Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqpkb2eiB6Xg7ecLLQoY6eewyjE.roa
File: kqpkb2eiB6Xg7ecLLQoY6eewyjE.roa (raw, json)
Hash identifier: LcdaQmONhsvgD8II+ohG+BWeAGF+Ja/CKsfw5vneDCg=
Subject key identifier: 92:AA:64:6F:67:A2:07:A5:E0:ED:E7:0B:2D:0A:18:E9:E7:B0:CA:31
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01907BF0859E0B1F88267726219106FDC759
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqpkb2eiB6Xg7ecLLQoY6eewyjE.roa
Signing time: Thu 04 Jul 2024 04:11:18 +0000
ROA not before: Thu 04 Jul 2024 04:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 06 Jul 2024 16:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:f0:85:9e:0b:1f:88:26:77:26:21:91:06:fd:c7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 4 04:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92aa646f67a207a5e0ede70b2d0a18e9e7b0ca31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:52:0c:72:49:5b:97:2e:2d:1b:82:f5:c2:4b:
dc:35:e6:8c:83:9d:20:63:be:07:9d:ae:2e:e0:5f:
91:30:e9:a6:6d:02:43:bb:60:1a:bf:2d:b6:07:cd:
44:f4:f4:77:c3:9b:31:0f:1f:b1:77:06:bf:67:91:
ad:dc:f4:44:8f:be:a5:a0:e4:87:67:2d:44:01:a7:
e5:5f:f4:8f:03:c2:a8:0b:a6:f2:0a:16:da:27:ec:
7a:79:e2:c2:19:27:36:01:ce:13:d4:f9:2a:35:86:
e7:c5:1f:ac:e2:3e:f1:6e:40:e3:0d:67:3d:e0:a8:
ef:f1:2b:1f:5b:0c:15:90:3b:8c:37:f1:06:66:d5:
d4:af:28:a2:9f:21:6d:2f:fc:aa:3b:6c:20:ca:b9:
16:38:46:b0:44:0f:61:c3:4d:bc:8f:a9:ae:fb:f8:
5e:ab:f8:7c:27:d4:f0:e9:99:2f:d8:c4:68:da:6f:
3c:09:51:d8:0d:c0:ab:b4:22:8f:6b:fe:c7:64:c2:
00:3c:56:6b:6a:7b:91:9b:1a:f0:58:3c:38:cd:15:
8c:10:52:8c:ea:a6:74:3e:8a:7a:42:37:e5:8f:57:
59:33:c8:bb:f2:c5:6a:26:eb:f9:97:4e:af:d1:c6:
13:8a:69:b5:e9:99:45:41:38:6f:8e:81:0d:c3:c5:
76:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AA:64:6F:67:A2:07:A5:E0:ED:E7:0B:2D:0A:18:E9:E7:B0:CA:31
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqpkb2eiB6Xg7ecLLQoY6eewyjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.169.0/24
195.133.25.0/24
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:31:df:35:eb:12:3b:38:d9:29:b6:0e:e3:a2:c2:64:21:50:
6a:c3:3b:26:3b:94:82:f1:9d:b1:d8:5c:a8:d0:d1:99:81:af:
85:d7:a5:ee:25:e9:71:84:98:32:5f:0f:31:da:0d:b9:ad:4f:
2d:7f:5f:8c:33:50:78:ee:58:11:5b:2f:2f:7b:63:89:0b:9d:
c3:a4:72:77:2c:cf:86:b7:62:d7:2d:96:e3:47:c9:d7:a0:22:
a8:1d:25:bb:5d:4c:d3:a5:9c:68:b8:53:b1:68:8a:23:90:c2:
a5:40:f1:00:16:7f:e3:6a:38:76:8e:35:be:9a:dd:91:61:38:
37:11:14:10:c5:5f:d7:d4:b4:c4:22:62:00:13:f8:be:f7:bb:
4b:3c:57:c3:d4:62:73:9a:f1:f5:b6:2c:9d:ae:cc:0e:59:e6:
ae:7f:b5:9b:47:66:7b:bf:8b:09:bd:76:af:eb:7d:63:30:a3:
64:11:b1:96:c7:01:74:4b:e5:30:4c:ad:2d:31:d6:7d:b0:4a:
25:ce:2e:5b:21:98:73:29:d8:35:79:06:67:04:22:85:94:a9:
11:a0:ee:48:37:bf:87:1b:d2:da:b3:11:1e:ee:c8:38:9c:bf:
96:a2:78:96:6c:93:47:2f:3c:59:b7:a2:bb:f0:c3:da:d6:66:
7e:56:87:95
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZB78IWeCx+IJncmIZEG/cdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzA0MDQxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFhNjQ2ZjY3YTIwN2E1ZTBlZGU3MGIyZDBhMThlOWU3YjBjYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklIMcklbly4tG4L1wkvcNeaMg50g
Y74Hna4u4F+RMOmmbQJDu2Aavy22B81E9PR3w5sxDx+xdwa/Z5Gt3PREj76loOSH
Zy1EAaflX/SPA8KoC6byChbaJ+x6eeLCGSc2Ac4T1PkqNYbnxR+s4j7xbkDjDWc9
4Kjv8SsfWwwVkDuMN/EGZtXUryiinyFtL/yqO2wgyrkWOEawRA9hw028j6mu+/he
q/h8J9Tw6Zkv2MRo2m88CVHYDcCrtCKPa/7HZMIAPFZranuRmxrwWDw4zRWMEFKM
6qZ0Pop6Qjflj1dZM8i78sVqJuv5l06v0cYTimm16ZlFQThvjoENw8V2EwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJKqZG9nogel4O3nCy0KGOnnsMoxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva3Fwa2IyZWlCNlhnN2VjTExRb1k2ZWV3eWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBwjo4AwQA
wlepAwQAw4UZAwQBw4UyAwQBw4VcAwQA1MABMBQEAgACMA4DBQMqAVfAAwUDKgz/
QDANBgkqhkiG9w0BAQsFAAOCAQEAKjHfNesSOzjZKbYO46LCZCFQasM7JjuUgvGd
sdhcqNDRmYGvhdel7iXpcYSYMl8PMdoNua1PLX9fjDNQeO5YEVsvL3tjiQudw6Ry
dyzPhrdi1y2W40fJ16AiqB0lu11M06WcaLhTsWiKI5DCpUDxABZ/42o4do41vprd
kWE4NxEUEMVf19S0xCJiABP4vve7SzxXw9Ric5rx9bYsna7MDlnmrn+1m0dme7+L
Cb12r+t9YzCjZBGxlscBdEvlMEytLTHWfbBKJc4uWyGYcynYNXkGZwQihZSpEaDu
SDe/hxvS2rMRHu7IOJy/lqJ4lmyTRy88Wbeiu/DD2tZmflaHlQ==
-----END CERTIFICATE-----
Generated at Sat Jul 6 18:47:19 2024 by rpki-client on console-ams.rpki-client.org