Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d2mQZ3DIAPWyw6nDnTFhp6Rdf-M.roa
File: d2mQZ3DIAPWyw6nDnTFhp6Rdf-M.roa (raw, json)
Hash identifier: UpAHIp2Mj+aXpv0UXnW3Mcrx2NqTRIb89PlB/ECPOvY=
Subject key identifier: 77:69:90:67:70:C8:00:F5:B2:C3:A9:C3:9D:31:61:A7:A4:5D:7F:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A08524AE7467D1C9D66E339B7C38E8BB3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d2mQZ3DIAPWyw6nDnTFhp6Rdf-M.roa
Signing time: Fri 18 Aug 2023 11:05:25 +0000
ROA not before: Fri 18 Aug 2023 11:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Sep 2023 10:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:52:4a:e7:46:7d:1c:9d:66:e3:39:b7:c3:8e:8b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 18 11:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7769906770c800f5b2c3a9c39d3161a7a45d7fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:47:50:b7:13:68:e7:85:cb:15:12:1c:e7:
92:3e:e7:6e:99:9a:f3:41:3f:22:d1:cb:3f:4b:92:
1e:ab:a5:1a:f7:85:b1:56:e3:a7:36:76:cd:de:ea:
28:89:0b:d5:cf:a9:9b:af:8f:67:cd:84:58:95:4c:
a4:e3:fd:b1:fb:97:0c:2c:55:0f:07:3a:72:f5:5c:
d7:fc:26:fc:96:38:fe:54:7d:a9:b4:63:d7:22:03:
4c:2d:98:6c:b9:40:51:98:30:d0:ea:9e:cf:a2:e0:
1a:40:eb:b0:41:f5:95:08:b5:80:72:c5:3f:07:b4:
98:6e:2f:2e:62:2a:39:aa:29:53:ec:38:4c:a6:9c:
c7:fe:36:44:b0:f2:7f:f9:cb:8f:d2:f0:d6:b6:5c:
6c:d4:56:12:5a:49:80:eb:22:6d:86:36:7e:35:64:
37:f0:75:66:e6:46:3d:a5:c8:65:d6:4f:dc:b1:69:
4a:f7:00:78:39:ce:da:73:5a:6d:1f:f8:43:b4:87:
3b:2d:82:6f:84:c5:46:a1:c1:33:ba:d5:8a:5a:79:
f8:ac:18:8a:2f:05:37:1f:db:c7:f0:99:60:b9:32:
2c:22:b4:65:d5:4a:f9:ce:77:6a:72:a8:42:b1:c2:
92:30:c3:1c:e0:5e:55:6b:74:a6:35:15:26:be:06:
c1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:69:90:67:70:C8:00:F5:B2:C3:A9:C3:9D:31:61:A7:A4:5D:7F:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d2mQZ3DIAPWyw6nDnTFhp6Rdf-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
193.124.90.0/24
194.58.42.0/24
194.87.76.0/24
194.87.81.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.15.0/24
195.133.25.0/24
195.133.27.0/24
212.192.4.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
11:2a:aa:bb:fc:58:08:52:54:2c:bc:63:3f:1c:34:e6:eb:2b:
74:3c:21:bf:8c:39:6c:8c:0a:e9:aa:12:5a:a7:7b:a7:81:b0:
4d:e9:ed:d1:40:0b:55:88:49:e4:83:76:a5:78:ce:e4:47:de:
9e:87:b6:1a:0f:ec:4d:06:d9:25:bc:96:25:e9:7f:81:ed:c3:
b7:9a:b0:33:f1:c7:e4:7f:1a:d9:64:90:5b:49:c1:a9:d1:31:
da:8d:02:83:54:31:08:54:26:6d:3c:a1:38:a4:6e:99:ab:0e:
44:74:a6:4f:d1:85:30:94:a2:8d:a5:51:38:5f:06:ce:a2:ef:
83:b2:2c:ee:88:c6:13:c5:04:e1:c0:f7:8c:5d:f6:b2:43:1d:
cb:c5:55:96:f1:65:ac:59:02:aa:20:f6:d2:bb:34:ce:53:b6:
ea:c1:76:d0:66:a2:a7:ea:4d:71:af:d1:73:22:ce:d8:6f:9b:
5f:61:f8:3b:a0:3e:ec:30:5e:1e:14:0d:31:2b:07:9b:fe:a5:
3d:86:b5:5e:49:00:67:ad:70:8a:5d:ee:7f:72:59:c4:a9:4f:
09:f9:45:b1:02:67:a6:c2:e2:70:36:91:11:da:36:d1:d9:92:
75:1f:de:a4:9a:a9:7e:4e:cb:f1:3a:98:72:44:c1:f4:40:91:
da:4c:36:7d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYoIUkrnRn0cnWbjObfDjouzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE4MTEwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzY5OTA2NzcwYzgwMGY1YjJjM2E5YzM5ZDMxNjFhN2E0NWQ3ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDVHULcTaOeFyxUSHOeSPudumZrz
QT8i0cs/S5Ieq6Ua94WxVuOnNnbN3uooiQvVz6mbr49nzYRYlUyk4/2x+5cMLFUP
Bzpy9VzX/Cb8ljj+VH2ptGPXIgNMLZhsuUBRmDDQ6p7PouAaQOuwQfWVCLWAcsU/
B7SYbi8uYio5qilT7DhMppzH/jZEsPJ/+cuP0vDWtlxs1FYSWkmA6yJthjZ+NWQ3
8HVm5kY9pchl1k/csWlK9wB4Oc7ac1ptH/hDtIc7LYJvhMVGocEzutWKWnn4rBiK
LwU3H9vH8JlguTIsIrRl1Ur5zndqcqhCscKSMMMc4F5Va3SmNRUmvgbBtwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHdpkGdwyAD1ssOpw50xYaekXX/jMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZDJtUVozRElBUFd5dzZuRG5URmhwNlJkZi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwHy0AwQA
wXxaAwQAwjoqAwQAwldMAwQAwldRAwQAwlesAwQAwlfQAwQAwlfiAwQAwlfnAwQA
w4UPAwQAw4UZAwQAw4UbAwQA1MAEAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQAR
Kqq7/FgIUlQsvGM/HDTm6yt0PCG/jDlsjArpqhJap3ungbBN6e3RQAtViEnkg3al
eM7kR96eh7YaD+xNBtklvJYl6X+B7cO3mrAz8cfkfxrZZJBbScGp0THajQKDVDEI
VCZtPKE4pG6Zqw5EdKZP0YUwlKKNpVE4XwbOou+DsizuiMYTxQThwPeMXfayQx3L
xVWW8WWsWQKqIPbSuzTOU7bqwXbQZqKn6k1xr9FzIs7Yb5tfYfg7oD7sMF4eFA0x
Kweb/qU9hrVeSQBnrXCKXe5/clnEqU8J+UWxAmemwuJwNpER2jbR2ZJ1H96kmql+
TsvxOphyRMH0QJHaTDZ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org