Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kMrxQBx5SMwaZQYopQgzagLi-BA.roa
File: kMrxQBx5SMwaZQYopQgzagLi-BA.roa (raw, json)
Hash identifier: 70vKYhohACQQKUSpP3+ZXKx82HszI2Ci5olxswBrPG0=
Subject key identifier: 90:CA:F1:40:1C:79:48:CC:1A:65:06:28:A5:08:33:6A:02:E2:F8:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191A3A89F8E10DA80C31B5F308D45CBF205
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kMrxQBx5SMwaZQYopQgzagLi-BA.roa
Signing time: Fri 30 Aug 2024 14:20:22 +0000
ROA not before: Fri 30 Aug 2024 14:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.85.251.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.119.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 10:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:a8:9f:8e:10:da:80:c3:1b:5f:30:8d:45:cb:f2:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 30 14:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90caf1401c7948cc1a650628a508336a02e2f810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:3c:dc:ef:81:f4:83:2f:7e:fb:4e:d8:5e:76:
e5:15:06:10:a0:c7:54:6e:23:f8:21:15:aa:19:03:
77:e6:52:8a:23:91:70:7d:f2:d5:8a:51:e8:86:8b:
fb:d3:ee:7b:87:68:3f:ac:f1:ad:d7:9f:83:0f:5d:
e2:8f:a3:07:c9:eb:e5:90:0d:e9:58:41:c2:c1:e4:
09:e7:e6:60:b7:f9:df:5c:62:7c:22:fe:fe:8d:5d:
80:da:fa:11:c0:57:ee:7f:85:60:c2:b3:8e:aa:db:
5a:57:ca:63:14:9d:86:ea:74:eb:86:f8:90:c8:ff:
29:47:c7:2a:42:3f:1d:63:fb:32:fb:ad:ed:ef:db:
6f:f5:9f:37:e2:6e:a9:c2:d7:ee:6f:e9:64:93:1b:
d4:14:e3:b8:56:e4:16:6f:a5:0b:24:00:d0:8c:c3:
95:65:a7:b1:13:57:bb:c3:45:49:9f:7d:bb:4d:38:
4b:6a:c3:49:c4:0e:09:86:80:a5:27:b3:14:03:ac:
bd:7b:42:5a:41:51:37:65:12:bb:46:67:b3:ed:4b:
e5:c9:f8:e0:79:1d:87:1f:6d:72:c0:da:8c:00:1d:
35:a9:2c:cf:8c:8e:53:7a:25:9f:74:f3:54:bb:bd:
5d:33:e9:03:57:2a:b4:bb:30:92:53:84:90:32:ff:
75:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CA:F1:40:1C:79:48:CC:1A:65:06:28:A5:08:33:6A:02:E2:F8:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kMrxQBx5SMwaZQYopQgzagLi-BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.251.0/24
194.87.21.0/24
194.87.114.0/23
194.87.119.0/24
194.87.134.0/23
194.87.168.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:22:17:da:fe:e7:76:94:88:eb:70:3f:f9:45:15:a5:ee:4b:
21:64:43:a0:2d:d7:95:64:f8:34:01:2b:c8:31:55:55:d9:99:
80:b8:de:b6:c3:72:a7:ca:b7:8b:f7:d9:ae:8a:56:9b:12:9d:
23:1b:fa:b5:82:c4:97:a5:b1:37:c5:f2:9e:f6:c7:e2:99:69:
45:64:5e:89:b2:e7:01:00:8a:aa:00:38:74:8f:06:53:29:24:
6c:00:f3:01:31:15:b9:1d:ca:32:b8:85:6a:7b:86:94:44:a1:
82:15:88:2d:57:d8:24:db:d0:90:55:3b:b3:26:40:c3:ed:04:
d1:2d:e1:72:a7:39:d5:9e:94:a9:59:7d:ea:6a:19:4b:a3:06:
bc:11:e4:b2:0b:44:cf:7f:c1:2e:06:53:83:cb:90:2e:c2:c1:
e8:e3:dd:be:77:b6:b0:d1:95:90:1a:81:f3:9e:4d:b6:cf:cc:
fc:64:aa:77:1f:1b:69:b9:b2:31:e0:0f:8a:f9:77:55:48:80:
40:58:21:4c:cb:bb:68:5b:56:40:40:76:17:66:61:4c:49:02:
4c:26:ad:b3:56:b5:b8:42:b9:e3:b0:58:0d:45:93:c4:fc:41:
81:29:e6:da:ed:e0:50:43:80:0e:ba:8f:c5:5c:08:cd:34:ac:
7d:71:36:2c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZGjqJ+OENqAwxtfMI1Fy/IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODMwMTQyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNhZjE0MDFjNzk0OGNjMWE2NTA2MjhhNTA4MzM2YTAyZTJmODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zzc74H0gy9++07YXnblFQYQoMdU
biP4IRWqGQN35lKKI5FwffLVilHohov70+57h2g/rPGt15+DD13ij6MHyevlkA3p
WEHCweQJ5+Zgt/nfXGJ8Iv7+jV2A2voRwFfuf4VgwrOOqttaV8pjFJ2G6nTrhviQ
yP8pR8cqQj8dY/sy+63t79tv9Z834m6pwtfub+lkkxvUFOO4VuQWb6ULJADQjMOV
ZaexE1e7w0VJn327TThLasNJxA4JhoClJ7MUA6y9e0JaQVE3ZRK7Rmez7Uvlyfjg
eR2HH21ywNqMAB01qSzPjI5TeiWfdPNUu71dM+kDVyq0uzCSU4SQMv91rQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJDK8UAceUjMGmUGKKUIM2oC4vgQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva01yeFFCeDVTTXdhWlFZb3BRZ3phZ0xpLUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwlX7AwQA
wlcVAwQBwldyAwQAwld3AwQBwleGAwQAwleoAwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4VUAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQBaIhfa/ud2lIjrcD/5RRWl7ksh
ZEOgLdeVZPg0ASvIMVVV2ZmAuN62w3KnyreL99muilabEp0jG/q1gsSXpbE3xfKe
9sfimWlFZF6JsucBAIqqADh0jwZTKSRsAPMBMRW5HcoyuIVqe4aURKGCFYgtV9gk
29CQVTuzJkDD7QTRLeFypznVnpSpWX3qahlLowa8EeSyC0TPf8EuBlODy5AuwsHo
492+d7aw0ZWQGoHznk22z8z8ZKp3HxtpubIx4A+K+XdVSIBAWCFMy7toW1ZAQHYX
ZmFMSQJMJq2zVrW4QrnjsFgNRZPE/EGBKeba7eBQQ4AOuo/FXAjNNKx9cTYs
-----END CERTIFICATE-----
Generated at Wed Sep 11 11:53:38 2024 by rpki-client on console-fra.rpki-client.org