Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gCY_FBG3rTDSCXwbQvXVktpRDKs.roa
File: gCY_FBG3rTDSCXwbQvXVktpRDKs.roa (raw, json)
Hash identifier: 2lCsiz2f6sqCnB6WhLoOY06J3miNkDGSbV2aJH9/SLY=
Subject key identifier: 80:26:3F:14:11:B7:AD:30:D2:09:7C:1B:42:F5:D5:92:DA:51:0C:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CFCD6700C02F0C3FA3A78576D25DDC997
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gCY_FBG3rTDSCXwbQvXVktpRDKs.roa
Signing time: Fri 12 Jan 2024 08:42:40 +0000
ROA not before: Fri 12 Jan 2024 08:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 15:33:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:d6:70:0c:02:f0:c3:fa:3a:78:57:6d:25:dd:c9:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 08:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80263f1411b7ad30d2097c1b42f5d592da510cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:51:44:95:4a:0f:5e:70:fd:1a:6e:d4:2a:
df:a9:f5:a3:6d:1a:11:c3:a6:23:4a:28:a2:5e:e3:
2d:b6:77:15:8b:8f:a2:7e:ad:1c:4e:83:7f:0c:54:
91:e1:fa:3f:c4:b8:4d:93:90:cd:ca:f7:9e:be:2e:
f4:15:0b:2e:6d:d4:08:aa:87:9b:c1:2e:19:ab:05:
29:c5:61:b8:8b:7e:a0:8e:23:a9:81:14:a3:9c:24:
3b:2b:0e:30:da:8c:ab:7b:34:74:fb:23:d9:5a:0e:
fe:53:17:11:7a:58:a1:7c:41:c8:44:08:48:71:01:
15:9f:82:b4:e3:51:f9:23:e7:19:55:d7:96:4e:ef:
49:c7:3d:8b:6b:dd:c9:4b:a2:4f:ab:f0:67:31:cc:
ed:0c:8c:a2:b5:a6:31:4d:d0:96:9e:d9:5c:51:ca:
fd:03:7a:95:49:30:e4:38:3f:9f:22:d2:58:0e:8d:
8a:3d:1d:7a:d3:56:69:14:6f:27:f2:a8:65:df:37:
16:68:9e:1d:65:0a:38:9a:78:d4:61:7f:77:5a:bd:
67:80:32:14:20:c2:0b:1e:09:5b:89:ee:86:9d:92:
b4:c4:6a:75:a5:a9:c1:f7:73:e5:39:e5:66:f1:5e:
1f:b1:cc:17:14:57:49:e4:fe:aa:31:94:2a:94:ee:
0a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:26:3F:14:11:B7:AD:30:D2:09:7C:1B:42:F5:D5:92:DA:51:0C:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gCY_FBG3rTDSCXwbQvXVktpRDKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.90.0/24
193.124.200.0/24
194.58.154.0/24
194.87.215.0/24
195.58.34.0/24
195.133.6.0/24
195.133.85.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:bd:48:b0:3a:b9:7f:16:f9:ee:f7:96:14:b8:56:f8:dd:0c:
b6:dd:4b:e5:4a:68:88:3e:77:e9:36:ba:68:43:19:ab:e1:f2:
e8:1c:79:2b:6d:66:11:f1:7a:19:bd:a0:66:c2:7a:f7:7f:36:
1c:bf:2c:5e:dd:38:0f:d3:13:d6:1f:31:ff:43:44:1a:6a:f7:
12:1b:6f:df:84:1c:69:29:ab:74:bb:d4:bb:7c:c2:1a:01:06:
33:7c:13:7a:19:20:2b:12:b2:a1:d5:ec:c9:d2:cf:7e:ea:20:
b6:6d:5e:a2:7f:f2:9c:c2:db:9d:d8:9c:8a:35:c2:38:14:70:
dc:48:33:ae:35:79:5e:57:c5:47:32:fd:43:7d:09:9d:dd:09:
24:5b:9f:76:05:8c:c6:b5:77:44:9f:57:9a:24:0c:75:fd:7a:
f6:73:16:20:80:5b:9e:d5:5c:61:c1:00:6c:c8:0b:66:3f:4b:
4c:4b:d4:e9:26:ae:02:2e:dd:51:67:d5:6e:f7:fd:04:40:17:
ca:3f:d4:2a:de:3c:16:1b:26:ad:64:6c:b3:16:c2:20:4a:2e:
ec:4b:31:1a:ff:f6:f4:03:15:ba:b4:4f:d5:be:d1:5d:c5:21:
e1:f5:b6:31:c1:6b:da:a1:eb:22:59:de:85:12:86:4e:6c:35:
d1:ea:41:a2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYz81nAMAvDD+jp4V20l3cmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEyMDg0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI2M2YxNDExYjdhZDMwZDIwOTdjMWI0MmY1ZDU5MmRhNTEwY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApThRRJVKD15w/Rpu1CrfqfWjbRoR
w6YjSiiiXuMttncVi4+ifq0cToN/DFSR4fo/xLhNk5DNyveevi70FQsubdQIqoeb
wS4ZqwUpxWG4i36gjiOpgRSjnCQ7Kw4w2oyrezR0+yPZWg7+UxcRelihfEHIRAhI
cQEVn4K041H5I+cZVdeWTu9Jxz2La93JS6JPq/BnMcztDIyitaYxTdCWntlcUcr9
A3qVSTDkOD+fItJYDo2KPR1601ZpFG8n8qhl3zcWaJ4dZQo4mnjUYX93Wr1ngDIU
IMILHglbie6GnZK0xGp1panB93PlOeVm8V4fscwXFFdJ5P6qMZQqlO4KIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIAmPxQRt60w0gl8G0L11ZLaUQyrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ0NZX0ZCRzNyVERTQ1h3YlF2WFZrdHBSREtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwHAwQA
wXxaAwQAwXzIAwQAwjqaAwQAwlfXAwQAwzoiAwQAw4UGAwQAw4VVMA0GCSqGSIb3
DQEBCwUAA4IBAQBevUiwOrl/Fvnu95YUuFb43Qy23UvlSmiIPnfpNrpoQxmr4fLo
HHkrbWYR8XoZvaBmwnr3fzYcvyxe3TgP0xPWHzH/Q0QaavcSG2/fhBxpKat0u9S7
fMIaAQYzfBN6GSArErKh1ezJ0s9+6iC2bV6if/Kcwtud2JyKNcI4FHDcSDOuNXle
V8VHMv1DfQmd3QkkW592BYzGtXdEn1eaJAx1/Xr2cxYggFue1VxhwQBsyAtmP0tM
S9TpJq4CLt1RZ9Vu9/0EQBfKP9Qq3jwWGyatZGyzFsIgSi7sSzEa//b0AxW6tE/V
vtFdxSHh9bYxwWvaoesiWd6FEoZObDXR6kGi
-----END CERTIFICATE-----
Generated at Sat Jan 13 19:48:21 2024 by rpki-client on console-ams.rpki-client.org