Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gKkF8Aah6S1I-rqv1e6msONF7LY.roa
File: gKkF8Aah6S1I-rqv1e6msONF7LY.roa (raw, json)
Hash identifier: +N02cY/oCMamSENNnLj3uAg7xDhr49mhJjpTpa06a48=
Subject key identifier: 80:A9:05:F0:06:A1:E9:2D:48:FA:BA:AF:D5:EE:A6:B0:E3:45:EC:B6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C637206FA1A31A5876A60060D3F749FA3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gKkF8Aah6S1I-rqv1e6msONF7LY.roa
Signing time: Wed 13 Dec 2023 13:51:06 +0000
ROA not before: Wed 13 Dec 2023 13:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 15:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:72:06:fa:1a:31:a5:87:6a:60:06:0d:3f:74:9f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 13:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a905f006a1e92d48fabaafd5eea6b0e345ecb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:11:c7:22:43:41:f7:dd:6c:47:11:dc:e7:b2:
50:66:c8:ce:c8:c6:f0:20:24:0f:c3:74:c3:8e:a0:
02:38:30:24:69:41:dd:14:d4:18:89:ae:ce:cc:18:
4e:43:0d:97:86:d2:53:f1:fe:4e:1d:8e:09:92:a7:
6f:f5:0a:22:6a:37:36:a8:cb:d5:68:01:ee:5b:d5:
b9:be:2c:36:e0:c8:a3:fe:2f:c7:a4:e5:9e:33:eb:
16:ec:6d:65:69:47:f1:29:16:bd:5c:1c:ec:84:a6:
dd:2d:b6:51:89:4b:fa:32:a7:ff:7d:97:36:3b:68:
20:c9:87:b6:22:42:ef:4f:43:06:a2:c3:28:8d:11:
45:f3:dc:39:e5:51:7e:c7:b3:a2:8e:1f:92:b3:2c:
3f:e5:e3:d7:fc:b0:a1:ce:48:47:e1:89:55:23:d1:
98:54:dc:a3:de:d3:34:6f:44:dc:24:0f:63:f3:66:
f1:a8:74:1b:59:45:eb:d0:95:d6:18:ea:95:57:ab:
03:45:73:c9:08:6b:39:dd:b8:41:5b:21:d3:54:8e:
69:eb:59:8e:13:b2:cb:3e:55:18:58:3a:7d:f0:77:
e2:a0:42:9a:62:d0:55:be:7b:35:ef:0b:a6:89:c0:
59:9f:86:0b:9e:59:0c:93:f7:f1:ae:a5:02:86:38:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:05:F0:06:A1:E9:2D:48:FA:BA:AF:D5:EE:A6:B0:E3:45:EC:B6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gKkF8Aah6S1I-rqv1e6msONF7LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.200.0/24
194.87.190.0/24
212.192.217.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:61:2b:2c:fa:5c:b6:38:ef:9a:04:7e:c7:bb:bf:2a:cd:37:
d9:30:00:49:81:43:da:7f:4b:70:2d:a9:cb:90:f2:51:4e:08:
f9:e8:b4:15:23:9a:4b:b7:84:d7:fd:bc:34:b3:9e:71:9b:84:
55:c5:6a:28:4a:a1:05:d4:e2:63:f4:1b:d7:64:8c:f5:aa:5e:
f4:65:9c:9c:1d:19:6b:42:41:90:bb:cd:9b:8c:a6:44:77:5e:
c7:97:d7:67:ce:4d:92:fc:db:33:5d:e9:ce:77:24:0e:6a:ae:
38:64:a5:bf:db:cd:eb:d7:62:01:7f:19:93:37:9b:6e:cb:f0:
e1:0d:22:dd:0a:0f:b0:54:f8:13:3f:4e:74:68:4e:91:93:60:
d8:2d:d1:b7:e1:6a:10:45:8b:99:20:b6:fd:10:ba:e2:e8:d5:
da:d3:a2:56:23:8d:bf:f3:e8:a9:f7:a3:db:0e:cc:a2:94:2b:
7c:80:f4:9a:be:b8:52:b2:f5:ad:a3:a8:72:c9:fd:bf:50:95:
0e:a5:b9:26:b5:01:8e:8f:47:44:df:a3:dc:26:4b:b2:1b:6b:
9e:58:2c:20:ea:1d:62:5b:07:eb:20:44:94:28:62:01:cc:fd:
00:ca:d8:e7:04:42:7f:3a:e9:2f:ad:66:37:bf:1b:59:65:8b:
db:28:08:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxjcgb6GjGlh2pgBg0/dJ+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjEzMTM1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE5MDVmMDA2YTFlOTJkNDhmYWJhYWZkNWVlYTZiMGUzNDVlY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRHHIkNB991sRxHc57JQZsjOyMbw
ICQPw3TDjqACODAkaUHdFNQYia7OzBhOQw2XhtJT8f5OHY4Jkqdv9Qoiajc2qMvV
aAHuW9W5viw24Mij/i/HpOWeM+sW7G1laUfxKRa9XBzshKbdLbZRiUv6Mqf/fZc2
O2ggyYe2IkLvT0MGosMojRFF89w55VF+x7Oijh+Ssyw/5ePX/LChzkhH4YlVI9GY
VNyj3tM0b0TcJA9j82bxqHQbWUXr0JXWGOqVV6sDRXPJCGs53bhBWyHTVI5p61mO
E7LLPlUYWDp98HfioEKaYtBVvns17wumicBZn4YLnlkMk/fxrqUChjhxKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFICpBfAGoektSPq6r9XuprDjRey2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ0trRjhBYWg2UzFJLXJxdjFlNm1zT05GN0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwHAwQA
wXzIAwQAwle+AwQA1MDZMA0GCSqGSIb3DQEBCwUAA4IBAQCPYSss+ly2OO+aBH7H
u78qzTfZMABJgUPaf0twLanLkPJRTgj56LQVI5pLt4TX/bw0s55xm4RVxWooSqEF
1OJj9BvXZIz1ql70ZZycHRlrQkGQu82bjKZEd17Hl9dnzk2S/NszXenOdyQOaq44
ZKW/283r12IBfxmTN5tuy/DhDSLdCg+wVPgTP050aE6Rk2DYLdG34WoQRYuZILb9
ELri6NXa06JWI42/8+ip96PbDsyilCt8gPSavrhSsvWto6hyyf2/UJUOpbkmtQGO
j0dE36PcJkuyG2ueWCwg6h1iWwfrIESUKGIBzP0AytjnBEJ/OukvrWY3vxtZZYvb
KAic
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org