Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-_cW9Ig3Jipd8mRebumpp2v-nQ.roa
File: l-_cW9Ig3Jipd8mRebumpp2v-nQ.roa (raw, json)
Hash identifier: bqyEk9cuDsKHbGcGfg2JfAXHN6qRH6EPGJwc5Kj8bKQ=
Subject key identifier: 97:EF:DC:5B:D2:20:DC:98:A9:77:C9:91:79:BB:A6:A6:9D:AF:FA:74
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191CC280DECF2E820DC7BD638993F1A0190
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-_cW9Ig3Jipd8mRebumpp2v-nQ.roa
Signing time: Sat 07 Sep 2024 11:04:22 +0000
ROA not before: Sat 07 Sep 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.58.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Sep 2024 04:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cc:28:0d:ec:f2:e8:20:dc:7b:d6:38:99:3f:1a:01:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 7 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97efdc5bd220dc98a977c99179bba6a69daffa74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f8:37:d2:ba:f9:4c:10:15:e8:14:2f:dc:40:
06:7c:f7:29:58:05:36:ba:17:b7:9e:50:95:3e:ae:
c3:9c:b1:97:55:19:a3:f3:39:f7:82:bb:69:67:df:
12:81:af:dd:00:c6:4d:07:51:0c:20:d3:db:9a:3a:
87:2d:c3:79:fb:56:ee:c7:63:5b:6b:3e:31:ea:18:
17:c9:43:c0:b2:15:1b:66:71:66:ff:51:a8:48:ef:
cf:1c:7c:7b:5d:15:f5:50:b5:af:e0:29:b7:16:1a:
f8:d4:81:8e:a6:52:7c:5e:f9:be:0d:e4:42:ad:43:
52:7d:4b:7e:08:57:6e:f0:fb:20:8b:b3:16:49:bc:
26:f3:c4:3e:d9:70:28:22:4b:0c:38:86:51:80:fc:
67:be:6b:f1:1f:a1:7f:e9:86:95:86:5f:d9:4c:44:
77:dc:c0:5d:1a:b4:1a:f0:ca:13:70:58:03:cc:0c:
fb:aa:de:c4:7a:b7:30:b8:29:3b:ef:95:85:01:a9:
e7:37:d6:18:53:3c:c3:2d:bf:d9:d5:68:ba:c8:20:
9e:85:a1:c0:a6:98:85:f4:9c:25:d1:12:2c:37:7b:
aa:06:8c:62:d3:da:0a:62:5d:63:8e:d8:9c:24:36:
12:14:72:7d:8b:f7:c7:ec:16:a4:ba:b1:08:b3:f6:
b1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EF:DC:5B:D2:20:DC:98:A9:77:C9:91:79:BB:A6:A6:9D:AF:FA:74
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-_cW9Ig3Jipd8mRebumpp2v-nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
194.58.155.0/24
194.87.29.0/24
194.87.58.0/23
194.87.169.0/24
195.133.24.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.192.208.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:96:be:ee:3e:c5:f5:c3:d6:b7:26:59:bb:7e:35:9b:7a:cd:
cf:6d:3d:e3:6d:72:6e:52:c8:25:58:4f:91:d5:13:cc:c8:a4:
56:2a:28:c6:da:e1:22:aa:4d:81:9e:3a:94:7d:a9:a8:89:78:
36:04:b2:43:64:25:ff:b5:ae:f5:4f:9d:d4:dc:28:9c:1e:d6:
03:ed:bc:9b:01:ca:6d:1e:e3:34:2c:75:10:d0:54:99:54:8d:
a7:18:34:ca:0b:7b:19:f9:a9:bc:3e:9c:63:d4:92:f3:a3:9f:
34:eb:b5:48:25:65:f7:60:6f:ef:2e:0e:c3:76:24:c3:16:f7:
d5:82:f9:6d:e3:da:b7:8d:13:7a:d7:ab:ab:10:c1:c7:06:94:
dd:6e:ce:d8:85:9c:95:32:4f:ba:3a:c0:f9:a2:7b:21:ba:10:
7a:74:92:64:4b:f7:f6:9f:7a:56:d3:a2:58:b7:cb:bb:1e:5f:
56:3b:ae:50:e7:07:1f:65:2e:ef:22:5b:d3:30:2b:e7:d3:fb:
1c:6b:c1:be:5f:8b:c8:a8:1f:7f:56:50:de:b3:86:86:c1:b7:
d0:ec:d9:05:ab:1a:a9:e6:c1:04:a9:d5:80:b4:3d:f6:09:8b:
d7:6f:7f:45:3d:cb:d7:90:01:82:bd:66:7f:4f:d8:38:90:ba:
f0:ca:f1:7e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZHMKA3s8ugg3HvWOJk/GgGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA3MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VmZGM1YmQyMjBkYzk4YTk3N2M5OTE3OWJiYTZhNjlkYWZmYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfg30rr5TBAV6BQv3EAGfPcpWAU2
uhe3nlCVPq7DnLGXVRmj8zn3grtpZ98Sga/dAMZNB1EMINPbmjqHLcN5+1bux2Nb
az4x6hgXyUPAshUbZnFm/1GoSO/PHHx7XRX1ULWv4Cm3Fhr41IGOplJ8Xvm+DeRC
rUNSfUt+CFdu8Psgi7MWSbwm88Q+2XAoIksMOIZRgPxnvmvxH6F/6YaVhl/ZTER3
3MBdGrQa8MoTcFgDzAz7qt7EercwuCk775WFAannN9YYUzzDLb/Z1Wi6yCCehaHA
ppiF9Jwl0RIsN3uqBoxi09oKYl1jjticJDYSFHJ9i/fH7BakurEIs/axowIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJfv3FvSINyYqXfJkXm7pqadr/p0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbC1fY1c5SWczSmlwZDhtUmVidW1wcDJ2LW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQAwHysAwQA
wjqbAwQAwlcdAwQBwlc6AwQAwlepAwQBw4UYAwQBw4UyAwQBw4VcAwQA1MABAwQA
1MDQAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOC
AQEAbZa+7j7F9cPWtyZZu341m3rNz209421yblLIJVhPkdUTzMikViooxtrhIqpN
gZ46lH2pqIl4NgSyQ2Ql/7Wu9U+d1NwonB7WA+28mwHKbR7jNCx1ENBUmVSNpxg0
ygt7GfmpvD6cY9SS86OfNOu1SCVl92Bv7y4Ow3Ykwxb31YL5bePat40TeterqxDB
xwaU3W7O2IWclTJPujrA+aJ7IboQenSSZEv39p96VtOiWLfLux5fVjuuUOcHH2Uu
7yJb0zAr59P7HGvBvl+LyKgff1ZQ3rOGhsG30OzZBasaqebBBKnVgLQ99gmL129/
RT3L15ABgr1mf0/YOJC68Mrxfg==
-----END CERTIFICATE-----
Generated at Mon Sep 9 05:07:13 2024 by rpki-client on console-ams.rpki-client.org