Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f3GrmSlpeFZxxNQTGZJJwRaakrY.roa
File: f3GrmSlpeFZxxNQTGZJJwRaakrY.roa (raw, json)
Hash identifier: OwvzmLoWO0BQLpQyeOuGsJtIQginY5Lij1VhIlJV9N0=
Subject key identifier: 7F:71:AB:99:29:69:78:56:71:C4:D4:13:19:92:49:C1:16:9A:92:B6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01928BBC62D2B573F68E97863A6438A90F6C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f3GrmSlpeFZxxNQTGZJJwRaakrY.roa
Signing time: Mon 14 Oct 2024 15:53:52 +0000
ROA not before: Mon 14 Oct 2024 15:53:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.31.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.62.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.94.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Oct 2024 14:34:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:bc:62:d2:b5:73:f6:8e:97:86:3a:64:38:a9:0f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 15:53:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f71ab992969785671c4d413199249c1169a92b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:36:52:83:a5:65:c2:88:ea:40:70:00:00:6f:
b3:92:fa:52:24:d1:1b:c0:ab:d1:2b:51:a7:3e:a1:
8c:74:f1:15:df:c0:23:81:6f:7c:1e:f0:8e:e3:0e:
fe:1e:24:4c:74:4f:0b:2e:88:0b:a0:41:04:93:34:
b7:a2:82:86:2b:c3:d2:b0:8d:51:76:c6:e8:4f:55:
1a:2c:40:71:cc:f1:4c:34:ec:a1:4c:c2:a0:69:5c:
3c:63:8d:e7:01:98:ed:84:ab:23:f8:fa:d6:f0:7d:
53:51:c4:8a:41:bf:b0:19:32:40:d0:4b:5d:ed:1c:
fc:6d:d1:50:4b:ce:65:cb:9e:c7:ad:5c:19:4c:10:
62:b3:3d:8b:19:fa:d6:df:e4:dd:b5:5f:03:e4:f7:
56:d7:af:0d:1e:4f:36:0d:8d:19:da:f5:48:b4:8c:
19:10:7a:a0:50:eb:0a:30:1d:45:b2:b5:90:05:72:
78:a9:81:92:a4:be:ad:3f:e2:53:1c:c3:d4:b1:57:
9d:af:ff:9a:83:fb:bc:fb:95:20:31:89:28:9d:24:
92:29:09:32:74:ef:46:f5:ac:f5:c5:f7:c0:e9:42:
d2:43:a8:8f:ab:53:fe:d0:8b:2c:d1:26:fe:c4:48:
a1:90:ef:df:9b:13:29:bd:ca:c8:bb:b6:b9:69:cf:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:71:AB:99:29:69:78:56:71:C4:D4:13:19:92:49:C1:16:9A:92:B6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f3GrmSlpeFZxxNQTGZJJwRaakrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.31.0/24
195.133.40.0/23
195.133.50.0/23
195.133.62.0/24
195.133.92.0-195.133.94.255
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
97:50:8d:ad:c7:73:5b:4c:da:7b:13:17:8c:51:7a:4a:03:7d:
c3:54:22:24:ae:0c:28:fc:37:ae:f2:5a:f9:64:fa:9a:59:57:
63:76:1c:ff:b7:ee:26:30:5f:5e:8f:eb:00:70:f0:ca:ca:d9:
0c:a7:bf:46:13:52:c1:ff:da:09:ad:a1:81:5e:33:65:9b:eb:
99:63:fc:25:ef:e6:6d:09:1d:22:80:d5:86:c6:6c:1d:c1:09:
16:e6:ec:82:c5:61:de:c1:80:b0:77:78:36:61:8f:4b:43:04:
43:6f:82:40:70:06:ea:a5:74:ea:59:78:33:fe:40:00:fd:52:
55:2d:eb:df:5e:95:14:ec:fa:dd:8a:05:87:5c:ab:8e:80:33:
b3:ef:99:e1:b1:f9:57:bc:27:8d:31:cc:15:aa:a1:6b:bf:03:
9f:b9:68:52:39:06:de:d6:db:d9:4f:96:f2:c3:58:0b:a2:f8:
3c:7e:1c:df:c4:fe:e7:0f:6e:b5:cb:bb:da:0c:4d:23:e9:f7:
44:79:e6:7d:83:62:4e:c6:e7:56:f8:56:bc:ef:4a:f8:5b:5f:
07:62:1e:a2:8e:ac:6e:58:dd:12:84:14:47:49:26:f5:4e:c8:
3d:a4:25:84:d8:39:79:34:70:33:77:57:0a:81:f1:5a:ba:fd:
a1:ca:77:58
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZKLvGLStXP2jpeGOmQ4qQ9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE0MTU1MzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjcxYWI5OTI5Njk3ODU2NzFjNGQ0MTMxOTkyNDljMTE2OWE5MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TZSg6VlwojqQHAAAG+zkvpSJNEb
wKvRK1GnPqGMdPEV38AjgW98HvCO4w7+HiRMdE8LLogLoEEEkzS3ooKGK8PSsI1R
dsboT1UaLEBxzPFMNOyhTMKgaVw8Y43nAZjthKsj+PrW8H1TUcSKQb+wGTJA0Etd
7Rz8bdFQS85ly57HrVwZTBBisz2LGfrW3+TdtV8D5PdW168NHk82DY0Z2vVItIwZ
EHqgUOsKMB1FsrWQBXJ4qYGSpL6tP+JTHMPUsVedr/+ag/u8+5UgMYkonSSSKQky
dO9G9az1xffA6ULSQ6iPq1P+0Iss0Sb+xEihkO/fmxMpvcrIu7a5ac/mdwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFH9xq5kpaXhWccTUExmSScEWmpK2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZjNHcm1TbHBlRlp4eE5RVEdaSkp3UmFha3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAMB8tAME
AMI6mwMEAMJXqQMEAMJXsgMEAMJX4AMEAMKHIQMEAcOFGAMEAMOFHwMEAcOFKAME
AcOFMgMEAMOFPjAMAwQCw4VcAwQAw4VeAwQA1MABAwQB1MEaMBQEAgACMA4DBQMq
AVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAl1CNrcdzW0zaexMXjFF6SgN9
w1QiJK4MKPw3rvJa+WT6mllXY3Yc/7fuJjBfXo/rAHDwysrZDKe/RhNSwf/aCa2h
gV4zZZvrmWP8Je/mbQkdIoDVhsZsHcEJFubsgsVh3sGAsHd4NmGPS0MEQ2+CQHAG
6qV06ll4M/5AAP1SVS3r316VFOz63YoFh1yrjoAzs++Z4bH5V7wnjTHMFaqha78D
n7loUjkG3tbb2U+W8sNYC6L4PH4c38T+5w9utcu72gxNI+n3RHnmfYNiTsbnVvhW
vO9K+FtfB2Ieoo6sbljdEoQUR0km9U7IPaQlhNg5eTRwM3dXCoHxWrr9ocp3WA==
-----END CERTIFICATE-----
Generated at Tue Oct 15 16:43:22 2024 by rpki-client on console-fra.rpki-client.org