Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ii9ZXQElpMvhbPfBulSg73otFO8.roa
File: ii9ZXQElpMvhbPfBulSg73otFO8.roa (raw, json)
Hash identifier: 1eHo9pwCHzZ4J1msTrznhNBN8jZ5cNJIUkx6s2JMtMA=
Subject key identifier: 8A:2F:59:5D:01:25:A4:CB:E1:6C:F7:C1:BA:54:A0:EF:7A:2D:14:EF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB7B0C6ACD32C7CC785FD016F44F11C9A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ii9ZXQElpMvhbPfBulSg73otFO8.roa
Signing time: Fri 10 Nov 2023 05:24:57 +0000
ROA not before: Fri 10 Nov 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 05:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:b0:c6:ac:d3:2c:7c:c7:85:fd:01:6f:44:f1:1c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 10 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a2f595d0125a4cbe16cf7c1ba54a0ef7a2d14ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:67:7c:d7:46:9f:06:e4:02:8d:65:b3:11:bf:
7b:d7:7f:a5:6e:37:d9:28:da:5a:a0:1c:32:70:80:
82:69:b2:33:fe:a2:9f:9a:03:9d:5a:ee:9c:ea:5e:
e5:00:5a:d5:5d:7f:99:58:f4:fd:8b:ca:c6:fd:cb:
17:d5:60:bf:ca:26:97:b6:a4:9b:c9:c5:70:8f:52:
8d:db:65:f7:36:4c:68:6c:1e:0c:67:ea:60:ca:3c:
a9:4b:27:82:fd:c5:e9:bf:f6:a8:3d:ff:52:21:fa:
3a:30:5f:90:8e:05:56:60:87:76:58:fe:ce:e3:bf:
3b:4c:66:20:2a:6e:6d:5d:36:7b:85:36:d0:f7:b3:
5b:95:19:63:c2:aa:e6:ca:28:dd:8e:e6:dc:63:41:
3c:13:ac:a4:92:bb:48:a8:6c:ad:a5:af:e5:3b:0c:
9d:6c:24:3d:52:48:f8:f0:17:aa:47:48:b3:f9:20:
36:32:70:54:e0:5e:bd:f7:aa:48:2f:51:b6:b1:7b:
1a:94:b5:0c:39:e5:be:7c:e1:8e:80:e0:27:ae:c8:
53:0a:2f:58:ab:f1:3f:21:63:12:b6:90:fb:bb:09:
8b:cc:aa:23:ae:29:7e:a7:99:51:cb:ac:70:7c:44:
6b:c9:ad:03:35:95:50:1d:d7:a0:40:7f:54:35:ce:
98:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2F:59:5D:01:25:A4:CB:E1:6C:F7:C1:BA:54:A0:EF:7A:2D:14:EF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ii9ZXQElpMvhbPfBulSg73otFO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
195.133.38.0/23
212.192.245.0/24
212.193.1.0/24
Signature Algorithm: sha256WithRSAEncryption
48:74:26:66:83:c7:bc:4a:7c:e1:a3:1f:fb:5c:69:36:6d:3e:
f9:c4:35:90:f8:f7:21:7e:a3:1c:04:93:20:12:52:b2:f6:62:
10:71:3d:5d:cf:67:84:f9:e3:d5:3d:79:da:8d:07:52:fe:42:
b8:ba:6d:94:7e:15:cc:5e:43:52:15:fd:2d:2e:fa:68:11:fa:
1f:0b:64:f2:c5:9c:b1:fc:62:67:0f:8a:50:cf:e2:cf:43:a5:
47:78:ea:ab:6f:10:8b:02:bf:3d:4c:7d:4c:c7:4a:d5:98:b8:
6e:9b:02:43:6c:92:fa:62:81:9e:bf:04:42:5f:3f:df:d2:3a:
46:21:13:9c:c6:0d:44:0b:ec:2c:0c:bf:92:fe:53:5d:60:cc:
c9:37:df:c4:d1:db:6c:e7:cd:b6:4b:6e:98:c6:81:45:8a:ca:
34:99:e9:93:85:71:4f:06:77:f8:db:39:6d:3c:81:c5:52:b0:
4f:7a:72:7a:fb:b5:ba:3c:c0:77:a9:43:84:6a:a6:57:f9:8d:
aa:8b:75:de:af:8a:50:49:9d:81:30:88:1f:04:23:2d:35:80:
b4:00:cd:62:3a:70:5a:06:af:a9:f6:92:87:e7:2b:66:30:87:
90:32:b2:4d:13:2f:4c:4d:18:19:8a:e1:15:8e:61:e5:db:c4:
95:9b:ea:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu3sMas0yx8x4X9AW9E8RyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEwMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJmNTk1ZDAxMjVhNGNiZTE2Y2Y3YzFiYTU0YTBlZjdhMmQxNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGd810afBuQCjWWzEb9713+lbjfZ
KNpaoBwycICCabIz/qKfmgOdWu6c6l7lAFrVXX+ZWPT9i8rG/csX1WC/yiaXtqSb
ycVwj1KN22X3NkxobB4MZ+pgyjypSyeC/cXpv/aoPf9SIfo6MF+QjgVWYId2WP7O
4787TGYgKm5tXTZ7hTbQ97NblRljwqrmyijdjubcY0E8E6ykkrtIqGytpa/lOwyd
bCQ9Ukj48BeqR0iz+SA2MnBU4F6996pIL1G2sXsalLUMOeW+fOGOgOAnrshTCi9Y
q/E/IWMStpD7uwmLzKojril+p5lRy6xwfERrya0DNZVQHdegQH9UNc6YtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIovWV0BJaTL4Wz3wbpUoO96LRTvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWk5WlhRRWxwTXZoYlBmQnVsU2c3M290Rk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlX6AwQB
w4UmAwQA1MD1AwQA1MEBMA0GCSqGSIb3DQEBCwUAA4IBAQBIdCZmg8e8Snzhox/7
XGk2bT75xDWQ+PchfqMcBJMgElKy9mIQcT1dz2eE+ePVPXnajQdS/kK4um2UfhXM
XkNSFf0tLvpoEfofC2TyxZyx/GJnD4pQz+LPQ6VHeOqrbxCLAr89TH1Mx0rVmLhu
mwJDbJL6YoGevwRCXz/f0jpGIROcxg1EC+wsDL+S/lNdYMzJN9/E0dts5822S26Y
xoFFiso0memThXFPBnf42zltPIHFUrBPenJ6+7W6PMB3qUOEaqZX+Y2qi3Xer4pQ
SZ2BMIgfBCMtNYC0AM1iOnBaBq+p9pKH5ytmMIeQMrJNEy9MTRgZiuEVjmHl28SV
m+rH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org