Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hrv7a7aQkUcZ3Czo8EoxW2xXrfY.roa
File: hrv7a7aQkUcZ3Czo8EoxW2xXrfY.roa (raw, json)
Hash identifier: pc6fQGNzNlfqJ6AqOwFtCqs19E/JZjmMCMEkzN7/llI=
Subject key identifier: 86:BB:FB:6B:B6:90:91:47:19:DC:2C:E8:F0:4A:31:5B:6C:57:AD:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191C9034F58FDF95BE6467E4E971B399DB5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hrv7a7aQkUcZ3Czo8EoxW2xXrfY.roa
Signing time: Fri 06 Sep 2024 20:25:23 +0000
ROA not before: Fri 06 Sep 2024 20:25:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 13:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c9:03:4f:58:fd:f9:5b:e6:46:7e:4e:97:1b:39:9d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 20:25:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86bbfb6bb690914719dc2ce8f04a315b6c57adf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1b:46:33:f0:81:b8:ec:ab:8a:8a:26:ec:c5:
59:ce:b7:02:49:2f:40:34:de:22:31:46:0e:dc:ad:
52:90:06:6d:f7:6b:6e:0a:16:05:9f:4b:29:c2:95:
31:ff:02:d5:66:db:eb:1e:65:ba:4b:40:b3:6e:e8:
8d:86:93:53:95:03:ac:3d:05:0e:bd:cc:27:48:3e:
5a:d0:d9:6c:6e:bb:50:1c:c0:7e:fd:3b:9e:e4:58:
d6:9d:4b:36:f7:d1:f5:af:06:4d:f2:14:69:7b:b2:
52:c5:2c:ab:49:a7:90:e5:bf:49:e2:ae:94:7c:3d:
96:06:fa:ab:f7:60:fd:bf:42:77:8a:6f:cd:2e:07:
80:59:4b:0b:8d:3a:32:de:cc:c4:5d:bb:98:8d:2c:
ff:28:99:d8:94:06:6f:24:05:4e:3b:13:ed:0e:97:
36:55:4e:b5:9a:f0:c4:73:0f:64:57:fe:be:57:cb:
5c:7f:b4:a9:b3:0f:e5:f6:9c:4a:8d:d2:d7:16:c3:
02:1c:16:e4:6b:83:a9:c5:be:9a:38:68:20:49:4b:
8e:9d:80:91:f6:25:88:68:4e:64:7a:5c:9b:c3:e3:
77:8c:e1:60:1c:df:47:88:7c:ef:00:a0:0b:cb:49:
63:5b:b4:51:7e:fa:c7:6b:b6:e7:e4:3b:f5:72:19:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BB:FB:6B:B6:90:91:47:19:DC:2C:E8:F0:4A:31:5B:6C:57:AD:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hrv7a7aQkUcZ3Czo8EoxW2xXrfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.123.0/24
194.135.104.0/24
195.133.83.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:8a:ad:90:59:b9:3f:03:5c:b3:cf:07:9a:2e:ac:bb:5b:7a:
b7:e4:9e:ad:80:ad:2f:d9:f3:2e:91:bf:e8:1f:4c:46:cc:7d:
db:93:fc:80:eb:ed:44:19:d0:23:ce:f3:32:ef:48:ce:20:08:
30:cc:d0:cd:ca:b5:b0:4a:5a:c3:a1:e0:ed:d1:d2:05:34:8e:
b4:84:f2:79:f2:93:5c:1f:af:a8:a1:ed:48:e6:19:74:f5:6c:
10:df:01:20:40:f9:0a:de:a6:79:d9:62:11:b7:9f:3d:3b:70:
df:b4:a8:a1:0c:06:48:ba:25:e2:8f:a6:6f:57:96:bb:e5:5e:
a9:af:63:4a:f0:79:2a:3d:93:86:1d:a7:df:f6:0f:bc:0f:43:
17:4f:2e:4d:d1:96:ff:0a:3c:b8:5b:4c:58:37:fe:6a:8f:75:
05:ea:af:00:8e:4a:0e:49:28:86:36:27:29:67:fe:7c:70:54:
f5:0e:3a:8c:75:5d:2c:d6:95:42:3c:e3:af:f0:ad:8c:65:ea:
f8:c3:a9:02:e1:56:7e:3d:80:7c:5c:89:d7:21:db:b2:7a:ca:
f3:5f:0c:c6:33:75:4b:a5:4e:f8:b6:5e:bc:33:02:d9:83:9a:
7b:91:68:f7:b5:a4:8d:17:f0:c3:02:8c:5a:9f:4c:51:44:7f:
b2:3b:b5:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHJA09Y/flb5kZ+TpcbOZ21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA2MjAyNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJiZmI2YmI2OTA5MTQ3MTlkYzJjZThmMDRhMzE1YjZjNTdhZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBtGM/CBuOyrioom7MVZzrcCSS9A
NN4iMUYO3K1SkAZt92tuChYFn0spwpUx/wLVZtvrHmW6S0CzbuiNhpNTlQOsPQUO
vcwnSD5a0NlsbrtQHMB+/Tue5FjWnUs299H1rwZN8hRpe7JSxSyrSaeQ5b9J4q6U
fD2WBvqr92D9v0J3im/NLgeAWUsLjToy3szEXbuYjSz/KJnYlAZvJAVOOxPtDpc2
VU61mvDEcw9kV/6+V8tcf7Spsw/l9pxKjdLXFsMCHBbka4Opxb6aOGggSUuOnYCR
9iWIaE5kelybw+N3jOFgHN9HiHzvAKALy0ljW7RRfvrHa7bn5Dv1chkFSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIa7+2u2kJFHGdws6PBKMVtsV632MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaHJ2N2E3YVFrVWNaM0N6bzhFb3hXMnhYcmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwPAwQA
wXwYAwQAwld7AwQAwodoAwQAw4VTAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQAa
iq2QWbk/A1yzzweaLqy7W3q35J6tgK0v2fMukb/oH0xGzH3bk/yA6+1EGdAjzvMy
70jOIAgwzNDNyrWwSlrDoeDt0dIFNI60hPJ58pNcH6+ooe1I5hl09WwQ3wEgQPkK
3qZ52WIRt589O3DftKihDAZIuiXij6ZvV5a75V6pr2NK8HkqPZOGHaff9g+8D0MX
Ty5N0Zb/Cjy4W0xYN/5qj3UF6q8AjkoOSSiGNicpZ/58cFT1DjqMdV0s1pVCPOOv
8K2MZer4w6kC4VZ+PYB8XInXIduyesrzXwzGM3VLpU74tl68MwLZg5p7kWj3taSN
F/DDAoxan0xRRH+yO7Wq
-----END CERTIFICATE-----
Generated at Thu Sep 26 16:12:24 2024 by rpki-client on console-fra.rpki-client.org