Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa
File: k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa (raw, json)
Hash identifier: tHJxz9PLZos2D+3Nf4gObn3b6i7u1eiWp4iiylvQG6o=
Subject key identifier: 93:4B:41:FB:2B:C7:F9:47:60:90:1C:EE:A4:0E:98:36:6C:18:66:84
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C3B2FC36C408D4CCB49BC9B6CC7E96009
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa
Signing time: Tue 05 Dec 2023 18:13:55 +0000
ROA not before: Tue 05 Dec 2023 18:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Dec 2023 05:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:2f:c3:6c:40:8d:4c:cb:49:bc:9b:6c:c7:e9:60:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 5 18:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=934b41fb2bc7f94760901ceea40e98366c186684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c1:fd:9c:8a:03:25:ee:84:bb:12:34:dc:8c:
0d:91:aa:b7:09:c5:f7:d5:e4:08:46:72:7a:9e:40:
4e:22:1f:3d:c6:de:d8:8c:d6:d2:f5:06:b1:53:7e:
b6:6b:01:04:44:5a:88:a3:8d:92:eb:c3:66:1d:66:
d8:d4:41:5c:3d:78:1d:2e:a5:72:92:47:fc:48:9e:
70:0d:78:3e:63:26:e1:b3:12:e5:82:e9:c9:1f:b9:
7e:5f:20:62:b8:d2:04:68:5d:ff:58:1d:33:e1:76:
c6:94:09:55:86:7d:ab:eb:0f:fb:d8:7d:b3:fd:53:
7f:c2:03:6e:69:de:67:5a:68:ae:13:b5:32:08:84:
69:82:24:22:08:27:71:87:31:09:2f:08:a8:d3:a8:
63:ea:f8:95:fa:a9:65:7a:8f:fb:6b:31:fb:80:3e:
1e:d5:31:e4:da:d0:14:14:5a:02:8b:5e:77:ed:1a:
27:64:24:73:2c:92:3d:10:a5:ec:dc:09:f8:41:f0:
e2:b8:71:28:5f:99:c5:3c:39:47:99:8a:18:0c:32:
be:00:0e:69:8b:fa:b9:c7:18:15:85:4d:61:25:de:
5c:92:42:8d:5f:83:1a:6b:e8:ec:a1:7f:38:e2:04:
3a:64:6a:f7:fe:f3:d1:3f:27:e0:e8:bc:b8:d7:ed:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4B:41:FB:2B:C7:F9:47:60:90:1C:EE:A4:0E:98:36:6C:18:66:84
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.208.0/24
195.133.81.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
39:8e:72:09:a4:f4:14:55:dc:2b:e3:e7:0d:1e:2a:c9:e2:4c:
bd:3e:f3:36:fb:46:c0:36:25:5d:31:be:d0:ae:70:d5:59:c1:
56:73:fe:2c:d0:63:36:07:9e:fe:49:f1:aa:3c:3b:c3:5e:a5:
f4:fb:29:a6:0d:9f:3a:9a:b1:41:70:d0:aa:3b:83:52:b0:7c:
a7:99:6c:91:9a:ec:45:54:5e:ed:fa:e2:45:d4:89:22:bf:2e:
51:97:f3:68:a7:d6:98:39:67:da:ac:8b:05:eb:9d:a0:b5:28:
23:8f:94:aa:e1:c9:04:30:58:3c:e3:f4:73:57:75:4d:68:4e:
d7:05:c3:3e:61:69:0c:0d:5c:50:6b:ca:f4:37:16:ee:78:a7:
e0:67:e3:12:9f:63:1c:b0:e6:55:18:2a:63:ea:c9:be:5a:97:
ea:4b:bf:a6:1d:33:62:ac:9a:d3:42:55:a0:3d:d8:d2:c7:8a:
dc:1a:4c:a7:cd:69:c7:d6:1d:1d:8e:38:23:25:c5:b5:7c:d0:
05:56:72:45:2a:bb:85:a3:e9:35:0c:06:ba:f7:e1:69:66:e7:
53:ef:ab:08:d7:2e:1f:29:84:d0:25:22:e4:a1:81:5b:af:2c:
48:bc:8c:b6:dc:c9:04:b4:34:be:45:93:fd:8b:40:a6:12:6a:
05:00:01:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw7L8NsQI1My0m8m2zH6WAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA1MTgxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRiNDFmYjJiYzdmOTQ3NjA5MDFjZWVhNDBlOTgzNjZjMTg2Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcH9nIoDJe6EuxI03IwNkaq3CcX3
1eQIRnJ6nkBOIh89xt7YjNbS9QaxU362awEERFqIo42S68NmHWbY1EFcPXgdLqVy
kkf8SJ5wDXg+YybhsxLlgunJH7l+XyBiuNIEaF3/WB0z4XbGlAlVhn2r6w/72H2z
/VN/wgNuad5nWmiuE7UyCIRpgiQiCCdxhzEJLwio06hj6viV+qlleo/7azH7gD4e
1THk2tAUFFoCi1537RonZCRzLJI9EKXs3An4QfDiuHEoX5nFPDlHmYoYDDK+AA5p
i/q5xxgVhU1hJd5ckkKNX4Maa+jsoX844gQ6ZGr3/vPRPyfg6Ly41+0hmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJNLQfsrx/lHYJAc7qQOmDZsGGaEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazB0Qi15dkgtVWRna0J6dXBBNllObXdZWm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzKAwQA
wlfQAwQAw4VRAwQA1MENMA0GCSqGSIb3DQEBCwUAA4IBAQA5jnIJpPQUVdwr4+cN
HirJ4ky9PvM2+0bANiVdMb7QrnDVWcFWc/4s0GM2B57+SfGqPDvDXqX0+ymmDZ86
mrFBcNCqO4NSsHynmWyRmuxFVF7t+uJF1Ikivy5Rl/Nop9aYOWfarIsF652gtSgj
j5Sq4ckEMFg84/RzV3VNaE7XBcM+YWkMDVxQa8r0NxbueKfgZ+MSn2McsOZVGCpj
6sm+WpfqS7+mHTNirJrTQlWgPdjSx4rcGkynzWnH1h0djjgjJcW1fNAFVnJFKruF
o+k1DAa69+FpZudT76sI1y4fKYTQJSLkoYFbryxIvIy23MkEtDS+RZP9i0CmEmoF
AAFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org