Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bqPaKh7pNnujpttU017dSyrZTYE.roa
File: bqPaKh7pNnujpttU017dSyrZTYE.roa (raw, json)
Hash identifier: fXaHIEBWYhGBfHyhg5yYPgp+cP3uopycNGhiyJDnkmU=
Subject key identifier: 6E:A3:DA:2A:1E:E9:36:7B:A3:A6:DB:54:D3:5E:DD:4B:2A:D9:4D:81
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01917B2CDAA5039A6EB07B5C4B8BECAC8EC2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bqPaKh7pNnujpttU017dSyrZTYE.roa
Signing time: Thu 22 Aug 2024 17:40:22 +0000
ROA not before: Thu 22 Aug 2024 17:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.85.251.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.134.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 14:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7b:2c:da:a5:03:9a:6e:b0:7b:5c:4b:8b:ec:ac:8e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 22 17:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ea3da2a1ee9367ba3a6db54d35edd4b2ad94d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9d:97:28:db:29:e6:9a:e4:fa:01:e9:72:c8:
7a:39:ee:88:e7:f8:d4:61:2c:84:a9:b1:d0:38:5c:
7a:8c:a3:56:53:7d:08:a3:7a:2f:df:4d:85:5e:15:
d1:dd:84:d1:d3:c1:a6:ce:e4:7c:0d:ea:de:63:25:
4f:df:a0:c4:75:5d:ac:ff:97:03:1e:29:9f:55:ad:
43:05:fa:9a:1f:76:d4:39:01:10:a1:5a:8b:31:fd:
2f:90:58:c4:63:1d:02:73:80:e0:3f:7b:5d:9c:b8:
ba:0d:3d:7e:ec:27:f0:d0:de:4f:15:6c:c7:f4:ea:
6b:93:2a:91:24:eb:d7:d9:d7:ae:75:60:85:db:13:
87:48:4a:13:1e:45:3c:4e:dc:ad:d2:2d:e2:38:ed:
e2:61:35:e4:12:ba:24:4e:3e:ed:05:62:92:9a:2f:
32:40:c9:17:85:8b:63:a6:66:92:3e:61:85:37:93:
35:2a:cb:ef:66:ee:2c:5c:38:a3:6b:81:d6:00:a5:
77:ce:00:59:64:e1:88:21:e4:ce:b9:82:dc:73:a6:
39:5f:b8:59:fa:c8:21:b5:c8:46:fb:89:ae:97:2e:
6c:2a:bd:d6:59:a7:cd:90:ef:fa:b1:fd:e0:63:a0:
3a:45:46:bf:e9:23:47:2c:76:57:60:d7:91:ad:b3:
2e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A3:DA:2A:1E:E9:36:7B:A3:A6:DB:54:D3:5E:DD:4B:2A:D9:4D:81
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bqPaKh7pNnujpttU017dSyrZTYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.251.0/24
194.87.21.0/24
194.87.114.0/23
194.87.134.0/23
194.87.168.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
28:bc:3a:1e:33:b1:90:a4:71:4a:b0:9b:80:e5:8d:ec:fd:83:
89:b4:a7:cf:52:e0:fb:14:23:ae:cc:5d:61:af:e9:ec:12:31:
6f:56:c0:bb:58:86:c7:27:b6:07:d0:3f:07:84:19:81:a2:e8:
3f:71:34:40:12:60:04:25:1e:dd:c0:fb:c6:7b:a2:66:e9:5b:
a4:f1:a7:9d:51:fb:aa:41:9e:41:69:7e:9b:a3:c1:c7:5a:15:
8a:9b:75:cb:99:41:45:37:d9:57:b4:d0:02:dc:9b:09:b7:a0:
cb:b9:c7:ef:27:b4:03:37:a0:3f:92:57:5c:9e:bb:b3:05:e5:
bf:bd:ea:57:3f:59:6a:4c:88:0a:ed:35:02:f2:e8:ac:92:d2:
55:47:47:94:8d:7f:fb:46:ed:9e:5e:d2:a9:f6:da:95:b2:0e:
ef:9a:ff:d2:ba:95:6a:35:fc:ad:25:2b:46:34:c9:18:c6:81:
af:78:37:28:ad:dc:46:35:a5:c2:c4:ed:7f:89:a7:82:33:d7:
ac:c4:cd:ae:26:34:cf:33:b6:d0:00:7f:d5:74:7d:43:84:9c:
30:b6:24:c2:e4:9a:e2:4f:4f:a2:38:ce:0d:f6:a7:9a:43:87:
37:ee:a4:1b:e9:11:b9:45:62:54:01:92:3d:07:0a:45:88:2e:
af:0f:9a:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZF7LNqlA5pusHtcS4vsrI7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODIyMTc0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWEzZGEyYTFlZTkzNjdiYTNhNmRiNTRkMzVlZGQ0YjJhZDk0ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2p2XKNsp5prk+gHpcsh6Oe6I5/jU
YSyEqbHQOFx6jKNWU30Io3ov302FXhXR3YTR08GmzuR8DereYyVP36DEdV2s/5cD
HimfVa1DBfqaH3bUOQEQoVqLMf0vkFjEYx0Cc4DgP3tdnLi6DT1+7Cfw0N5PFWzH
9OprkyqRJOvX2deudWCF2xOHSEoTHkU8Ttyt0i3iOO3iYTXkErokTj7tBWKSmi8y
QMkXhYtjpmaSPmGFN5M1KsvvZu4sXDija4HWAKV3zgBZZOGIIeTOuYLcc6Y5X7hZ
+sghtchG+4muly5sKr3WWafNkO/6sf3gY6A6RUa/6SNHLHZXYNeRrbMutwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG6j2ioe6TZ7o6bbVNNe3Usq2U2BMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYnFQYUtoN3BObnVqcHR0VTAxN2RTeXJaVFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwlX7AwQA
wlcVAwQBwldyAwQBwleGAwQAwleoAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA
1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQAovDoeM7GQpHFKsJuA5Y3s/YOJtKfPUuD7
FCOuzF1hr+nsEjFvVsC7WIbHJ7YH0D8HhBmBoug/cTRAEmAEJR7dwPvGe6Jm6Vuk
8aedUfuqQZ5BaX6bo8HHWhWKm3XLmUFFN9lXtNAC3JsJt6DLucfvJ7QDN6A/kldc
nruzBeW/vepXP1lqTIgK7TUC8uisktJVR0eUjX/7Ru2eXtKp9tqVsg7vmv/SupVq
NfytJStGNMkYxoGveDcordxGNaXCxO1/iaeCM9esxM2uJjTPM7bQAH/VdH1DhJww
tiTC5JriT0+iOM4N9qeaQ4c37qQb6RG5RWJUAZI9BwpFiC6vD5p9
-----END CERTIFICATE-----
Generated at Fri Aug 30 17:28:47 2024 by rpki-client on console-fra.rpki-client.org