Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caeDrjkQ90F1m0fbswswxgxbb-0.roa
File: caeDrjkQ90F1m0fbswswxgxbb-0.roa (raw, json)
Hash identifier: LGKIi7YodNYQBwJ+95QDWHyaq94mN62YZkkH28/vytU=
Subject key identifier: 71:A7:83:AE:39:10:F7:41:75:9B:47:DB:B3:0B:30:C6:0C:5B:6F:ED
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCF40528F620E2EE6194A85FC62B53072
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caeDrjkQ90F1m0fbswswxgxbb-0.roa
Signing time: Wed 03 Jan 2024 12:15:48 +0000
ROA not before: Wed 03 Jan 2024 12:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 195.133.84.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 16:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:40:52:8f:62:0e:2e:e6:19:4a:85:fc:62:b5:30:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 3 12:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a783ae3910f741759b47dbb30b30c60c5b6fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:6c:67:ef:20:e6:16:c1:f4:8e:07:53:f9:
22:50:3d:1c:15:fd:fe:45:a5:b7:59:34:5e:cb:1b:
d2:a0:dc:0c:ac:77:fd:5c:5f:3c:97:e3:45:60:72:
d7:29:41:9e:ac:f9:5a:c7:fb:ba:44:e7:c8:6d:19:
27:ee:51:cb:a1:eb:15:b2:b4:c0:d3:27:c0:0c:48:
6d:87:69:55:d4:ff:12:dc:17:b4:4f:e3:2e:95:26:
63:25:1a:58:9b:88:49:43:4d:31:36:27:a9:8b:52:
44:a9:66:f7:23:a4:37:5f:56:f5:4a:17:1d:93:e4:
16:01:7d:c9:44:7a:34:81:3c:a3:1e:84:a4:45:29:
4a:8e:06:f2:74:bf:e7:14:29:a8:d3:fe:ce:0c:7e:
ad:fb:9d:1d:06:d9:6f:83:48:d0:aa:67:3b:9b:62:
42:71:59:24:b3:b4:5d:37:b1:27:fb:26:c5:78:3f:
78:16:93:62:37:6a:be:d8:67:33:cb:18:b4:e1:bf:
fe:33:78:25:ea:d7:f1:63:0f:89:4f:a9:6d:9c:6c:
cc:d4:8c:d2:0a:f0:24:d3:a7:13:78:79:bf:8d:5d:
db:e1:06:40:21:71:e5:ab:17:9d:32:a9:8d:94:95:
9d:e2:b8:fa:76:12:48:f6:7b:46:12:fb:2a:53:3b:
44:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A7:83:AE:39:10:F7:41:75:9B:47:DB:B3:0B:30:C6:0C:5B:6F:ED
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caeDrjkQ90F1m0fbswswxgxbb-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.141.0/24
194.87.168.0/24
195.133.84.0/24
212.192.1.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:35:56:4e:41:b8:95:99:66:db:50:53:16:0e:1a:a0:7d:14:
e2:aa:22:b2:66:0c:e6:c0:ff:3c:dc:6d:60:1f:10:7b:98:87:
90:31:fd:93:df:87:74:6b:f7:f3:4f:97:4c:c5:86:93:bc:15:
ff:79:b6:7a:dc:01:d0:63:3c:04:67:fe:5a:1a:ea:a8:9f:76:
c7:11:9c:f0:55:40:51:3a:4d:70:3c:07:de:c0:c9:be:63:57:
08:cd:3b:61:91:d9:8b:86:94:9a:91:25:0a:0c:7d:e3:a0:7f:
5e:8a:ee:ff:4d:3d:f9:6d:e8:ea:ab:f3:04:70:28:20:3d:5e:
52:08:e6:9b:d9:3d:3b:0b:29:41:55:39:02:d3:8b:83:3a:82:
6d:a2:bc:9c:d2:ef:fa:25:95:7b:91:02:f1:4b:40:d4:19:92:
9b:7e:80:b6:63:be:f1:7d:3d:0e:f1:9d:9b:2d:e9:c4:b7:74:
70:74:15:98:23:fa:58:a7:84:f9:d0:09:1b:cb:36:8f:e4:0d:
f7:50:c6:3f:bf:e8:19:4f:8f:af:a2:ab:62:8d:d0:ec:03:48:
77:60:aa:02:db:23:41:bf:2b:ac:c7:19:0d:17:25:57:9b:fd:
6d:e4:9d:a0:2c:44:54:58:77:67:b7:64:47:90:df:d8:4f:35:
e8:bd:7a:0e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzPQFKPYg4u5hlKhfxitTByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAzMTIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE3ODNhZTM5MTBmNzQxNzU5YjQ3ZGJiMzBiMzBjNjBjNWI2ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv5sZ+8g5hbB9I4HU/kiUD0cFf3+
RaW3WTReyxvSoNwMrHf9XF88l+NFYHLXKUGerPlax/u6ROfIbRkn7lHLoesVsrTA
0yfADEhth2lV1P8S3Be0T+MulSZjJRpYm4hJQ00xNiepi1JEqWb3I6Q3X1b1Shcd
k+QWAX3JRHo0gTyjHoSkRSlKjgbydL/nFCmo0/7ODH6t+50dBtlvg0jQqmc7m2JC
cVkks7RdN7En+ybFeD94FpNiN2q+2Gczyxi04b/+M3gl6tfxYw+JT6ltnGzM1IzS
CvAk06cTeHm/jV3b4QZAIXHlqxedMqmNlJWd4rj6dhJI9ntGEvsqUztEawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHGng645EPdBdZtH27MLMMYMW2/tMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY2FlRHJqa1E5MEYxbTBmYnN3c3d4Z3hiYi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwleNAwQA
wleoAwQAw4VUAwQA1MABAwQA1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQA+NVZOQbiV
mWbbUFMWDhqgfRTiqiKyZgzmwP883G1gHxB7mIeQMf2T34d0a/fzT5dMxYaTvBX/
ebZ63AHQYzwEZ/5aGuqon3bHEZzwVUBROk1wPAfewMm+Y1cIzTthkdmLhpSakSUK
DH3joH9eiu7/TT35bejqq/MEcCggPV5SCOab2T07CylBVTkC04uDOoJtoryc0u/6
JZV7kQLxS0DUGZKbfoC2Y77xfT0O8Z2bLenEt3RwdBWYI/pYp4T50AkbyzaP5A33
UMY/v+gZT4+voqtijdDsA0h3YKoC2yNBvyusxxkNFyVXm/1t5J2gLERUWHdnt2RH
kN/YTzXovXoO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org