Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvLFwqhgi6UJk7JABsFCL-L5HR0.roa
File: jvLFwqhgi6UJk7JABsFCL-L5HR0.roa (raw, json)
Hash identifier: RzVFmbag2ZvQLeb8SM6sjr1uclpEAryJRjHr2/lKn/U=
Subject key identifier: 8E:F2:C5:C2:A8:60:8B:A5:09:93:B2:40:06:C1:42:2F:E2:F9:1D:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F670AE23F14CCF644C7F04A107E6D42
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvLFwqhgi6UJk7JABsFCL-L5HR0.roa
Signing time: Sun 01 Jan 2023 22:15:01 +0000
ROA not before: Sun 01 Jan 2023 22:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206216
IP address blocks: 212.192.210.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
212.193.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 04:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:0a:e2:3f:14:cc:f6:44:c7:f0:4a:10:7e:6d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ef2c5c2a8608ba50993b24006c1422fe2f91d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:00:87:ab:e7:b4:0d:68:d2:46:b6:9c:c9:
2b:a4:f9:65:c1:0f:87:78:cb:aa:60:5a:5d:34:9f:
00:1e:1b:7a:10:14:7f:ee:c2:4f:b0:ff:6b:49:35:
0b:93:ff:f0:41:d8:38:db:b0:dc:2b:d3:84:d1:3f:
c7:c5:25:77:22:b0:2d:db:67:10:dd:0e:49:f3:27:
51:66:98:b9:73:a8:79:b0:3f:df:22:98:00:90:25:
bd:2f:34:20:c5:5b:e8:76:ad:c2:52:2b:4f:1f:ee:
b4:19:0a:0e:89:bf:01:54:d0:7b:1e:de:44:b6:63:
aa:bd:2e:a8:ea:73:e8:65:bc:bf:2b:6b:e6:c7:d9:
98:4d:3b:74:38:17:25:b2:75:57:c3:b4:f3:6a:ca:
70:dc:e7:7d:a8:18:83:9a:89:b5:53:4e:41:61:6c:
e4:33:7b:f0:c8:fe:10:9b:e6:db:7c:74:b7:cf:d2:
16:3b:43:c2:9f:5e:20:a4:1b:3e:9b:af:9a:6a:ec:
31:18:fb:9f:59:28:7d:7f:5c:7c:02:1a:75:bd:ee:
2c:ab:ad:7d:6f:1b:09:5f:9d:6e:4b:25:f3:ca:81:
aa:3e:d4:2f:20:f3:5e:8e:d1:60:0f:a8:6e:9d:15:
32:0d:7d:6a:4e:81:9f:f0:47:6e:cd:2c:4f:3c:9f:
b3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F2:C5:C2:A8:60:8B:A5:09:93:B2:40:06:C1:42:2F:E2:F9:1D:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvLFwqhgi6UJk7JABsFCL-L5HR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.204.0/24
194.87.169.0/24
212.192.210.0/24
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
25:1c:e3:19:fe:68:83:72:3a:b2:e8:1e:48:c8:55:6d:6c:8e:
ca:6e:e1:5c:57:52:d7:d7:6e:3c:6b:38:45:11:fb:00:5a:7b:
1a:14:b0:b1:7c:8e:4c:e8:e2:7a:22:e9:e6:b3:93:2a:7f:dd:
48:54:6b:dd:78:b7:50:d0:12:d7:4d:41:42:cb:cc:e6:1b:f4:
a8:0c:99:69:0f:2b:dd:50:21:2c:40:fb:33:1a:a6:bb:61:7d:
c9:3c:df:fe:3c:ab:80:c7:c1:72:c7:31:ce:53:20:84:c8:bf:
c4:9c:b8:59:21:a0:f8:2c:fe:47:07:24:8f:6e:a6:71:95:b0:
4a:18:82:35:dd:53:e0:a3:d7:af:a0:ff:0c:63:91:1c:ea:3b:
e5:52:ff:ca:bc:c6:91:11:41:2e:74:2f:8e:cb:dd:1a:ac:a6:
9d:83:3b:b7:22:cb:af:37:7a:74:d2:fa:53:6d:ec:f9:33:35:
c4:4b:f9:7f:0d:ad:08:cf:4f:bb:7b:10:da:ed:32:fc:cf:4d:
d7:f1:66:11:60:fb:88:3e:de:00:cc:ad:1c:88:b0:30:e3:05:
73:5b:2f:aa:15:cf:3e:af:30:f7:47:31:49:94:31:0f:27:be:
f6:ff:f8:27:f1:4d:b2:80:b4:70:17:1e:a0:8f:7a:a1:cb:06:
7e:ac:84:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvZwriPxTM9kTH8EoQfm1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWYyYzVjMmE4NjA4YmE1MDk5M2IyNDAwNmMxNDIyZmUyZjkxZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlngAh6vntA1o0ka2nMkrpPllwQ+H
eMuqYFpdNJ8AHht6EBR/7sJPsP9rSTULk//wQdg427DcK9OE0T/HxSV3IrAt22cQ
3Q5J8ydRZpi5c6h5sD/fIpgAkCW9LzQgxVvodq3CUitPH+60GQoOib8BVNB7Ht5E
tmOqvS6o6nPoZby/K2vmx9mYTTt0OBclsnVXw7Tzaspw3Od9qBiDmom1U05BYWzk
M3vwyP4Qm+bbfHS3z9IWO0PCn14gpBs+m6+aauwxGPufWSh9f1x8Ahp1ve4sq619
bxsJX51uSyXzyoGqPtQvIPNejtFgD6hunRUyDX1qToGf8EduzSxPPJ+z8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI7yxcKoYIulCZOyQAbBQi/i+R0dMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvanZMRndxaGdpNlVKazdKQUJzRkNMLUw1SFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzMAwQA
wlepAwQA1MDSAwQA1MEDMA0GCSqGSIb3DQEBCwUAA4IBAQAlHOMZ/miDcjqy6B5I
yFVtbI7KbuFcV1LX1248azhFEfsAWnsaFLCxfI5M6OJ6Iunms5Mqf91IVGvdeLdQ
0BLXTUFCy8zmG/SoDJlpDyvdUCEsQPszGqa7YX3JPN/+PKuAx8FyxzHOUyCEyL/E
nLhZIaD4LP5HBySPbqZxlbBKGII13VPgo9evoP8MY5Ec6jvlUv/KvMaREUEudC+O
y90arKadgzu3IsuvN3p00vpTbez5MzXES/l/Da0Iz0+7exDa7TL8z03X8WYRYPuI
Pt4AzK0ciLAw4wVzWy+qFc8+rzD3RzFJlDEPJ772//gn8U2ygLRwFx6gj3qhywZ+
rITP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org