Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fGHzhbx6f69V3Vv4I4RIuj7rGt8.roa
File: fGHzhbx6f69V3Vv4I4RIuj7rGt8.roa (raw, json)
Hash identifier: g2rTyMgA5xSuYVJliOhpgephwuxAyqHq/cxT8KyhWM8=
Subject key identifier: 7C:61:F3:85:BC:7A:7F:AF:55:DD:5B:F8:23:84:48:BA:3E:EB:1A:DF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189B618B6CC5C7684C4D90F69137A98C52C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fGHzhbx6f69V3Vv4I4RIuj7rGt8.roa
Signing time: Wed 02 Aug 2023 11:53:40 +0000
ROA not before: Wed 02 Aug 2023 11:53:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.7.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 10:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:18:b6:cc:5c:76:84:c4:d9:0f:69:13:7a:98:c5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 11:53:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c61f385bc7a7faf55dd5bf8238448ba3eeb1adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:78:85:71:f9:e9:2d:7f:6f:6e:61:56:6d:2e:
41:4f:5a:3c:95:ae:cf:7d:eb:49:5e:b3:79:42:9c:
0f:64:b8:ef:20:fb:ea:6e:f0:19:a1:3d:d4:c2:8d:
11:87:97:1a:13:ea:59:0b:de:41:da:6b:6f:7d:e0:
21:5a:37:9f:89:4e:97:a9:ea:69:7f:be:f4:a9:3d:
a7:f2:63:a7:43:96:04:73:ef:ff:d2:31:dc:22:10:
12:15:e2:1f:51:37:a7:ca:ca:08:7e:1c:f8:b5:25:
f3:e2:c3:b7:8a:d3:37:0a:96:5d:24:ab:de:a1:4a:
0e:0b:82:c2:4f:31:9f:81:23:42:7c:eb:19:af:d8:
9e:5f:82:44:e9:68:1c:42:6a:ae:eb:d5:6d:24:f0:
70:86:9f:d6:a2:06:5e:cd:0a:c8:75:36:dc:1e:a8:
43:ea:74:4f:fa:0a:e3:3f:f1:49:56:7b:d5:e4:92:
d1:53:31:31:0a:79:9b:48:d3:2c:75:8d:ff:30:03:
99:c0:6a:2a:88:15:ce:8a:a5:52:7a:93:b4:0a:c8:
5b:50:2f:6f:b7:d6:ab:e6:89:7c:f0:6b:93:af:66:
f2:98:9f:6e:9a:0d:d8:8d:86:7a:0f:5b:af:cd:e9:
d1:17:bb:2e:d4:77:2e:b8:06:50:a2:b2:04:08:73:
a2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:61:F3:85:BC:7A:7F:AF:55:DD:5B:F8:23:84:48:BA:3E:EB:1A:DF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fGHzhbx6f69V3Vv4I4RIuj7rGt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.87.7.0/24
194.87.163.0/24
195.58.38.0/24
195.133.195.0/24
Signature Algorithm: sha256WithRSAEncryption
83:be:25:23:fd:fa:c3:b1:37:bb:62:d8:35:58:b1:fb:ea:2d:
cd:3f:b5:00:67:16:04:1f:17:44:7c:91:6d:3a:20:ae:c6:c1:
2d:bd:6c:a9:70:d7:23:96:31:d6:12:fe:89:3b:f4:c2:af:bf:
55:2a:26:0b:f0:99:98:3a:a8:1e:56:8f:7c:1a:59:6d:cc:d4:
5c:dc:8e:d6:39:74:9f:91:59:cf:72:71:7e:dc:77:9d:fb:6f:
cd:27:11:1f:84:0b:e2:09:00:80:04:ba:88:3d:7c:77:7d:06:
17:d7:b9:b8:f3:60:3a:a3:e6:b7:7f:80:93:40:01:33:e3:7a:
8d:f7:e3:d8:7e:de:bd:9d:6c:b0:1e:b7:dc:74:1e:6f:f4:09:
85:7a:e0:69:af:55:8a:5d:54:8b:a2:d2:d3:09:9a:6c:e8:fd:
5c:ad:8b:a2:b1:00:63:30:8a:69:f4:0b:ac:51:3f:44:a9:1b:
64:e0:68:8a:a8:32:50:fb:c6:83:92:a4:c6:ae:f0:1f:1a:0f:
6f:87:55:41:64:16:0c:b6:7c:85:f3:4c:33:e7:88:f2:01:e9:
15:91:32:55:66:98:8a:48:34:99:69:6b:a6:51:f2:16:66:8b:
89:d1:96:32:14:43:52:e0:3b:71:86:99:c8:7e:4b:34:89:ab:
3c:f7:41:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYm2GLbMXHaExNkPaRN6mMUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAyMTE1MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzYxZjM4NWJjN2E3ZmFmNTVkZDViZjgyMzg0NDhiYTNlZWIxYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiniFcfnpLX9vbmFWbS5BT1o8la7P
fetJXrN5QpwPZLjvIPvqbvAZoT3Uwo0Rh5caE+pZC95B2mtvfeAhWjefiU6Xqepp
f770qT2n8mOnQ5YEc+//0jHcIhASFeIfUTenysoIfhz4tSXz4sO3itM3CpZdJKve
oUoOC4LCTzGfgSNCfOsZr9ieX4JE6WgcQmqu69VtJPBwhp/WogZezQrIdTbcHqhD
6nRP+grjP/FJVnvV5JLRUzExCnmbSNMsdY3/MAOZwGoqiBXOiqVSepO0CshbUC9v
t9ar5ol88GuTr2bymJ9umg3YjYZ6D1uvzenRF7su1HcuuAZQorIECHOinQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHxh84W8en+vVd1b+COESLo+6xrfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZkdIemhieDZmNjlWM1Z2NEk0Ukl1ajdyR3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy1AwQA
wlcHAwQAwlejAwQAwzomAwQAw4XDMA0GCSqGSIb3DQEBCwUAA4IBAQCDviUj/frD
sTe7Ytg1WLH76i3NP7UAZxYEHxdEfJFtOiCuxsEtvWypcNcjljHWEv6JO/TCr79V
KiYL8JmYOqgeVo98GlltzNRc3I7WOXSfkVnPcnF+3Hed+2/NJxEfhAviCQCABLqI
PXx3fQYX17m482A6o+a3f4CTQAEz43qN9+PYft69nWywHrfcdB5v9AmFeuBpr1WK
XVSLotLTCZps6P1crYuisQBjMIpp9AusUT9EqRtk4GiKqDJQ+8aDkqTGrvAfGg9v
h1VBZBYMtnyF80wz54jyAekVkTJVZpiKSDSZaWumUfIWZouJ0ZYyFENS4DtxhpnI
fks0ias890HM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org