Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eEkKXWI02wU9SAXcRuI27JLoTT4.roa
File: eEkKXWI02wU9SAXcRuI27JLoTT4.roa (raw, json)
Hash identifier: 76P1YvCXMxNeZhramLYXT+mthYQG10/FZ2W/v+ZKl3k=
Subject key identifier: 78:49:0A:5D:62:34:DB:05:3D:48:05:DC:46:E2:36:EC:92:E8:4D:3E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A6D61F7B45FC411015E25C8FAA182
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eEkKXWI02wU9SAXcRuI27JLoTT4.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 195.133.76.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
193.124.35.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
195.133.64.0/22 maxlen: 22
195.133.7.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:28:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6d:61:f7:b4:5f:c4:11:01:5e:25:c8:fa:a1:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78490a5d6234db053d4805dc46e236ec92e84d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:6a:c4:e6:1e:74:35:25:08:61:31:b8:7b:
41:1b:fd:f6:09:a4:ef:5d:17:ab:bf:43:b2:fc:ae:
d4:d2:12:be:bb:4d:33:44:79:52:89:a4:0c:9b:75:
bc:c5:40:80:09:09:8d:74:f1:09:0d:e0:1b:15:ec:
68:4c:77:b5:87:15:41:f7:27:59:c5:46:ad:aa:d9:
31:24:39:cb:15:05:cb:ec:d1:cb:60:7b:d7:21:ea:
3f:db:6d:75:75:d2:ec:b8:fb:39:f0:75:7e:a2:fe:
77:32:78:dd:82:55:e9:85:a2:f1:59:99:88:52:2f:
45:d7:75:c5:3f:db:59:0c:a7:6b:64:c7:4b:cd:04:
78:55:32:40:88:86:23:cc:0d:50:9d:82:ab:6e:af:
8f:2f:a9:15:6a:2c:d9:bc:03:60:33:1e:61:4e:f7:
b1:d4:41:fb:bf:22:c7:28:b8:bd:d4:d8:94:c3:8e:
a0:e1:4b:09:83:50:e3:8b:a9:ab:5a:5c:80:c5:7a:
c5:8b:4c:a5:93:60:7e:b7:89:0e:a1:bf:50:31:39:
c7:51:1a:c2:6d:7f:26:23:8a:0e:76:27:ca:e1:cf:
0d:c4:d9:fc:dc:b1:fd:e5:db:9f:aa:84:81:b3:2f:
c9:00:fe:30:fa:bc:a6:09:1d:9f:c7:44:49:18:4f:
34:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:49:0A:5D:62:34:DB:05:3D:48:05:DC:46:E2:36:EC:92:E8:4D:3E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/eEkKXWI02wU9SAXcRuI27JLoTT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
194.58.40.0/24
194.58.56.0/23
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.77.0/24
194.87.255.0/24
195.133.7.0/24
195.133.20.0/24
195.133.64.0/22
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
13:61:51:2a:a8:4c:eb:97:c7:00:a4:eb:7e:80:9f:97:fa:9f:
36:dc:b4:7f:1c:c9:bb:11:4f:e2:14:1a:00:53:2a:bd:71:73:
ba:82:b0:c5:32:6a:6e:ce:c9:05:21:ce:39:66:e5:c9:41:8e:
5d:98:88:71:d2:08:52:ab:41:9c:13:62:aa:21:db:9f:6c:13:
1f:0f:25:dc:e1:70:b1:a5:74:0e:03:87:d4:96:90:e5:aa:15:
f9:ee:57:6b:b7:fa:be:14:0c:85:34:33:0e:2b:b0:02:56:94:
73:e8:2a:87:87:f2:94:bd:3c:8d:d9:18:16:e1:f3:c2:5b:fc:
b3:9b:58:fc:01:f9:2e:93:a6:09:3f:25:a2:9e:1f:13:22:c6:
17:a3:96:02:19:d0:0a:70:ba:38:05:b8:17:43:89:85:42:00:
9e:11:4d:40:ee:8b:81:db:41:8b:3d:6f:fa:ce:f2:2e:64:9d:
ca:1d:da:4f:88:0d:a0:a1:a7:93:1f:46:b1:25:2c:9f:a8:22:
03:ad:84:5b:a5:3e:93:fe:17:f0:0a:2a:44:b6:21:8e:ff:7f:
82:4d:81:5b:8e:4f:78:41:38:df:75:e1:de:14:44:81:70:93:
1c:98:ad:84:dc:b4:18:e7:a4:88:e9:61:3c:5c:00:79:11:04:
62:73:db:b8
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzKKm1h97RfxBEBXiXI+qGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQ5MGE1ZDYyMzRkYjA1M2Q0ODA1ZGM0NmUyMzZlYzkyZTg0ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj55qxOYedDUlCGExuHtBG/32CaTv
XRerv0Oy/K7U0hK+u00zRHlSiaQMm3W8xUCACQmNdPEJDeAbFexoTHe1hxVB9ydZ
xUatqtkxJDnLFQXL7NHLYHvXIeo/2211ddLsuPs58HV+ov53MnjdglXphaLxWZmI
Ui9F13XFP9tZDKdrZMdLzQR4VTJAiIYjzA1QnYKrbq+PL6kVaizZvANgMx5hTvex
1EH7vyLHKLi91NiUw46g4UsJg1Dji6mrWlyAxXrFi0ylk2B+t4kOob9QMTnHURrC
bX8mI4oOdifK4c8NxNn83LH95dufqoSBsy/JAP4w+rymCR2fx0RJGE80HwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHhJCl1iNNsFPUgF3EbiNuyS6E0+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZUVrS1hXSTAyd1U5U0FYY1J1STI3SkxvVFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwjAwQA
wjooAwQBwjo4AwQAwlX4AwQAwlX7AwQAwlcKAwQAwlcRAwQAwldNAwQAwlf/AwQA
w4UHAwQAw4UUAwQCw4VAAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQATYVEqqEzr
l8cApOt+gJ+X+p823LR/HMm7EU/iFBoAUyq9cXO6grDFMmpuzskFIc45ZuXJQY5d
mIhx0ghSq0GcE2KqIdufbBMfDyXc4XCxpXQOA4fUlpDlqhX57ldrt/q+FAyFNDMO
K7ACVpRz6CqHh/KUvTyN2RgW4fPCW/yzm1j8Afkuk6YJPyWinh8TIsYXo5YCGdAK
cLo4BbgXQ4mFQgCeEU1A7ouB20GLPW/6zvIuZJ3KHdpPiA2goaeTH0axJSyfqCID
rYRbpT6T/hfwCipEtiGO/3+CTYFbjk94QTjfdeHeFESBcJMcmK2E3LQY56SI6WE8
XAB5EQRic9u4
-----END CERTIFICATE-----
Generated at Tue Apr 16 16:50:19 2024 by rpki-client on console-ams.rpki-client.org