Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hC_5tRyCrX1NmfWv8tSSQ6cI0sE.roa
File: hC_5tRyCrX1NmfWv8tSSQ6cI0sE.roa (raw, json)
Hash identifier: uF/YysZbPU0OqPfNtLlsA5SV7MrOiMqCqq/XupwWCco=
Subject key identifier: 84:2F:F9:B5:1C:82:AD:7D:4D:99:F5:AF:F2:D4:92:43:A7:08:D2:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1FE44725847C984486C2805F36C0305A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hC_5tRyCrX1NmfWv8tSSQ6cI0sE.roa
Signing time: Wed 11 Oct 2023 17:58:55 +0000
ROA not before: Wed 11 Oct 2023 17:58:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
193.124.254.0/24 maxlen: 24
195.133.10.0/23 maxlen: 23
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 13 Oct 2023 12:54:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:e4:47:25:84:7c:98:44:86:c2:80:5f:36:c0:30:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 17:58:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=842ff9b51c82ad7d4d99f5aff2d49243a708d2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:89:64:6a:99:cb:b3:70:26:df:2e:e1:3c:95:
c7:ce:b3:df:8e:bb:57:05:2d:7d:34:e5:95:75:a6:
70:e1:29:2e:a5:00:6f:64:8d:0a:ce:fe:60:23:e0:
21:72:21:0d:bc:c1:42:7b:2f:f1:5c:6f:ef:4c:7e:
ca:5c:e2:6f:18:7e:51:81:77:d8:a6:2c:50:70:1a:
d8:ac:9d:8b:7b:67:72:ef:c7:54:4e:ca:a2:a4:2a:
df:1a:ac:e8:6e:b3:98:6f:7f:b9:1a:31:c9:5d:6a:
b7:16:ea:37:cb:90:13:f0:f7:0b:a1:b2:3e:5d:7a:
94:65:9d:82:6d:81:7c:2a:e9:18:7d:1e:33:c6:c4:
6a:e3:89:7d:ae:44:aa:b3:4f:9e:1d:83:c1:a1:bd:
0d:54:6d:77:ab:eb:a9:77:be:86:fb:62:00:c3:3e:
07:b3:4e:30:c3:7d:68:32:6e:8a:08:ba:8a:d4:fa:
a3:40:9c:d0:7b:06:ba:56:2c:f1:1c:ff:87:a2:6b:
77:35:63:e9:1f:99:5e:25:67:7d:38:83:d6:dd:7a:
f1:db:ed:d5:80:83:27:99:85:57:42:ae:2b:8d:5c:
e9:b7:11:fd:98:80:b1:ba:a8:5d:20:da:6d:fa:86:
e9:54:0b:21:ab:80:34:06:09:2a:f3:18:d4:62:85:
ca:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2F:F9:B5:1C:82:AD:7D:4D:99:F5:AF:F2:D4:92:43:A7:08:D2:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hC_5tRyCrX1NmfWv8tSSQ6cI0sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
193.124.254.0/24
194.87.118.0/23
194.135.32.0/24
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
Signature Algorithm: sha256WithRSAEncryption
63:c0:ca:40:b5:f2:14:b9:61:e9:cf:38:01:ec:14:7e:d8:33:
25:63:0d:db:df:ff:6b:13:d4:6f:ea:9c:67:b2:b9:b5:f1:3d:
d5:a3:dd:eb:ea:85:fc:68:34:12:09:23:e8:63:13:98:95:09:
c8:35:fd:44:c7:3b:c3:bc:08:12:1e:b5:8d:78:19:cb:2c:c6:
06:93:9b:a7:a0:01:8e:42:b8:6b:4b:10:bc:dd:b3:14:63:af:
ba:c1:32:c2:30:ac:fd:f9:d5:5a:12:bd:2b:bb:3e:46:89:c7:
65:8b:f0:c5:8e:be:ee:5b:78:21:5f:8d:21:df:79:d4:c8:91:
87:fc:3f:e6:35:8f:79:10:7f:25:35:29:6c:07:9d:5d:ca:fc:
8d:9c:cb:19:98:73:cb:bc:46:d7:98:ab:91:1d:2e:b2:c2:18:
ad:52:ea:f2:24:48:56:44:28:0f:15:f8:a3:09:23:b0:9e:d0:
91:29:cc:4f:b1:10:9f:c1:90:83:30:0a:29:cb:59:e5:96:7e:
d4:60:bc:9e:0e:ad:54:4f:42:be:fa:ba:1f:94:39:f6:39:0a:
7e:91:6c:49:ab:43:b4:d1:3c:37:96:60:69:09:6b:79:c4:fa:
bd:64:37:46:f8:e9:39:bb:84:89:e6:e1:53:81:a4:32:b2:53:
34:7a:33:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYsf5EclhHyYRIbCgF82wDBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTc1ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJmZjliNTFjODJhZDdkNGQ5OWY1YWZmMmQ0OTI0M2E3MDhkMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34lkapnLs3Am3y7hPJXHzrPfjrtX
BS19NOWVdaZw4SkupQBvZI0Kzv5gI+AhciENvMFCey/xXG/vTH7KXOJvGH5RgXfY
pixQcBrYrJ2Le2dy78dUTsqipCrfGqzobrOYb3+5GjHJXWq3Fuo3y5AT8PcLobI+
XXqUZZ2CbYF8KukYfR4zxsRq44l9rkSqs0+eHYPBob0NVG13q+upd76G+2IAwz4H
s04ww31oMm6KCLqK1PqjQJzQewa6VizxHP+Homt3NWPpH5leJWd9OIPW3Xrx2+3V
gIMnmYVXQq4rjVzptxH9mICxuqhdINpt+obpVAshq4A0Bgkq8xjUYoXKfQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIQv+bUcgq19TZn1r/LUkkOnCNLBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaENfNXRSeUNyWDFObWZXdjh0U1NRNmNJMHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuUgKAwQA
wXz+AwQBwld2AwQAwocgAwQBw4UKAwQBw4UaAwQBw4U0MA0GCSqGSIb3DQEBCwUA
A4IBAQBjwMpAtfIUuWHpzzgB7BR+2DMlYw3b3/9rE9Rv6pxnsrm18T3Vo93r6oX8
aDQSCSPoYxOYlQnINf1ExzvDvAgSHrWNeBnLLMYGk5unoAGOQrhrSxC83bMUY6+6
wTLCMKz9+dVaEr0ruz5Gicdli/DFjr7uW3ghX40h33nUyJGH/D/mNY95EH8lNSls
B51dyvyNnMsZmHPLvEbXmKuRHS6ywhitUuryJEhWRCgPFfijCSOwntCRKcxPsRCf
wZCDMAopy1nlln7UYLyeDq1UT0K++roflDn2OQp+kWxJq0O00Tw3lmBpCWt5xPq9
ZDdG+Ok5u4SJ5uFTgaQyslM0ejO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org