Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ivlAL60kPgG_ZuxbIhmTl2pUAtk.roa
File: ivlAL60kPgG_ZuxbIhmTl2pUAtk.roa (raw, json)
Hash identifier: avhu3lMDyZ5GAqP55MD9AMeJja6EHcgMFMuyYaA5CCY=
Subject key identifier: 8A:F9:40:2F:AD:24:3E:01:BF:66:EC:5B:22:19:93:97:6A:54:02:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01910CF05DF24E8D7D68CC06316027217014
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ivlAL60kPgG_ZuxbIhmTl2pUAtk.roa
Signing time: Thu 01 Aug 2024 07:56:04 +0000
ROA not before: Thu 01 Aug 2024 07:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 193.124.17.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.58.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 10:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0c:f0:5d:f2:4e:8d:7d:68:cc:06:31:60:27:21:70:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 1 07:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8af9402fad243e01bf66ec5b221993976a5402d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:be:92:0a:39:f2:cc:b1:88:65:84:90:26:69:
51:a3:e0:77:47:c8:84:9d:d4:2c:22:0e:2d:f6:2e:
a5:97:30:d8:ca:21:9b:e2:e2:da:7f:74:ed:f9:0e:
a5:94:3e:8c:38:56:c8:d8:42:23:99:0a:6f:ee:03:
49:dc:b0:91:ef:a1:79:6b:70:61:f7:46:f8:5c:34:
ed:f1:e2:61:a3:1b:8c:38:82:2d:2c:5e:c1:cb:74:
bf:87:e1:13:9f:4b:27:df:6e:45:49:35:d2:5b:46:
ce:21:ad:56:4a:b7:09:a4:e3:44:6d:ab:59:7e:54:
24:ad:38:9b:57:d5:ae:e2:95:a1:3c:86:14:9d:b9:
06:15:d0:76:1c:0b:a9:17:41:2c:b4:4d:01:6a:1f:
56:06:d8:10:b2:09:76:b6:7d:d2:47:e6:ae:4f:e3:
ca:64:c5:a5:2a:06:3e:04:f9:9b:aa:11:fc:23:e1:
d5:2b:fc:fe:7d:96:19:c2:61:37:c7:c9:ee:0e:11:
5f:4e:4d:c0:7b:21:5c:6b:28:92:4f:40:4d:a0:a3:
70:fa:7c:93:e0:8f:61:8e:a5:ed:48:b2:f0:7b:db:
08:98:94:03:ab:be:bc:ae:05:bc:b6:f5:b5:7f:5c:
c7:82:ca:d6:c0:2a:55:0d:30:1d:6f:ef:71:f5:75:
c8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F9:40:2F:AD:24:3E:01:BF:66:EC:5B:22:19:93:97:6A:54:02:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ivlAL60kPgG_ZuxbIhmTl2pUAtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.17.0/24
193.124.204.0/24
194.58.56.0/24
194.58.154.0/23
194.87.1.0/24
194.87.51.0/24
194.87.122.0/24
194.87.128.0/24
194.87.179.0/24
Signature Algorithm: sha256WithRSAEncryption
22:56:76:33:9d:44:d2:fc:47:5c:86:0e:ad:9a:e7:4b:8f:9a:
a0:0f:89:2f:17:16:a4:0e:7b:fe:c3:39:2f:36:6b:36:90:78:
1e:73:23:3a:ba:c5:6d:e3:de:8e:54:0f:5b:4d:66:18:cb:cc:
ee:fc:6f:5b:c4:d0:42:4e:1f:22:b2:ee:83:53:43:f4:8d:29:
a6:03:0b:06:09:a8:69:25:5f:20:b3:e7:58:c1:2f:3a:e7:db:
b3:1f:3e:8a:f5:01:97:e2:7d:64:67:34:97:5e:45:c7:f3:b4:
ee:93:fc:ca:09:1f:0a:32:48:dd:ac:ad:1f:93:98:09:38:85:
33:ee:ff:d3:7d:76:07:3c:f7:c0:b4:d8:a3:4e:58:b1:83:9c:
1c:5e:09:7a:f1:85:8c:79:f9:c7:f7:d1:36:38:31:d8:c3:a1:
96:4e:63:01:93:87:cd:51:8e:0e:ee:6b:17:11:22:13:c3:d5:
2d:95:38:ba:84:e6:e8:c5:64:d3:14:d9:9f:8f:68:0b:d0:e3:
cd:00:43:0f:77:02:5c:c0:1f:f9:26:e8:66:f1:6e:e5:a9:88:
1f:53:d2:5e:31:98:6a:8c:0f:ce:21:6c:dd:61:7b:43:49:c9:
df:ee:9b:63:eb:3d:ba:79:40:ec:35:37:4a:fd:cb:0b:52:e6:
c6:1c:43:c7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZEM8F3yTo19aMwGMWAnIXAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODAxMDc1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY5NDAyZmFkMjQzZTAxYmY2NmVjNWIyMjE5OTM5NzZhNTQwMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b6SCjnyzLGIZYSQJmlRo+B3R8iE
ndQsIg4t9i6llzDYyiGb4uLaf3Tt+Q6llD6MOFbI2EIjmQpv7gNJ3LCR76F5a3Bh
90b4XDTt8eJhoxuMOIItLF7By3S/h+ETn0sn325FSTXSW0bOIa1WSrcJpONEbatZ
flQkrTibV9Wu4pWhPIYUnbkGFdB2HAupF0EstE0Bah9WBtgQsgl2tn3SR+auT+PK
ZMWlKgY+BPmbqhH8I+HVK/z+fZYZwmE3x8nuDhFfTk3AeyFcayiST0BNoKNw+nyT
4I9hjqXtSLLwe9sImJQDq768rgW8tvW1f1zHgsrWwCpVDTAdb+9x9XXILQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIr5QC+tJD4Bv2bsWyIZk5dqVALZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaXZsQUw2MGtQZ0dfWnV4YklobVRsMnBVQXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwRAwQA
wXzMAwQAwjo4AwQBwjqaAwQAwlcBAwQAwlczAwQAwld6AwQAwleAAwQAwlezMA0G
CSqGSIb3DQEBCwUAA4IBAQAiVnYznUTS/Edchg6tmudLj5qgD4kvFxakDnv+wzkv
Nms2kHgecyM6usVt496OVA9bTWYYy8zu/G9bxNBCTh8isu6DU0P0jSmmAwsGCahp
JV8gs+dYwS8659uzHz6K9QGX4n1kZzSXXkXH87Tuk/zKCR8KMkjdrK0fk5gJOIUz
7v/TfXYHPPfAtNijTlixg5wcXgl68YWMefnH99E2ODHYw6GWTmMBk4fNUY4O7msX
ESITw9UtlTi6hOboxWTTFNmfj2gL0OPNAEMPdwJcwB/5Juhm8W7lqYgfU9JeMZhq
jA/OIWzdYXtDScnf7ptj6z26eUDsNTdK/csLUubGHEPH
-----END CERTIFICATE-----
Generated at Sat Aug 3 13:12:29 2024 by rpki-client on console-ams.rpki-client.org