Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k4tHXM5aE3ze8OgmYIjQkF3fFug.roa
File: k4tHXM5aE3ze8OgmYIjQkF3fFug.roa (raw, json)
Hash identifier: rJYTiwffow11HA64W0CXVo0EoE21q0O09cCTEGtKRS0=
Subject key identifier: 93:8B:47:5C:CE:5A:13:7C:DE:F0:E8:26:60:88:D0:90:5D:DF:16:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E1A22063C43944C5F381B9FC57F3D43AF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k4tHXM5aE3ze8OgmYIjQkF3fFug.roa
Signing time: Thu 07 Mar 2024 18:17:01 +0000
ROA not before: Thu 07 Mar 2024 18:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 13:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:22:06:3c:43:94:4c:5f:38:1b:9f:c5:7f:3d:43:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 18:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=938b475cce5a137cdef0e8266088d0905ddf16e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0b:27:d7:e5:e1:de:b0:23:74:11:20:29:01:
f1:52:f7:f1:0a:37:59:16:ac:52:52:13:f6:98:3a:
f0:8a:57:ff:61:51:47:eb:3b:36:ab:ed:c5:08:0a:
cd:05:58:2b:2e:1f:76:e2:3d:ee:2b:49:c8:3a:20:
4f:52:13:e3:00:1d:4e:14:e0:68:8b:c5:f2:0a:8e:
19:04:f4:62:74:ea:7c:c5:37:f3:62:08:0e:0d:f1:
48:69:91:69:d5:8f:f4:20:51:32:6d:b8:89:07:62:
57:9b:7d:8b:8d:ad:22:da:20:e0:6a:df:83:31:bc:
97:e4:5c:c1:f3:eb:9a:23:7c:a5:97:b9:69:85:79:
57:95:34:f8:1b:40:03:1e:60:97:87:d3:69:ba:77:
70:a9:44:39:8a:d9:64:6d:70:67:3d:00:20:38:64:
31:06:45:80:d7:6a:56:56:ba:41:f0:d5:6d:ab:bb:
34:f7:b6:7d:f0:ac:ec:b3:53:e8:e7:fe:c2:2b:1d:
e4:6a:54:de:45:6d:9d:fa:72:d9:a1:ac:c7:42:f2:
9c:b2:46:67:1a:d0:a0:87:7c:2b:c5:a2:be:03:22:
f3:93:3f:86:ee:90:c2:df:43:8a:97:4d:5c:45:80:
a0:de:8b:55:49:c9:ac:aa:7f:af:12:50:30:0c:27:
20:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8B:47:5C:CE:5A:13:7C:DE:F0:E8:26:60:88:D0:90:5D:DF:16:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k4tHXM5aE3ze8OgmYIjQkF3fFug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.203.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b9:34:f2:78:3e:d6:2a:c3:d7:39:ea:d0:db:32:d3:eb:b0:
66:d0:05:5a:d1:d4:1a:91:21:44:b6:5c:b8:a1:78:bb:20:a0:
8e:7e:25:e0:8d:0b:1c:0d:dd:a8:88:73:ad:de:19:c5:63:bc:
ab:be:3d:34:5e:f5:4c:98:12:cd:33:0c:16:c4:8e:3e:dc:29:
97:f6:03:58:1c:1c:bc:11:df:19:97:71:91:32:27:7a:42:5a:
94:a7:0a:71:52:9c:2e:9d:3f:6a:26:e5:bc:3d:11:9a:d4:90:
8b:28:20:d1:63:df:86:7e:ce:d1:db:82:54:b6:04:47:f9:37:
96:f1:e6:49:36:6a:a5:85:fe:d5:97:03:aa:56:e8:1a:68:e1:
20:1f:f3:ff:ca:7d:bd:a6:b0:fa:6f:4d:09:9b:f7:e2:d3:a7:
9a:59:c4:de:9c:93:c3:01:e2:4a:04:45:2d:1b:ff:4a:d4:29:
5f:c0:46:fe:16:20:e1:bf:d5:d9:82:37:0d:6f:b2:a5:8c:9f:
1a:90:60:8c:5e:13:09:ff:9d:db:55:81:02:31:52:3e:04:6c:
b6:f2:b5:34:1d:a2:82:1c:5e:61:29:43:f5:c7:ba:8f:06:e9:
76:28:52:67:6e:cd:54:5c:c4:80:91:b3:49:f7:b1:b4:7b:bb:
ad:b0:11:35
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4aIgY8Q5RMXzgbn8V/PUOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA3MTgxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhiNDc1Y2NlNWExMzdjZGVmMGU4MjY2MDg4ZDA5MDVkZGYxNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQsn1+Xh3rAjdBEgKQHxUvfxCjdZ
FqxSUhP2mDrwilf/YVFH6zs2q+3FCArNBVgrLh924j3uK0nIOiBPUhPjAB1OFOBo
i8XyCo4ZBPRidOp8xTfzYggODfFIaZFp1Y/0IFEybbiJB2JXm32Lja0i2iDgat+D
MbyX5FzB8+uaI3yll7lphXlXlTT4G0ADHmCXh9NpundwqUQ5itlkbXBnPQAgOGQx
BkWA12pWVrpB8NVtq7s097Z98Kzss1Po5/7CKx3kalTeRW2d+nLZoazHQvKcskZn
GtCgh3wrxaK+AyLzkz+G7pDC30OKl01cRYCg3otVScmsqn+vElAwDCcgEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJOLR1zOWhN83vDoJmCI0JBd3xboMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazR0SFhNNWFFM3plOE9nbVlJalFrRjNmRnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwHAwQA
wXzLAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQBY
uTTyeD7WKsPXOerQ2zLT67Bm0AVa0dQakSFEtly4oXi7IKCOfiXgjQscDd2oiHOt
3hnFY7yrvj00XvVMmBLNMwwWxI4+3CmX9gNYHBy8Ed8Zl3GRMid6QlqUpwpxUpwu
nT9qJuW8PRGa1JCLKCDRY9+Gfs7R24JUtgRH+TeW8eZJNmqlhf7VlwOqVugaaOEg
H/P/yn29prD6b00Jm/fi06eaWcTenJPDAeJKBEUtG/9K1ClfwEb+FiDhv9XZgjcN
b7KljJ8akGCMXhMJ/53bVYECMVI+BGy28rU0HaKCHF5hKUP1x7qPBul2KFJnbs1U
XMSAkbNJ97G0e7utsBE1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org