Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kjWx74GO809LOgEDMfQq9rbrOPA.roa
File: kjWx74GO809LOgEDMfQq9rbrOPA.roa (raw, json)
Hash identifier: RQLrt2jyBniQG0caBdiu47VMPV2GcmNESJh/DggmDnU=
Subject key identifier: 92:35:B1:EF:81:8E:F3:4F:4B:3A:01:03:31:F4:2A:F6:B6:EB:38:F0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67122E138023A24DADF53E864AF010
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kjWx74GO809LOgEDMfQq9rbrOPA.roa
Signing time: Sun 01 Jan 2023 22:15:03 +0000
ROA not before: Sun 01 Jan 2023 22:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.151.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 07:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:12:2e:13:80:23:a2:4d:ad:f5:3e:86:4a:f0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9235b1ef818ef34f4b3a010331f42af6b6eb38f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4c:1c:0c:72:e6:d4:3c:49:55:8e:83:b8:73:
4b:33:97:49:24:56:dd:33:85:1f:79:d8:c9:19:5a:
d8:67:ad:c6:25:9b:86:d5:58:03:ee:8c:c7:08:b9:
27:d9:36:22:d6:46:c2:e8:d9:e7:1e:ba:b8:48:40:
6d:ae:ff:3f:4c:ff:74:dd:38:65:91:7b:1f:43:e6:
06:9d:e4:69:b9:67:a2:1a:82:0f:e3:05:f3:3c:49:
99:4e:da:a2:69:b5:94:dc:b5:2e:99:a8:5b:71:69:
0e:25:10:3e:3a:fe:de:27:26:b3:bd:ea:c4:f1:1e:
ac:e2:e8:c6:a5:4a:78:78:11:ae:3b:7c:62:b8:81:
d7:cd:d8:d0:a8:7e:fc:20:6f:65:52:7f:f2:0c:8f:
6c:43:7a:19:3e:98:db:98:39:3b:0c:79:d8:44:54:
cb:72:bc:9f:ba:fd:c4:66:8d:8c:b2:92:53:19:00:
23:9a:54:f8:f5:28:cd:6c:13:11:89:e7:f3:99:f0:
46:5f:4e:e4:7a:a1:fd:4f:f7:6f:c8:fd:5a:61:a4:
11:cc:64:4d:fe:39:f6:ce:c5:31:a4:a5:9c:c9:99:
77:e0:38:f6:82:10:b8:fa:ce:cc:89:4d:0a:94:5f:
58:f7:99:cf:8c:a5:a4:6c:8f:ce:7a:b5:59:69:9e:
c8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:35:B1:EF:81:8E:F3:4F:4B:3A:01:03:31:F4:2A:F6:B6:EB:38:F0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kjWx74GO809LOgEDMfQq9rbrOPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
194.87.151.0/24
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a4:30:4a:36:56:b9:31:0f:bc:b5:08:26:ae:05:fb:a1:e1:
af:d4:51:74:af:f8:c8:e8:d9:0b:3a:92:7d:45:59:03:0c:35:
2c:51:56:dc:3e:f5:e7:ef:b8:46:91:7f:3e:42:86:62:12:2a:
77:46:aa:70:47:82:c6:57:3b:eb:bb:67:ab:f2:0e:14:d2:0d:
4a:f9:65:39:c2:9f:e3:ec:72:02:c4:0e:8d:89:93:70:58:48:
18:53:f2:5f:a9:0d:dd:0c:97:7f:8f:c7:35:b1:db:c7:8d:bd:
1d:0f:5b:03:79:9b:4c:0d:25:4f:d8:93:cf:6c:ca:85:a3:ab:
bf:6f:92:1c:3f:56:e0:d1:d8:cf:3f:08:46:75:85:f8:74:21:
e8:7b:33:5f:62:43:4a:53:a4:17:65:70:b8:13:66:fb:5d:1d:
93:01:28:ed:6b:bb:16:ff:2b:db:f5:39:78:dc:c9:fe:67:30:
2b:3e:a2:2c:e8:86:3a:78:b7:d0:08:a1:87:02:12:b0:8d:6c:
3b:21:d9:bd:a9:c3:4d:ae:14:e4:8a:80:7c:70:dc:bf:b6:05:
19:fb:b0:d4:a1:f7:fd:5c:68:a5:b6:ba:9b:76:ea:79:69:3f:
34:2d:93:26:01:95:73:4b:9f:15:d4:3e:fe:1e:c7:5f:31:0f:
9a:04:33:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvZxIuE4Ajok2t9T6GSvAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM1YjFlZjgxOGVmMzRmNGIzYTAxMDMzMWY0MmFmNmI2ZWIzOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0wcDHLm1DxJVY6DuHNLM5dJJFbd
M4UfedjJGVrYZ63GJZuG1VgD7ozHCLkn2TYi1kbC6NnnHrq4SEBtrv8/TP903Thl
kXsfQ+YGneRpuWeiGoIP4wXzPEmZTtqiabWU3LUumahbcWkOJRA+Ov7eJyazverE
8R6s4ujGpUp4eBGuO3xiuIHXzdjQqH78IG9lUn/yDI9sQ3oZPpjbmDk7DHnYRFTL
cryfuv3EZo2MspJTGQAjmlT49SjNbBMRiefzmfBGX07keqH9T/dvyP1aYaQRzGRN
/jn2zsUxpKWcyZl34Dj2ghC4+s7MiU0KlF9Y95nPjKWkbI/OerVZaZ7IDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJI1se+BjvNPSzoBAzH0Kva26zjwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva2pXeDc0R084MDlMT2dFRE1mUXE5cmJyT1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCwldUAwQA
wleXAwQAw4USAwQAw4UmAwQAw4UoAwQA1MAIAwQA1MAeMA0GCSqGSIb3DQEBCwUA
A4IBAQCTpDBKNla5MQ+8tQgmrgX7oeGv1FF0r/jI6NkLOpJ9RVkDDDUsUVbcPvXn
77hGkX8+QoZiEip3RqpwR4LGVzvru2er8g4U0g1K+WU5wp/j7HICxA6NiZNwWEgY
U/JfqQ3dDJd/j8c1sdvHjb0dD1sDeZtMDSVP2JPPbMqFo6u/b5IcP1bg0djPPwhG
dYX4dCHoezNfYkNKU6QXZXC4E2b7XR2TASjta7sW/yvb9Tl43Mn+ZzArPqIs6IY6
eLfQCKGHAhKwjWw7Idm9qcNNrhTkioB8cNy/tgUZ+7DUoff9XGiltrqbdup5aT80
LZMmAZVzS58V1D7+HsdfMQ+aBDN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org