Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bKwPv_F838NwaaB_tV7i1mRmpkY.roa
File: bKwPv_F838NwaaB_tV7i1mRmpkY.roa (raw, json)
Hash identifier: P61N8RCyvh5hxks/riUpBBpbG3z9bPdBwn1vc4kXcc8=
Subject key identifier: 6C:AC:0F:BF:F1:7C:DF:C3:70:69:A0:7F:B5:5E:E2:D6:64:66:A6:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019301B99CF79D802FF82CE54F48C007FAA0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bKwPv_F838NwaaB_tV7i1mRmpkY.roa
Signing time: Wed 06 Nov 2024 13:46:01 +0000
ROA not before: Wed 06 Nov 2024 13:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.222.0/23 maxlen: 24
195.58.56.0/21 maxlen: 24
212.192.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 15:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:b9:9c:f7:9d:80:2f:f8:2c:e5:4f:48:c0:07:fa:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 13:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cac0fbff17cdfc37069a07fb55ee2d66466a646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:15:bc:63:42:96:b2:28:ac:ca:cb:a9:ed:
13:67:a8:c3:32:ea:1b:a4:da:d6:87:14:11:e7:14:
69:86:d1:3d:36:e0:fc:e5:ab:e6:6a:21:a2:ad:ad:
d7:43:28:80:7e:d0:a9:59:2f:4a:f4:5c:9d:34:b4:
8f:2b:74:a4:91:d0:d7:66:d5:b1:a2:d2:f9:ba:46:
d7:87:13:8e:d0:d2:92:ce:9f:3d:d9:b8:b9:56:3a:
24:a1:d6:b9:37:cf:f4:bf:2d:7b:b2:b8:b1:c3:aa:
a2:90:8c:53:d8:3c:37:04:59:a7:4e:11:4c:6e:6d:
fa:3e:88:6a:76:76:d2:95:22:5e:a4:73:1f:26:5f:
1c:b6:71:77:fd:9a:b8:c5:c4:b1:fd:ec:37:d1:f6:
96:a9:44:7a:9c:66:1a:03:64:ce:5c:2e:7c:c8:a3:
20:e1:41:6f:6e:84:9c:2c:26:d4:58:19:78:c0:17:
90:03:fe:f5:29:19:5c:5b:a8:a6:a8:6e:01:19:a5:
de:48:2e:da:0c:e3:87:6c:27:d7:e1:89:28:28:66:
3e:aa:3a:bb:21:ba:96:21:e0:ed:8e:b6:74:9a:0d:
3e:a8:e7:5c:6d:d5:fd:e0:20:04:86:a0:b9:7a:d0:
5b:7c:4d:08:4c:da:0b:d7:ca:bb:a9:ca:65:17:8b:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AC:0F:BF:F1:7C:DF:C3:70:69:A0:7F:B5:5E:E2:D6:64:66:A6:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bKwPv_F838NwaaB_tV7i1mRmpkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.222.0/23
195.58.56.0/21
212.192.0.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:2d:40:6d:1f:ea:a2:68:d8:27:aa:c1:32:31:f1:31:22:3a:
9f:ec:f7:88:a5:41:a8:84:75:fc:a0:7f:53:b6:06:24:be:0f:
61:b5:34:da:15:02:5a:a3:8e:89:3e:66:45:75:7a:9c:90:cc:
5d:3d:d8:91:92:54:e6:e7:94:61:51:fe:cd:01:50:8d:d4:bb:
6c:b7:e6:86:9d:27:2d:59:65:78:de:91:e6:13:b2:bb:65:47:
59:b5:f6:f0:07:57:b9:53:d8:7d:4a:8d:2c:a4:a7:b7:ac:f7:
9e:cd:25:91:1f:fe:c1:da:d9:41:9b:39:1e:cb:7d:1c:13:f8:
54:6f:05:b9:96:e1:f0:7e:d8:ee:fd:06:62:0e:ad:ae:c3:9a:
ca:51:d0:54:92:8b:2e:0b:ac:87:02:64:c8:b1:05:de:95:33:
30:9e:22:e4:1a:bc:c5:6c:6e:5c:f0:d0:6c:f4:e4:70:0c:99:
55:5d:88:ae:3e:cc:69:b2:9c:26:92:42:c0:49:36:2a:94:30:
42:1c:91:62:5f:8d:7a:92:69:9a:c4:35:2e:cb:37:dc:8c:c5:
c8:a8:ea:21:5e:c2:5b:e4:16:0c:98:13:51:14:3f:32:ac:5c:
65:a0:e5:e1:7c:95:86:f4:a7:dd:01:c0:dc:63:1c:73:56:1a:
20:29:c2:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMBuZz3nYAv+CzlT0jAB/qgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MTM0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FjMGZiZmYxN2NkZmMzNzA2OWEwN2ZiNTVlZTJkNjY0NjZhNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHUVvGNClrIorMrLqe0TZ6jDMuob
pNrWhxQR5xRphtE9NuD85avmaiGira3XQyiAftCpWS9K9FydNLSPK3SkkdDXZtWx
otL5ukbXhxOO0NKSzp892bi5Vjokoda5N8/0vy17srixw6qikIxT2Dw3BFmnThFM
bm36PohqdnbSlSJepHMfJl8ctnF3/Zq4xcSx/ew30faWqUR6nGYaA2TOXC58yKMg
4UFvboScLCbUWBl4wBeQA/71KRlcW6imqG4BGaXeSC7aDOOHbCfX4YkoKGY+qjq7
IbqWIeDtjrZ0mg0+qOdcbdX94CAEhqC5etBbfE0ITNoL18q7qcplF4uiewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGysD7/xfN/DcGmgf7Ve4tZkZqZGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYkt3UHZfRjgzOE53YWFCX3RWN2kxbVJtcGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwlfeAwQD
wzo4AwQB1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQBbLUBtH+qiaNgnqsEyMfExIjqf
7PeIpUGohHX8oH9TtgYkvg9htTTaFQJao46JPmZFdXqckMxdPdiRklTm55RhUf7N
AVCN1Ltst+aGnSctWWV43pHmE7K7ZUdZtfbwB1e5U9h9So0spKe3rPeezSWRH/7B
2tlBmzkey30cE/hUbwW5luHwftju/QZiDq2uw5rKUdBUkosuC6yHAmTIsQXelTMw
niLkGrzFbG5c8NBs9ORwDJlVXYiuPsxpspwmkkLASTYqlDBCHJFiX416kmmaxDUu
yzfcjMXIqOohXsJb5BYMmBNRFD8yrFxloOXhfJWG9KfdAcDcYxxzVhogKcK7
-----END CERTIFICATE-----
Generated at Fri Nov 15 18:09:03 2024 by rpki-client on console-fra.rpki-client.org