Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f6MiQpPkVjRYuYF1Wh-EQYThNOQ.roa
File: f6MiQpPkVjRYuYF1Wh-EQYThNOQ.roa (raw, json)
Hash identifier: An6NONHuTHoSaZjlZkoX1s9EZnoXlJFGsU4wtfo4MXo=
Subject key identifier: 7F:A3:22:42:93:E4:56:34:58:B9:81:75:5A:1F:84:41:84:E1:34:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01885C47BA8FFB305CDEA5792EDD8B0EC4A2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f6MiQpPkVjRYuYF1Wh-EQYThNOQ.roa
Signing time: Sat 27 May 2023 08:16:24 +0000
ROA not before: Sat 27 May 2023 08:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
212.193.24.0/22 maxlen: 22
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5c:47:ba:8f:fb:30:5c:de:a5:79:2e:dd:8b:0e:c4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 27 08:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fa3224293e4563458b981755a1f844184e134e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:86:36:30:3c:94:d9:1a:e0:72:3c:10:b0:3d:
43:45:dc:4f:a2:98:59:ec:b3:2f:e6:b3:94:eb:3d:
dd:08:4d:05:6d:cd:b4:55:cb:ba:5b:c5:b3:e9:44:
d8:c7:62:4b:7b:af:bb:98:67:12:de:8e:ae:e9:75:
b2:4d:fb:2d:28:d7:06:a9:73:d6:75:47:01:6e:86:
1d:c5:f6:c8:29:e5:7f:5e:30:b3:3d:31:35:db:0a:
fd:d0:6c:ac:67:80:ae:b0:56:4b:48:cd:7a:52:62:
a6:98:bc:12:64:94:2f:59:c2:3b:d0:2b:9d:e8:c9:
32:d0:c0:67:84:c1:ff:15:7d:ab:21:89:8b:35:30:
33:16:2d:f9:75:9d:01:23:37:38:29:f8:c6:41:c5:
50:51:1d:9b:cb:69:d1:57:05:15:f6:e8:25:c2:90:
ff:e9:68:d6:ce:25:51:fc:aa:8b:cb:a3:01:4d:b5:
da:62:dc:43:22:6b:77:44:09:1e:8d:ad:b8:af:66:
60:6e:cc:a0:62:4e:66:de:97:dd:b1:ec:05:95:a4:
fe:cf:8c:38:e3:43:1f:5c:dc:a4:fe:a6:dd:2f:ef:
89:68:79:47:92:df:1c:c7:d3:4c:b9:93:c5:79:6e:
99:6b:66:0e:57:aa:33:6e:f2:d7:8e:cc:86:fe:05:
85:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A3:22:42:93:E4:56:34:58:B9:81:75:5A:1F:84:41:84:E1:34:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f6MiQpPkVjRYuYF1Wh-EQYThNOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
195.133.83.0/24
212.193.24.0/22
Signature Algorithm: sha256WithRSAEncryption
30:c8:78:59:ef:94:20:68:ee:cc:f2:8d:e6:98:bf:a9:23:59:
b1:38:87:21:8d:30:78:f9:bc:73:32:a3:72:b6:4e:d8:9e:32:
96:37:ba:21:ab:71:3c:3a:48:95:bd:18:f1:cd:9e:9b:80:dd:
c3:b8:18:d9:b3:15:56:e3:69:29:3e:11:c8:af:ec:56:1c:63:
ef:19:1e:72:89:29:bf:f5:bf:11:e1:64:1b:13:0a:57:f6:7d:
1b:fa:d0:8d:fa:c8:e6:b2:17:fb:f4:a1:7b:4e:ae:9d:d0:24:
0d:98:62:da:9d:04:8a:30:77:5b:8e:ca:b3:4d:e0:da:c4:18:
a3:d4:fd:24:79:f0:60:45:67:97:f5:f7:72:4b:a0:72:d5:ba:
f3:a7:ff:e0:9a:dc:d9:fa:16:cd:7c:5d:04:67:67:db:9d:34:
ad:fc:4c:4c:79:c4:70:16:75:55:d7:b2:fb:c7:54:bc:78:13:
87:75:f7:b9:cb:5e:97:95:40:f0:e0:57:f0:4d:93:49:34:5a:
7b:5d:17:7b:1e:b3:8c:8b:7e:8c:3d:b3:7a:fc:15:7f:f0:26:
18:92:02:f4:c6:d9:6e:fe:50:bd:cb:31:fe:02:9f:5d:d7:d2:
14:b6:4d:42:6e:d7:ae:f5:ab:23:3e:b7:08:94:b6:98:26:61:
0f:3b:1d:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYhcR7qP+zBc3qV5Lt2LDsSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTI3MDgxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmEzMjI0MjkzZTQ1NjM0NThiOTgxNzU1YTFmODQ0MTg0ZTEzNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4Y2MDyU2RrgcjwQsD1DRdxPophZ
7LMv5rOU6z3dCE0Fbc20Vcu6W8Wz6UTYx2JLe6+7mGcS3o6u6XWyTfstKNcGqXPW
dUcBboYdxfbIKeV/XjCzPTE12wr90GysZ4CusFZLSM16UmKmmLwSZJQvWcI70Cud
6Mky0MBnhMH/FX2rIYmLNTAzFi35dZ0BIzc4KfjGQcVQUR2by2nRVwUV9uglwpD/
6WjWziVR/KqLy6MBTbXaYtxDImt3RAkeja24r2ZgbsygYk5m3pfdsewFlaT+z4w4
40MfXNyk/qbdL++JaHlHkt8cx9NMuZPFeW6Za2YOV6ozbvLXjsyG/gWFnwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH+jIkKT5FY0WLmBdVofhEGE4TTkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZjZNaVFwUGtWalJZdVlGMVdoLUVRWVRoTk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwXwPAwQA
wXwYAwQAwlcdAwQAwld7AwQAwodoAwQAw4UVAwQBw4UaAwQAw4U7AwQAw4VTAwQC
1MEYMA0GCSqGSIb3DQEBCwUAA4IBAQAwyHhZ75QgaO7M8o3mmL+pI1mxOIchjTB4
+bxzMqNytk7YnjKWN7ohq3E8OkiVvRjxzZ6bgN3DuBjZsxVW42kpPhHIr+xWHGPv
GR5yiSm/9b8R4WQbEwpX9n0b+tCN+sjmshf79KF7Tq6d0CQNmGLanQSKMHdbjsqz
TeDaxBij1P0kefBgRWeX9fdyS6By1brzp//gmtzZ+hbNfF0EZ2fbnTSt/ExMecRw
FnVV17L7x1S8eBOHdfe5y16XlUDw4FfwTZNJNFp7XRd7HrOMi36MPbN6/BV/8CYY
kgL0xtlu/lC9yzH+Ap9d19IUtk1Cbteu9asjPrcIlLaYJmEPOx2N
-----END CERTIFICATE-----
Generated at Thu Aug 3 07:23:34 2023 by rpki-client on console-ams.rpki-client.org