzMTkxMDBmMzRlN2FiYzU2ZmUwOWVkMWMxMDY2YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonK3pj3aMHp2+xPqGyMie/4ieZqG
bWh6d19hBDUDWfC0X0TjPJhNvaPwbglcVEKU6fV+ZUDIeAfCMtLfnYb4R9L9ngSO
rx6dMhf8pF6yI0XkChCKFBDW8YNthAbKYYuqlcvMtOvyoWWITyT2Wkevk7NL1QNa
C770I1JP5MGkHN3TdHCt4bG63xwVLKhW71/I3f4K3TPsE4Rdw/+GmCM9ScoRDL7+
mAyiUXoXLDRaVu+Lb2EgZ5QpLynVbnuIBLN0n7RPODJqH4G/ZuuglSYI3NVRjT6o
z6ZG6MsAvIXQnNUHIEnZzlEX8j7FwvRzNHxpE0ATecKPhp/IALlKest/TwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG/N5y9DGRAPNOerxW/gntHBBmusMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYjgzbkwwTVpFQTgwNTZ2RmItQ2UwY0VHYTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHy3AwQA
wjoqAwQAwldRAwQA1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQAVlXApQZ+oNL92Jn1o
B6dJ5mmfRwXahENqZD3vlELwBs60j120zeNNmdSAdoKq7ve4h7yF0PDhcwWeqKkc
vQMIan3PV2a5x6SjBd/xdocMIlVQMU4o3lbQKO68YGT0Kv+pAyEJrXQVYRVVc3dF
F2h3rlGby0udyPlY4rYRsvZEAoseTk4KAv/uVm/mD04S/NAmuIHaROTQSpRpOHB0
5UqizlkZSi/dZoOECD6dfeFBrU6boKaabvCqtuCsJjLnXbLE5av4ihxngmObu1Ir
jSkXdsODF938ddh4VyTgmwnijcMONG0v+vfXKqALPrEHkJ0yG04wwXCdM6xeXs6I
1QSO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org