Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iZzp0tOXqltNvF29Ug-EfocWCKU.roa
File: iZzp0tOXqltNvF29Ug-EfocWCKU.roa (raw, json)
Hash identifier: ef1/UcU3lsFwQwy9FAF3+Adeslkzq2+HKozEPANzLkE=
Subject key identifier: 89:9C:E9:D2:D3:97:AA:5B:4D:BC:5D:BD:52:0F:84:7E:87:16:08:A5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01930B5C0B6F16F3B753489ADDA6698702DA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iZzp0tOXqltNvF29Ug-EfocWCKU.roa
Signing time: Fri 08 Nov 2024 10:40:01 +0000
ROA not before: Fri 08 Nov 2024 10:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 08 Nov 2024 14:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:5c:0b:6f:16:f3:b7:53:48:9a:dd:a6:69:87:02:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 10:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=899ce9d2d397aa5b4dbc5dbd520f847e871608a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5f:14:1e:36:29:e6:70:fd:22:3f:5a:d6:34:
23:de:e7:23:e3:4e:8b:6b:8d:3d:08:31:d4:ca:36:
5a:f8:20:69:57:e1:79:8e:5b:46:f4:2d:2d:b9:0e:
12:a1:43:96:67:cf:cc:c4:91:c9:ec:c8:65:51:73:
f9:8a:de:eb:db:45:86:81:d1:cd:dc:ce:02:43:3c:
87:80:8c:57:90:1d:a6:84:ff:82:31:6b:18:c7:94:
f0:da:94:d2:d2:3a:02:1a:91:65:5c:7f:f1:2e:55:
4f:06:a2:08:58:02:99:69:28:bd:85:77:1b:c1:52:
af:41:9b:71:bb:99:c7:13:ee:85:38:d7:48:7a:84:
b4:43:f4:81:b9:70:81:f9:9c:a9:b8:cb:4a:d6:bf:
77:59:71:02:ba:65:50:9a:9b:c9:12:e9:50:c3:3e:
ab:d1:2c:bc:70:a5:86:72:e7:8a:d2:a0:a6:3b:75:
9e:aa:02:c9:06:51:79:8c:bb:c5:5a:75:68:31:dc:
4b:db:db:24:21:7f:53:a3:96:cd:2a:22:5e:46:15:
b7:31:26:f5:8f:93:6d:6d:c5:89:1d:dd:f8:46:50:
49:4c:71:3e:2e:f8:5d:07:63:79:07:a7:b1:8c:ed:
ba:92:78:c8:83:fe:9e:63:57:6b:32:a6:23:f0:e9:
09:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9C:E9:D2:D3:97:AA:5B:4D:BC:5D:BD:52:0F:84:7E:87:16:08:A5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iZzp0tOXqltNvF29Ug-EfocWCKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.108.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
22:e5:79:5f:94:6a:7c:c1:18:4b:2f:ec:f1:c4:c8:74:27:07:
30:0b:a4:93:68:a5:3d:41:65:11:b3:34:a8:48:42:c9:0a:a9:
ab:7f:92:59:f7:63:32:ef:3b:db:cd:42:93:b4:0b:c9:b5:b1:
55:74:c3:fc:59:b2:51:cb:26:6e:a9:ca:1d:c6:b3:99:2a:4f:
7f:52:b9:5e:f0:5a:01:38:76:2c:61:c6:69:1e:2a:c7:3c:f2:
2c:79:06:83:29:5a:ab:c1:62:52:41:57:a3:f1:9a:d5:c3:81:
67:c4:b1:e3:0d:77:9a:ca:86:a1:96:a1:a0:6a:be:c3:26:35:
7a:67:6e:c1:41:11:77:48:ec:a8:47:8d:6f:d6:79:4c:84:29:
99:10:80:c7:13:cb:4c:92:6c:45:b9:19:01:ef:5a:06:93:95:
16:b4:11:f5:ab:2c:1c:7a:7f:cc:5f:25:d1:00:fe:89:2e:63:
7c:d5:54:36:c2:18:76:3f:23:dd:ec:29:8c:ed:a0:d5:92:ce:
3a:9a:9c:38:d1:87:5c:a1:ee:23:c3:4f:9e:30:fc:71:3a:aa:
b9:a5:d3:2d:b6:0d:02:92:6f:33:57:d4:21:4a:7a:b8:39:1e:
88:45:74:8d:0d:ff:60:aa:ee:91:f0:13:79:ca:92:ec:55:ef:
cf:55:29:35
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZMLXAtvFvO3U0ia3aZphwLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA4MTA0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTljZTlkMmQzOTdhYTViNGRiYzVkYmQ1MjBmODQ3ZTg3MTYwOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF8UHjYp5nD9Ij9a1jQj3ucj406L
a409CDHUyjZa+CBpV+F5jltG9C0tuQ4SoUOWZ8/MxJHJ7MhlUXP5it7r20WGgdHN
3M4CQzyHgIxXkB2mhP+CMWsYx5Tw2pTS0joCGpFlXH/xLlVPBqIIWAKZaSi9hXcb
wVKvQZtxu5nHE+6FONdIeoS0Q/SBuXCB+ZypuMtK1r93WXECumVQmpvJEulQwz6r
0Sy8cKWGcueK0qCmO3WeqgLJBlF5jLvFWnVoMdxL29skIX9To5bNKiJeRhW3MSb1
j5NtbcWJHd34RlBJTHE+LvhdB2N5B6exjO26knjIg/6eY1drMqYj8OkJpQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFImc6dLTl6pbTbxdvVIPhH6HFgilMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVp6cDB0T1hxbHROdkYyOVVnLUVmb2NXQ0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAMB8tAME
AMI6mwMEAMJV+wMEAMJXEQMEAMJXbAMEAMJXqQMEAMJXsgMEAMJX4AMEAMKHIQME
AcOFGAMEAcOFKAMEAcOFMgMEAcOFXAMEANTAAQMEAdTBGjAUBAIAAjAOAwUDKgFX
wAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBACLleV+UanzBGEsv7PHEyHQnBzAL
pJNopT1BZRGzNKhIQskKqat/kln3YzLvO9vNQpO0C8m1sVV0w/xZslHLJm6pyh3G
s5kqT39SuV7wWgE4dixhxmkeKsc88ix5BoMpWqvBYlJBV6PxmtXDgWfEseMNd5rK
hqGWoaBqvsMmNXpnbsFBEXdI7KhHjW/WeUyEKZkQgMcTy0ySbEW5GQHvWgaTlRa0
EfWrLBx6f8xfJdEA/okuY3zVVDbCGHY/I93sKYztoNWSzjqanDjRh1yh7iPDT54w
/HE6qrml0y22DQKSbzNX1CFKerg5HohFdI0N/2Cq7pHwE3nKkuxV789VKTU=
-----END CERTIFICATE-----
Generated at Fri Nov 8 18:02:44 2024 by rpki-client on console-fra.rpki-client.org