Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gDvCXbIAJZVKy7GG9ax-emmRI20.roa
File: gDvCXbIAJZVKy7GG9ax-emmRI20.roa (raw, json)
Hash identifier: O6VZMoCQPbyTjOQ74/pV+rtXFDy/8FGD2tJuGa3e0Ok=
Subject key identifier: 80:3B:C2:5D:B2:00:25:95:4A:CB:B1:86:F5:AC:7E:7A:69:91:23:6D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DFA999FD5DC14917D9917CD381AAEEDBC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gDvCXbIAJZVKy7GG9ax-emmRI20.roa
Signing time: Fri 01 Mar 2024 15:19:48 +0000
ROA not before: Fri 01 Mar 2024 15:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 16:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:99:9f:d5:dc:14:91:7d:99:17:cd:38:1a:ae:ed:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 1 15:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=803bc25db20025954acbb186f5ac7e7a6991236d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cd:ea:a2:3a:cb:a1:95:8d:76:96:21:d7:cf:
9e:ad:e4:fe:52:b6:4b:7c:d6:d2:43:a3:90:f5:07:
6b:a2:c4:d1:84:a5:c7:dd:2d:e4:7d:89:6b:72:68:
7b:a8:aa:92:cb:07:ec:c7:3f:8a:c0:4c:08:a9:be:
b1:c8:67:3c:67:bf:0f:8b:22:d9:d8:e3:ed:89:1e:
b6:8b:bf:05:a9:3a:11:8d:df:de:67:42:d4:31:b3:
96:d9:91:97:e0:93:0f:55:e3:9e:b6:05:ea:18:93:
5b:86:93:20:9b:2b:1e:7e:91:0b:31:92:04:b4:19:
63:c3:31:18:e6:f3:00:3e:3c:c6:b7:7c:07:28:e2:
fa:26:7a:f4:49:6a:59:0e:a1:eb:32:b8:7d:0b:ee:
c9:aa:91:5d:0e:49:df:b3:7b:70:ee:83:72:c8:3a:
2d:a3:69:a2:7f:37:20:27:71:2e:c0:00:25:fe:97:
fe:54:48:82:42:6f:0e:c6:fa:8e:d1:8a:a2:34:a9:
03:64:94:f4:a1:5a:bc:1f:44:4d:26:bc:f3:cc:07:
64:a9:61:b2:05:73:f8:17:96:66:0b:1b:72:0f:2f:
6d:55:84:40:a2:71:74:c3:9c:9f:52:48:48:6c:52:
ad:41:3d:0a:66:ac:1d:45:c8:e1:b4:df:f0:e3:38:
fe:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3B:C2:5D:B2:00:25:95:4A:CB:B1:86:F5:AC:7E:7A:69:91:23:6D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gDvCXbIAJZVKy7GG9ax-emmRI20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
193.124.7.0/24
193.124.90.0/24
193.124.203.0/24
194.87.22.0/24
194.87.32.0/24
194.87.142.0/24
194.87.169.0/24
194.87.245.0/24
195.133.6.0/24
195.133.25.0/24
195.133.72.0/24
195.133.78.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
78:01:5d:fc:0c:86:f5:e9:c1:26:23:42:ea:75:5a:10:26:ab:
28:45:e3:40:67:6d:ba:15:17:cd:19:c9:6b:9c:9d:54:af:51:
d8:28:b1:3c:60:2c:be:63:65:c6:c7:d8:bb:e4:06:fd:44:73:
ee:7a:d2:34:b1:c0:42:bc:bb:e0:67:74:b9:8d:34:be:ca:42:
33:d3:3d:c0:31:d8:eb:4a:6f:1e:8d:49:48:de:9b:55:59:52:
2a:d9:32:cd:d3:b8:4b:5b:be:25:e4:94:d3:0c:c4:3e:6f:b0:
d9:04:45:f7:1e:06:fe:66:0f:44:7d:e1:90:b3:3e:61:28:ee:
23:15:dc:f9:84:13:b2:c6:42:a7:8e:0f:19:45:8c:5d:f6:98:
dd:eb:b7:13:02:18:89:80:0c:c7:89:47:f0:29:67:09:84:1e:
c5:69:9c:45:3b:04:cb:e1:68:c9:31:92:6b:5a:e7:c7:4b:ef:
7b:a3:09:43:39:d9:7f:22:74:f3:36:10:99:ca:e0:4d:4a:1e:
e1:c1:9f:e9:fa:20:8a:f7:40:36:aa:ab:cf:73:30:08:27:1b:
18:40:84:9a:00:7f:72:76:86:f0:ab:34:35:de:c3:4c:fe:2b:
8e:23:70:de:d4:cd:a0:13:5a:17:76:13:b7:4d:cf:08:82:c7:
e1:31:70:4f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY36mZ/V3BSRfZkXzTgaru28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzAxMTUxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNiYzI1ZGIyMDAyNTk1NGFjYmIxODZmNWFjN2U3YTY5OTEyMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM3qojrLoZWNdpYh18+ereT+UrZL
fNbSQ6OQ9QdrosTRhKXH3S3kfYlrcmh7qKqSywfsxz+KwEwIqb6xyGc8Z78PiyLZ
2OPtiR62i78FqToRjd/eZ0LUMbOW2ZGX4JMPVeOetgXqGJNbhpMgmysefpELMZIE
tBljwzEY5vMAPjzGt3wHKOL6Jnr0SWpZDqHrMrh9C+7JqpFdDknfs3tw7oNyyDot
o2mifzcgJ3EuwAAl/pf+VEiCQm8OxvqO0YqiNKkDZJT0oVq8H0RNJrzzzAdkqWGy
BXP4F5ZmCxtyDy9tVYRAonF0w5yfUkhIbFKtQT0KZqwdRcjhtN/w4zj+7QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIA7wl2yACWVSsuxhvWsfnppkSNtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ0R2Q1hiSUFKWlZLeTdHRzlheC1lbW1SSTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMB8vwME
AMF8BQMEAMF8BwMEAMF8WgMEAMF8ywMEAMJXFgMEAMJXIAMEAMJXjgMEAMJXqQME
AMJX9QMEAMOFBgMEAMOFGQMEAMOFSAMEAMOFTgMEAMOFVQMEAMOFwAMEANTAAQME
ANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAeAFd/AyG9enBJiNC6nVaECarKEXjQGdt
uhUXzRnJa5ydVK9R2CixPGAsvmNlxsfYu+QG/URz7nrSNLHAQry74Gd0uY00vspC
M9M9wDHY60pvHo1JSN6bVVlSKtkyzdO4S1u+JeSU0wzEPm+w2QRF9x4G/mYPRH3h
kLM+YSjuIxXc+YQTssZCp44PGUWMXfaY3eu3EwIYiYAMx4lH8ClnCYQexWmcRTsE
y+FoyTGSa1rnx0vve6MJQznZfyJ08zYQmcrgTUoe4cGf6fogivdANqqrz3MwCCcb
GECEmgB/cnaG8Ks0Nd7DTP4rjiNw3tTNoBNaF3YTt03PCILH4TFwTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org