Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcm9ZzsVT3vcZmt9RyQ3xrU8PSA.roa
File: gcm9ZzsVT3vcZmt9RyQ3xrU8PSA.roa (raw, json)
Hash identifier: Pq2cXMu0EKAbSFE8VvIDTGPIg7zREFSvG+2bAdxXCQk=
Subject key identifier: 81:C9:BD:67:3B:15:4F:7B:DC:66:6B:7D:47:24:37:C6:B5:3C:3D:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018620CFB97F34DA053E51941A0207023FDC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcm9ZzsVT3vcZmt9RyQ3xrU8PSA.roa
Signing time: Sun 05 Feb 2023 09:02:09 +0000
ROA not before: Sun 05 Feb 2023 09:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.255.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Feb 2023 14:42:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:20:cf:b9:7f:34:da:05:3e:51:94:1a:02:07:02:3f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 09:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81c9bd673b154f7bdc666b7d472437c6b53c3d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ba:4b:26:0d:dc:8a:e2:2c:51:73:ab:c3:87:
6f:24:45:55:82:9e:6b:04:78:e7:9e:cd:27:e2:17:
20:8d:e9:af:8a:4f:1d:a0:e7:d4:36:3f:b1:46:cd:
c2:79:df:6f:1c:9b:d0:f4:a6:78:12:35:22:e1:50:
3e:d6:ca:78:04:09:6e:5b:5f:a4:76:5f:78:71:31:
6b:42:ba:0a:4a:bb:60:8b:04:6c:83:77:db:b7:09:
a0:00:31:93:fc:a0:cd:3b:6e:f5:4f:43:75:8a:95:
0c:39:c6:48:af:a5:3a:02:7b:f9:de:e7:21:f4:e3:
d0:63:8c:04:c2:9c:c8:18:59:df:cf:a5:29:ac:3d:
d0:35:ff:f7:a1:31:dd:91:7f:50:38:79:0c:81:2f:
1b:11:e0:f7:5b:67:00:99:c4:ee:8f:a5:b2:89:9a:
43:59:82:9e:1d:a1:02:2c:bc:80:26:eb:32:bd:05:
d4:cf:20:90:ae:82:5c:f5:ce:8a:f7:3c:42:fc:60:
c1:86:85:35:97:50:a7:e7:90:bc:b1:a6:59:ec:34:
b8:5e:ce:49:e5:fe:72:af:93:05:8e:e9:16:f2:7c:
ee:5c:4d:15:fa:54:20:69:4f:31:3d:03:33:b8:59:
26:6b:be:53:a7:ca:25:9b:4c:67:a6:31:53:fa:0a:
9f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C9:BD:67:3B:15:4F:7B:DC:66:6B:7D:47:24:37:C6:B5:3C:3D:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcm9ZzsVT3vcZmt9RyQ3xrU8PSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.58.154.0/24
194.87.180.0/24
194.87.255.0/24
212.193.5.0/24
212.193.9.0/24
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:14:3f:43:e9:00:b9:b0:cd:2e:4e:e0:e1:b9:1c:2e:7f:08:
af:75:d8:40:31:55:f5:b6:c1:bc:bf:9f:d7:d4:14:68:9d:70:
91:71:51:88:f3:92:c5:8d:5d:dc:1e:c9:85:80:13:88:c2:c6:
89:5e:52:81:5f:2f:e8:b1:2f:99:40:45:b5:82:b3:dd:89:c3:
9f:5b:9e:c7:76:ac:d0:d7:73:40:2f:09:4e:b7:d6:8d:a9:0a:
5a:06:1e:c0:59:99:1c:ff:5e:d4:b3:e4:be:92:20:1e:77:16:
9f:a2:b6:24:25:05:6d:85:ee:32:b7:93:6b:8d:e8:48:b3:ad:
d2:3a:38:28:de:33:7b:aa:b6:8b:04:d7:98:0c:3c:31:d5:f7:
2d:07:11:55:52:d6:f0:e6:2c:78:43:ee:54:ab:90:0f:7d:0c:
b5:dc:eb:84:d7:13:40:8c:c7:53:17:be:4d:a3:e8:4c:48:f8:
68:3a:e9:40:9b:09:df:89:64:8f:df:7d:2a:2c:b2:bd:5f:35:
26:0f:5b:d1:a2:ec:e6:26:40:bf:4c:96:41:4e:58:76:d2:9d:
d7:23:39:73:7c:5c:a4:47:cf:67:d2:a0:da:f0:51:65:fe:94:
49:99:92:e4:99:99:37:88:a6:cb:a5:c1:5c:2b:36:0e:de:b8:
3d:aa:2b:2d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYgz7l/NNoFPlGUGgIHAj/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA1MDkwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM5YmQ2NzNiMTU0ZjdiZGM2NjZiN2Q0NzI0MzdjNmI1M2MzZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LpLJg3ciuIsUXOrw4dvJEVVgp5r
BHjnns0n4hcgjemvik8doOfUNj+xRs3Ced9vHJvQ9KZ4EjUi4VA+1sp4BAluW1+k
dl94cTFrQroKSrtgiwRsg3fbtwmgADGT/KDNO271T0N1ipUMOcZIr6U6Anv53uch
9OPQY4wEwpzIGFnfz6UprD3QNf/3oTHdkX9QOHkMgS8bEeD3W2cAmcTuj6WyiZpD
WYKeHaECLLyAJusyvQXUzyCQroJc9c6K9zxC/GDBhoU1l1Cn55C8saZZ7DS4Xs5J
5f5yr5MFjukW8nzuXE0V+lQgaU8xPQMzuFkma75Tp8olm0xnpjFT+gqfpQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIHJvWc7FU973GZrfUckN8a1PD0gMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ2NtOVp6c1ZUM3ZjWm10OVJ5UTN4clU4UFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwjo9AwQA
wjqaAwQAwle0AwQAwlf/AwQA1MEFAwQA1MEJAwQA1MELMA0GCSqGSIb3DQEBCwUA
A4IBAQAOFD9D6QC5sM0uTuDhuRwufwivddhAMVX1tsG8v5/X1BRonXCRcVGI85LF
jV3cHsmFgBOIwsaJXlKBXy/osS+ZQEW1grPdicOfW57HdqzQ13NALwlOt9aNqQpa
Bh7AWZkc/17Us+S+kiAedxaforYkJQVthe4yt5NrjehIs63SOjgo3jN7qraLBNeY
DDwx1fctBxFVUtbw5ix4Q+5Uq5APfQy13OuE1xNAjMdTF75No+hMSPhoOulAmwnf
iWSP330qLLK9XzUmD1vRouzmJkC/TJZBTlh20p3XIzlzfFykR89n0qDa8FFl/pRJ
mZLkmZk3iKbLpcFcKzYO3rg9qist
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org