Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d87D_ykGOVtQhpLnXkdHzRtf468.roa
File: d87D_ykGOVtQhpLnXkdHzRtf468.roa (raw, json)
Hash identifier: w3e56glT6cxN9iqv6l1nMW/6k5OjhFYq+9aNx6/mKIs=
Subject key identifier: 77:CE:C3:FF:29:06:39:5B:50:86:92:E7:5E:47:47:CD:1B:5F:E3:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019300E44ABE9BC0DBB79B5C2239374AA09E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d87D_ykGOVtQhpLnXkdHzRtf468.roa
Signing time: Wed 06 Nov 2024 09:53:01 +0000
ROA not before: Wed 06 Nov 2024 09:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 08 Nov 2024 10:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:e4:4a:be:9b:c0:db:b7:9b:5c:22:39:37:4a:a0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 09:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77cec3ff2906395b508692e75e4747cd1b5fe3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:54:f6:dc:e9:bb:4c:24:77:f2:15:bc:21:9a:
05:90:16:6e:e5:00:c2:87:32:ce:ff:80:ce:bd:4d:
38:a2:b0:81:4a:82:15:1a:9c:d2:ff:8b:c8:00:c4:
54:96:a3:54:fe:b9:ec:e6:d3:0e:bf:ce:70:ef:c6:
5f:e9:6a:8d:5c:7c:b7:90:e7:4e:35:a2:f1:e5:dd:
71:b6:74:52:db:9d:3e:bb:0a:a2:45:00:33:7a:45:
6b:bf:4b:c0:ec:80:b9:c2:bd:b8:45:e5:d5:09:2e:
b6:b6:c1:48:9e:2f:a5:9b:e8:1e:82:75:b8:59:1e:
5b:7a:c2:28:a5:bc:eb:0d:7f:c5:5a:6d:36:7b:9f:
22:64:15:c4:49:f7:0a:1e:9a:f3:66:0c:a0:cb:7a:
6f:6c:85:e2:d1:86:6a:92:9f:a4:0e:c9:90:6e:33:
17:d9:2d:c8:35:4c:44:db:94:07:65:6d:8d:c5:91:
f8:7b:f8:0a:3e:7f:3f:0f:7c:54:60:33:cb:d4:4b:
7b:bc:5b:e6:5e:0f:c1:3c:59:6c:89:d4:45:b5:7e:
eb:f4:c1:c0:92:9e:31:75:b1:74:0b:12:29:2a:46:
03:14:2f:93:6c:77:93:85:71:2c:22:97:9b:85:f6:
8a:0a:8d:bd:da:7a:f8:a9:0a:5c:f6:8e:9d:66:95:
b2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CE:C3:FF:29:06:39:5B:50:86:92:E7:5E:47:47:CD:1B:5F:E3:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/d87D_ykGOVtQhpLnXkdHzRtf468.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.85.251.0/24
194.87.108.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
72:7d:77:5d:05:10:b8:4f:40:65:2e:70:94:56:66:52:72:f4:
57:38:58:6e:e1:37:ee:ea:91:cc:56:e1:99:f2:0b:50:35:09:
2d:64:bb:e3:42:51:8d:be:aa:28:10:dd:6f:ee:dc:a2:87:94:
79:bf:f4:ad:f9:5a:04:3e:a0:74:d9:fc:ff:9a:b7:05:94:0c:
91:c1:85:a7:2a:59:1c:97:1d:81:21:39:da:2d:33:b3:44:e7:
d3:33:fe:c3:e2:2d:6f:29:cc:c4:17:82:86:31:1e:c8:da:58:
eb:46:06:4b:d3:bc:a8:2f:be:5a:6a:ec:24:4c:ce:d4:a7:50:
d4:0d:dd:d3:68:5a:aa:47:0e:36:3b:97:db:55:6d:5c:f5:76:
65:4b:c2:92:10:00:a9:d8:10:f5:02:06:c3:4b:ec:d4:d5:44:
db:5c:4b:b2:7b:46:9c:b3:c5:a9:20:99:68:b9:0f:b0:6f:81:
67:bd:0d:ce:39:cb:00:72:9c:fb:bd:26:29:c9:c7:b4:30:b0:
13:71:36:a2:af:7f:a6:01:58:f5:0e:65:f8:53:10:53:52:23:
06:7d:05:65:82:f2:d7:96:c8:84:0b:96:0e:48:cd:98:63:0e:
80:ce:47:a0:b9:74:65:23:5b:2d:55:09:70:d7:74:06:d9:b4:
0e:10:83:3d
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZMA5Eq+m8Dbt5tcIjk3SqCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MDk1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2NlYzNmZjI5MDYzOTViNTA4NjkyZTc1ZTQ3NDdjZDFiNWZlM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFT23Om7TCR38hW8IZoFkBZu5QDC
hzLO/4DOvU04orCBSoIVGpzS/4vIAMRUlqNU/rns5tMOv85w78Zf6WqNXHy3kOdO
NaLx5d1xtnRS250+uwqiRQAzekVrv0vA7IC5wr24ReXVCS62tsFIni+lm+gegnW4
WR5besIopbzrDX/FWm02e58iZBXESfcKHprzZgygy3pvbIXi0YZqkp+kDsmQbjMX
2S3INUxE25QHZW2NxZH4e/gKPn8/D3xUYDPL1Et7vFvmXg/BPFlsidRFtX7r9MHA
kp4xdbF0CxIpKkYDFC+TbHeThXEsIpebhfaKCo292nr4qQpc9o6dZpWyiwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHfOw/8pBjlbUIaS515HR80bX+OvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZDg3RF95a0dPVnRRaHBMblhrZEh6UnRmNDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAMB8tAME
AMI6mwMEAMJV+wMEAMJXbAMEAMJXqQMEAMJXsgMEAMJX4AMEAMKHIQMEAcOFGAME
AcOFKAMEAcOFMgMEAcOFXAMEANTAAQMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM
/0AwDQYJKoZIhvcNAQELBQADggEBAHJ9d10FELhPQGUucJRWZlJy9Fc4WG7hN+7q
kcxW4ZnyC1A1CS1ku+NCUY2+qigQ3W/u3KKHlHm/9K35WgQ+oHTZ/P+atwWUDJHB
hacqWRyXHYEhOdotM7NE59Mz/sPiLW8pzMQXgoYxHsjaWOtGBkvTvKgvvlpq7CRM
ztSnUNQN3dNoWqpHDjY7l9tVbVz1dmVLwpIQAKnYEPUCBsNL7NTVRNtcS7J7Rpyz
xakgmWi5D7BvgWe9Dc45ywBynPu9JinJx7QwsBNxNqKvf6YBWPUOZfhTEFNSIwZ9
BWWC8teWyIQLlg5IzZhjDoDOR6C5dGUjWy1VCXDXdAbZtA4Qgz0=
-----END CERTIFICATE-----
Generated at Fri Nov 8 14:54:58 2024 by rpki-client on console-fra.rpki-client.org