Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b9D1tFtA4Q6Qz5UMXZnaf-Y4isw.roa
File: b9D1tFtA4Q6Qz5UMXZnaf-Y4isw.roa (raw, json)
Hash identifier: HQyYRR7j3pNIZZuf7tDTp28Kc/xnDCl6K8xJZ+Q9KIw=
Subject key identifier: 6F:D0:F5:B4:5B:40:E1:0E:90:CF:95:0C:5D:99:DA:7F:E6:38:8A:CC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E74A887080D4E0B9E6AAA7588796D61D3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b9D1tFtA4Q6Qz5UMXZnaf-Y4isw.roa
Signing time: Mon 25 Mar 2024 08:09:45 +0000
ROA not before: Mon 25 Mar 2024 08:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 11:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:a8:87:08:0d:4e:0b:9e:6a:aa:75:88:79:6d:61:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 25 08:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fd0f5b45b40e10e90cf950c5d99da7fe6388acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:b4:c6:f6:81:fe:11:20:34:f7:5e:3d:9b:
74:76:4f:e0:32:e7:12:1a:6f:a1:ce:9e:26:39:05:
05:ef:6b:f7:d4:6a:6b:ee:5e:0b:2e:77:94:84:2d:
d3:fc:fe:9e:88:fd:da:60:92:de:ef:77:08:59:80:
b4:88:1b:d3:f8:73:15:ca:b9:6e:d9:43:cc:db:84:
89:dc:4f:17:97:84:e6:05:44:f1:46:9f:0d:3b:38:
38:8e:5c:53:49:ae:35:bc:98:29:78:87:65:2f:74:
e4:e9:57:1a:9b:8c:af:f9:fc:29:af:19:7f:25:d3:
2b:03:05:70:22:75:08:08:66:55:52:80:df:e1:1d:
13:8d:e8:1d:70:4c:df:c7:20:81:36:7b:62:09:f3:
e9:13:af:02:d5:19:c5:12:13:a2:cf:a4:a3:de:e1:
fb:d9:0e:4b:61:57:fd:51:12:c5:d0:41:e1:fd:60:
fc:81:06:40:d7:d3:b9:b2:ed:37:a9:61:51:d3:14:
20:23:ec:c9:03:c8:93:15:99:39:c3:9b:2b:d6:dc:
bc:2c:07:51:d1:6b:f4:1e:8e:d9:3b:da:91:13:67:
b5:fd:4a:0b:f7:d5:d8:65:42:74:51:d7:69:04:9a:
1b:28:9d:e3:7e:cb:a1:88:85:80:a2:f3:bc:80:93:
fc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D0:F5:B4:5B:40:E1:0E:90:CF:95:0C:5D:99:DA:7F:E6:38:8A:CC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/b9D1tFtA4Q6Qz5UMXZnaf-Y4isw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
86:65:15:a1:14:63:a5:84:6d:57:1f:a6:27:5e:03:41:72:bd:
d1:42:bc:c3:5d:39:07:fd:1c:b9:d7:57:9a:0f:45:f5:6c:2f:
bc:0b:52:cc:02:01:e7:d8:be:c6:e8:68:8e:2c:f2:44:81:c8:
37:a0:17:a1:f0:44:c8:ee:56:0f:16:73:1b:ef:86:f3:13:c2:
e6:30:7f:7c:b0:cd:ed:38:a2:dd:f0:eb:3c:f8:0b:ba:29:ea:
09:10:ac:a8:9d:c2:ef:95:44:24:7a:af:e6:7d:64:fc:4c:f1:
ab:f4:1e:20:26:9e:52:24:8a:8b:df:f5:93:31:3d:7e:b4:b8:
4d:2c:3f:1d:21:48:83:98:97:f1:61:bc:98:6e:29:70:51:0d:
7a:4d:05:9f:32:e4:b8:67:85:34:8f:d6:98:44:12:45:dc:5b:
7a:3e:ae:55:15:24:3d:e3:4c:1c:26:ad:f7:d1:97:1f:cd:07:
38:76:e7:09:01:75:12:90:51:63:74:a4:34:4e:ee:81:ef:00:
49:d7:e1:62:b4:9a:8b:36:70:10:6e:e0:24:30:64:a2:e8:30:
88:a0:b6:bc:cc:8f:d2:d3:ab:8e:f0:86:ce:a1:fd:66:c3:9f:
df:d2:d3:6b:09:9c:e4:ac:0e:fd:f6:d7:5d:26:46:76:f4:ad:
4e:6d:fb:33
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY50qIcIDU4LnmqqdYh5bWHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzI1MDgwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQwZjViNDViNDBlMTBlOTBjZjk1MGM1ZDk5ZGE3ZmU2Mzg4YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLq0xvaB/hEgNPdePZt0dk/gMucS
Gm+hzp4mOQUF72v31Gpr7l4LLneUhC3T/P6eiP3aYJLe73cIWYC0iBvT+HMVyrlu
2UPM24SJ3E8Xl4TmBUTxRp8NOzg4jlxTSa41vJgpeIdlL3Tk6Vcam4yv+fwprxl/
JdMrAwVwInUICGZVUoDf4R0TjegdcEzfxyCBNntiCfPpE68C1RnFEhOiz6Sj3uH7
2Q5LYVf9URLF0EHh/WD8gQZA19O5su03qWFR0xQgI+zJA8iTFZk5w5sr1ty8LAdR
0Wv0Ho7ZO9qRE2e1/UoL99XYZUJ0UddpBJobKJ3jfsuhiIWAovO8gJP8XwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG/Q9bRbQOEOkM+VDF2Z2n/mOIrMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYjlEMXRGdEE0UTZRejVVTVhabmFmLVk0aXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwhAwQA
wlcjAwQAwlc+AwQAwle/AwQAwlfbAwQAwlf8AwQA1MAJMA0GCSqGSIb3DQEBCwUA
A4IBAQCGZRWhFGOlhG1XH6YnXgNBcr3RQrzDXTkH/Ry511eaD0X1bC+8C1LMAgHn
2L7G6GiOLPJEgcg3oBeh8ETI7lYPFnMb74bzE8LmMH98sM3tOKLd8Os8+Au6KeoJ
EKyoncLvlUQkeq/mfWT8TPGr9B4gJp5SJIqL3/WTMT1+tLhNLD8dIUiDmJfxYbyY
bilwUQ16TQWfMuS4Z4U0j9aYRBJF3Ft6Pq5VFSQ940wcJq330ZcfzQc4ducJAXUS
kFFjdKQ0Tu6B7wBJ1+FitJqLNnAQbuAkMGSi6DCIoLa8zI/S06uO8IbOof1mw5/f
0tNrCZzkrA799tddJkZ29K1Obfsz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org