Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jX4K6weXDWE8eeYRL1M06Bpbmdk.roa
File: jX4K6weXDWE8eeYRL1M06Bpbmdk.roa (raw, json)
Hash identifier: 8weXRWOBBC5hbyZEArMP4TnHp0yjjpvfxJcmJShgD7w=
Subject key identifier: 8D:7E:0A:EB:07:97:0D:61:3C:79:E6:11:2F:53:34:E8:1A:5B:99:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D77D7A09C909D830C70B550AC0391DE74
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jX4K6weXDWE8eeYRL1M06Bpbmdk.roa
Signing time: Mon 05 Feb 2024 05:57:16 +0000
ROA not before: Mon 05 Feb 2024 05:57:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 06:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:d7:a0:9c:90:9d:83:0c:70:b5:50:ac:03:91:de:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 05:57:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d7e0aeb07970d613c79e6112f5334e81a5b99d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:28:94:d0:c1:36:9d:3d:f1:31:17:77:ee:
f4:b1:6a:2f:d3:49:95:08:c9:f2:53:94:fb:ad:61:
03:32:52:85:6f:13:84:bc:cd:5e:e2:b0:94:48:6c:
80:9e:c7:9c:07:af:59:8d:d0:ac:ef:d3:fe:c2:a6:
15:81:0c:e2:5c:f6:fd:b3:32:d4:76:a3:49:89:3d:
0b:d5:33:ac:ea:fd:27:62:cc:79:86:f4:20:b7:bd:
2a:9a:da:00:91:cc:81:55:4d:00:bd:34:cf:93:b5:
23:7b:02:18:4b:4d:2a:69:dd:ff:1c:32:2a:e6:00:
40:44:15:d6:90:0e:df:a7:7f:07:4b:b1:a1:81:21:
5d:c4:ab:62:ac:2a:9b:eb:9c:53:db:66:98:c8:78:
90:e1:21:0a:be:bd:d7:c5:8d:d7:8d:2c:c5:18:a1:
99:b9:a2:75:b2:43:e3:63:e8:75:66:91:58:99:30:
ca:7f:d1:23:b7:5d:c3:bb:4d:4b:a4:a2:91:b0:89:
f5:9e:f5:42:e3:95:36:89:fa:9f:13:b3:6e:9c:f8:
22:43:5b:63:92:a8:36:2f:cb:f3:5b:fa:06:64:48:
b8:27:4d:d5:70:21:da:3c:aa:3a:8b:f2:62:00:39:
a6:b9:dd:f6:a0:07:f8:0a:df:ff:ce:b4:02:5f:15:
32:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7E:0A:EB:07:97:0D:61:3C:79:E6:11:2F:53:34:E8:1A:5B:99:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jX4K6weXDWE8eeYRL1M06Bpbmdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
193.124.7.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
193.124.207.0/24
194.58.42.0/24
194.87.22.0/24
194.87.26.0/24
194.87.32.0/24
194.87.81.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.201.0/24
194.135.18.0/24
195.58.54.0/24
195.58.60.0/24
195.133.2.0/24
195.133.25.0/24
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
44:50:1b:ab:49:32:24:65:cf:c6:f3:74:5e:0e:1f:2e:ea:44:
71:ee:a8:06:28:3a:ea:ce:bb:57:35:d0:f7:f3:97:22:04:79:
1f:a0:7d:e4:60:4c:ed:99:e5:43:6e:23:21:0c:de:32:8f:83:
f3:b9:e7:6a:7a:f6:96:ca:2f:5a:e1:70:f8:19:5d:2d:69:ac:
55:46:e6:14:fa:27:40:6d:8c:7c:84:9a:54:e1:3a:5f:e7:94:
c5:ce:67:72:1d:c5:fd:ef:93:fa:14:d2:93:2a:5c:f8:70:51:
b1:73:2a:dd:45:ff:f0:9b:97:65:ec:0a:4d:e5:5a:a3:6f:e7:
82:d7:7d:b2:69:68:50:5a:99:d8:1e:13:f4:87:3e:93:c1:8d:
b9:39:ac:bb:1c:be:4b:eb:f9:ab:2b:5f:fd:89:bc:88:fa:60:
f7:7b:13:e8:a2:e7:ec:2f:90:96:33:fd:65:89:3c:15:90:e4:
9b:bf:41:06:86:a0:69:0e:f9:fa:b7:e5:03:52:72:d4:74:e6:
a1:3e:81:dd:06:bc:6c:90:d2:5d:9a:32:fd:8f:d1:c4:83:92:
61:a0:31:d5:cf:08:7c:3b:85:38:c6:3d:a8:aa:39:10:20:0d:
6b:42:9e:99:64:98:62:c7:07:f8:57:f7:4c:76:ae:21:43:09:
de:13:37:34
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAY1316CckJ2DDHC1UKwDkd50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDU1NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdlMGFlYjA3OTcwZDYxM2M3OWU2MTEyZjUzMzRlODFhNWI5OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH0olNDBNp098TEXd+70sWov00mV
CMnyU5T7rWEDMlKFbxOEvM1e4rCUSGyAnsecB69ZjdCs79P+wqYVgQziXPb9szLU
dqNJiT0L1TOs6v0nYsx5hvQgt70qmtoAkcyBVU0AvTTPk7UjewIYS00qad3/HDIq
5gBARBXWkA7fp38HS7GhgSFdxKtirCqb65xT22aYyHiQ4SEKvr3XxY3XjSzFGKGZ
uaJ1skPjY+h1ZpFYmTDKf9Ejt13Du01LpKKRsIn1nvVC45U2ifqfE7NunPgiQ1tj
kqg2L8vzW/oGZEi4J03VcCHaPKo6i/JiADmmud32oAf4Ct//zrQCXxUyUwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFI1+CusHlw1hPHnmES9TNOgaW5nZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvalg0SzZ3ZVhEV0U4ZWVZUkwxTTA2QnBibWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBADB
fAUDBADBfAcDBADBfF8DBADBfMgDBADBfMoDBADBfM8DBADCOioDBADCVxYDBADC
VxoDBADCVyADBADCV1EDBADCV5UDBADCV6oDBADCV6wDBADCV8kDBADChxIDBADD
OjYDBADDOjwDBADDhQIDBADDhRkDBADDhUgDBADDhVUDBADDhcADBADUwAEDBADU
wQ0wDQYJKoZIhvcNAQELBQADggEBAERQG6tJMiRlz8bzdF4OHy7qRHHuqAYoOurO
u1c10PfzlyIEeR+gfeRgTO2Z5UNuIyEM3jKPg/O552p69pbKL1rhcPgZXS1prFVG
5hT6J0BtjHyEmlThOl/nlMXOZ3Idxf3vk/oU0pMqXPhwUbFzKt1F//Cbl2XsCk3l
WqNv54LXfbJpaFBamdgeE/SHPpPBjbk5rLscvkvr+asrX/2JvIj6YPd7E+ii5+wv
kJYz/WWJPBWQ5Ju/QQaGoGkO+fq35QNSctR05qE+gd0GvGyQ0l2aMv2P0cSDkmGg
MdXPCHw7hTjGPaiqORAgDWtCnplkmGLHB/hX90x2riFDCd4TNzQ=
-----END CERTIFICATE-----
Generated at Mon Feb 5 09:15:29 2024 by rpki-client on console-fra.rpki-client.org