Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cXT7joIuC5TvF6RjjLCTKihjYuI.roa
File: cXT7joIuC5TvF6RjjLCTKihjYuI.roa (raw, json)
Hash identifier: Unf4cKdXX1+eWMIXnnS/tFMjFj0sQLUaATpn/C1SG5k=
Subject key identifier: 71:74:FB:8E:82:2E:0B:94:EF:17:A4:63:8C:B0:93:2A:28:63:62:E2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C398F322F199A84C9D3B9C7BA7250CA93
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cXT7joIuC5TvF6RjjLCTKihjYuI.roa
Signing time: Tue 05 Dec 2023 10:38:54 +0000
ROA not before: Tue 05 Dec 2023 10:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 13:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:8f:32:2f:19:9a:84:c9:d3:b9:c7:ba:72:50:ca:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 10:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7174fb8e822e0b94ef17a4638cb0932a286362e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:48:c9:b8:e0:13:eb:1c:c3:d9:32:9d:fe:
42:29:a2:c9:f1:7a:d0:ed:e5:27:35:52:56:43:8e:
fe:db:99:57:a1:46:b6:54:67:e8:4f:a3:7e:b1:66:
a9:fb:75:ba:e8:79:cb:ec:53:53:b0:8c:71:d0:0f:
14:39:44:47:c9:50:a5:b8:17:86:a6:1a:da:94:01:
e8:e6:c1:af:71:54:5a:d2:d3:21:b5:89:16:d4:97:
f4:89:90:55:ea:6f:35:f4:eb:e3:e6:00:25:c3:29:
1f:2b:b7:38:b0:01:57:23:c4:d4:4b:98:1a:0c:6d:
19:75:f5:c7:fb:90:2a:d5:f2:f4:e2:25:b1:90:c9:
80:37:1b:64:b4:dc:1e:29:6d:89:8e:a0:36:b7:0d:
9e:39:05:31:57:85:e8:df:e0:fc:8e:99:6b:45:35:
67:91:c0:41:a8:e7:ca:84:ea:58:9a:4b:fd:20:5c:
51:ec:f5:82:a5:53:c0:df:ee:8c:19:c3:df:8a:15:
7d:ad:f1:0e:40:cd:bb:69:aa:fc:94:b1:73:1c:60:
cd:d9:8c:c2:6b:88:8d:47:af:7c:6c:ec:a0:2b:a5:
d2:25:f7:50:f1:a0:39:2c:bf:22:42:a2:d4:8b:51:
51:46:db:cd:19:42:a7:5a:05:b3:fe:77:1e:3a:0b:
2f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:74:FB:8E:82:2E:0B:94:EF:17:A4:63:8C:B0:93:2A:28:63:62:E2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cXT7joIuC5TvF6RjjLCTKihjYuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.200.0/24
194.87.190.0/24
212.192.217.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:00:eb:66:25:56:b9:d6:98:18:41:af:9e:44:c7:e0:40:b5:
78:05:0c:da:02:5c:ce:a0:1e:1e:e9:75:95:c6:cb:2b:be:1c:
2c:88:d5:0d:5c:4a:ce:a5:a9:3d:23:35:51:cc:0c:67:94:e8:
d7:5b:61:a2:7d:71:79:0b:0c:4f:06:9b:03:f1:a2:89:17:d7:
28:78:99:09:b0:fb:c4:01:26:f9:df:b3:ed:f1:ac:cc:a8:6b:
56:6d:93:b0:bc:e4:74:28:5c:79:71:e3:28:14:0c:99:e9:35:
e5:08:bf:80:16:43:2b:26:79:ff:4a:0e:47:99:8e:f2:f4:a3:
f7:b7:9a:40:ec:79:e5:cf:9f:1c:2d:5f:a7:e8:93:3f:8d:ac:
04:8c:68:71:db:14:55:a3:75:8f:28:a0:33:72:24:63:a6:4c:
90:22:53:91:03:45:1b:c4:09:ae:42:f4:42:fa:5e:46:26:20:
e1:79:44:3d:0d:41:1b:f2:20:bb:0d:69:1a:eb:45:50:d7:5c:
0d:30:bf:37:13:02:81:fb:b3:4b:26:cf:db:cd:83:37:e5:53:
cb:c5:32:b9:1d:0d:2a:4f:0b:6d:58:61:96:11:13:98:11:58:
c5:9f:1e:7d:13:a3:bb:b2:0b:82:9b:5e:8c:15:87:7e:8c:bb:
92:66:16:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYw5jzIvGZqEydO5x7pyUMqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA1MTAzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc0ZmI4ZTgyMmUwYjk0ZWYxN2E0NjM4Y2IwOTMyYTI4NjM2MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL5IybjgE+scw9kynf5CKaLJ8XrQ
7eUnNVJWQ47+25lXoUa2VGfoT6N+sWap+3W66HnL7FNTsIxx0A8UOURHyVCluBeG
phralAHo5sGvcVRa0tMhtYkW1Jf0iZBV6m819Ovj5gAlwykfK7c4sAFXI8TUS5ga
DG0ZdfXH+5Aq1fL04iWxkMmANxtktNweKW2JjqA2tw2eOQUxV4Xo3+D8jplrRTVn
kcBBqOfKhOpYmkv9IFxR7PWCpVPA3+6MGcPfihV9rfEOQM27aar8lLFzHGDN2YzC
a4iNR698bOygK6XSJfdQ8aA5LL8iQqLUi1FRRtvNGUKnWgWz/nceOgsvlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHF0+46CLguU7xekY4ywkyooY2LiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY1hUN2pvSXVDNVR2RjZSampMQ1RLaWhqWXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwHAwQA
wXzIAwQAwle+AwQA1MDZAwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQAPAOtmJVa5
1pgYQa+eRMfgQLV4BQzaAlzOoB4e6XWVxssrvhwsiNUNXErOpak9IzVRzAxnlOjX
W2GifXF5CwxPBpsD8aKJF9coeJkJsPvEASb537Pt8azMqGtWbZOwvOR0KFx5ceMo
FAyZ6TXlCL+AFkMrJnn/Sg5HmY7y9KP3t5pA7Hnlz58cLV+n6JM/jawEjGhx2xRV
o3WPKKAzciRjpkyQIlORA0UbxAmuQvRC+l5GJiDheUQ9DUEb8iC7DWka60VQ11wN
ML83EwKB+7NLJs/bzYM35VPLxTK5HQ0qTwttWGGWEROYEVjFnx59E6O7sguCm16M
FYd+jLuSZhbf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org