Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lG5w0eFgHXwlN6CCnYeVzAoiY3E.roa
File: lG5w0eFgHXwlN6CCnYeVzAoiY3E.roa (raw, json)
Hash identifier: j+vVND41ij8goiAEMiK/X7Gjrn4HAngaE0vG/dckLuQ=
Subject key identifier: 94:6E:70:D1:E1:60:1D:7C:25:37:A0:82:9D:87:95:CC:0A:22:63:71
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192D8D1219A8F00DAF5B2B7BC707FB8D8F9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lG5w0eFgHXwlN6CCnYeVzAoiY3E.roa
Signing time: Tue 29 Oct 2024 15:07:17 +0000
ROA not before: Tue 29 Oct 2024 15:07:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.20.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Oct 2024 16:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:d1:21:9a:8f:00:da:f5:b2:b7:bc:70:7f:b8:d8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 29 15:07:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946e70d1e1601d7c2537a0829d8795cc0a226371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b8:b7:c5:e8:8c:d4:7c:d5:58:4c:56:b0:22:
f8:6f:e4:22:d7:5a:41:1d:95:6d:26:03:52:65:58:
39:c5:d8:ec:6a:3f:e6:d8:e2:3d:a7:9f:cd:38:fe:
ff:cb:05:61:73:50:73:7a:0c:00:c2:3f:42:1a:54:
4a:57:36:19:65:5b:dc:7c:94:42:07:65:e2:55:37:
48:ae:d2:11:da:e0:84:24:ba:66:ec:ac:2b:6e:e6:
a8:26:50:bd:01:38:8f:61:2b:02:08:77:96:40:26:
dc:47:94:57:79:4e:25:0f:55:c4:39:05:5d:4b:ea:
41:28:7e:73:88:20:42:c6:ef:df:a2:10:7a:94:f5:
07:24:65:b9:06:19:c4:e4:47:75:58:f2:df:9f:49:
f7:87:f7:1f:c7:78:84:4c:8c:95:ba:80:42:3d:77:
0f:11:bf:40:92:c2:32:ce:41:e3:7b:d7:14:bc:f3:
3f:43:66:24:a9:42:58:46:a8:13:c2:0f:8d:8d:54:
d6:ec:64:fc:ba:4e:6e:c0:09:50:a5:ed:56:63:8a:
ee:80:36:23:1b:17:d6:13:21:f6:03:1b:bd:80:a1:
6d:bb:62:06:16:75:de:5e:0e:b5:b9:a4:cf:23:59:
70:5e:21:56:57:d6:69:b1:5f:02:40:05:07:f3:fe:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6E:70:D1:E1:60:1D:7C:25:37:A0:82:9D:87:95:CC:0A:22:63:71
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lG5w0eFgHXwlN6CCnYeVzAoiY3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.20.0/23
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.25.0-212.193.27.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
11:61:d3:b6:60:0c:5c:5b:21:e5:d3:c3:a1:85:af:c4:c8:34:
5d:2f:03:62:0d:c3:52:61:8b:ad:a6:fc:49:dc:a3:8b:a7:bf:
f0:02:7a:08:4c:ce:16:a9:dd:dd:f1:c5:f5:bb:c0:da:a5:5b:
4f:fc:5b:06:fd:3f:77:92:ee:a0:d2:74:f7:1a:cc:5d:e9:13:
14:ee:6b:fe:46:50:ed:4a:42:27:c1:3b:15:43:37:43:42:9b:
49:a8:72:93:0e:5a:ca:10:ff:3f:8c:2c:d4:14:43:b3:50:fe:
e9:52:bf:a9:0f:0f:42:91:09:b1:8c:1a:3f:51:07:61:e9:d0:
54:fd:80:81:71:db:0c:86:34:1a:90:26:5d:52:26:cc:07:a1:
70:2c:10:69:81:36:6a:cb:12:93:31:89:44:d5:27:19:70:72:
5f:6f:1b:93:48:aa:2e:b2:a1:14:e8:ff:66:6f:db:95:a1:91:
41:4a:74:ea:f8:60:77:4d:6d:bb:e7:f3:53:03:e6:6a:8f:85:
92:08:c5:e5:b6:4b:b4:50:99:0c:d9:90:60:71:9d:99:56:7e:
36:67:ce:09:aa:da:a9:f4:65:df:72:a9:cd:25:3d:2d:d2:e8:
90:7d:5d:d1:8f:85:bd:59:f6:9d:8a:82:30:c2:5a:a2:40:3d:
c9:71:ab:68
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZLY0SGajwDa9bK3vHB/uNj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDI5MTUwNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZlNzBkMWUxNjAxZDdjMjUzN2EwODI5ZDg3OTVjYzBhMjI2MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxri3xeiM1HzVWExWsCL4b+Qi11pB
HZVtJgNSZVg5xdjsaj/m2OI9p5/NOP7/ywVhc1BzegwAwj9CGlRKVzYZZVvcfJRC
B2XiVTdIrtIR2uCEJLpm7KwrbuaoJlC9ATiPYSsCCHeWQCbcR5RXeU4lD1XEOQVd
S+pBKH5ziCBCxu/fohB6lPUHJGW5BhnE5Ed1WPLfn0n3h/cfx3iETIyVuoBCPXcP
Eb9AksIyzkHje9cUvPM/Q2YkqUJYRqgTwg+NjVTW7GT8uk5uwAlQpe1WY4rugDYj
GxfWEyH2Axu9gKFtu2IGFnXeXg61uaTPI1lwXiFWV9ZpsV8CQAUH8/6/cwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJRucNHhYB18JTeggp2HlcwKImNxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbEc1dzBlRmdIWHdsTjZDQ25ZZVZ6QW9pWTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVgMEAMB8tAME
AMI6mwMEAcJXFAMEAMJXqQMEAMJXsgMEAMJX4AMEAMKHIQMEAcOFGAMEAcOFKAME
AcOFMgMEAcOFXAMEANTAATAMAwQA1MEZAwQC1MEYMBQEAgACMA4DBQMqAVfAAwUD
Kgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAEWHTtmAMXFsh5dPDoYWvxMg0XS8DYg3D
UmGLrab8Sdyji6e/8AJ6CEzOFqnd3fHF9bvA2qVbT/xbBv0/d5LuoNJ09xrMXekT
FO5r/kZQ7UpCJ8E7FUM3Q0KbSahykw5ayhD/P4ws1BRDs1D+6VK/qQ8PQpEJsYwa
P1EHYenQVP2AgXHbDIY0GpAmXVImzAehcCwQaYE2assSkzGJRNUnGXByX28bk0iq
LrKhFOj/Zm/blaGRQUp06vhgd01tu+fzUwPmao+FkgjF5bZLtFCZDNmQYHGdmVZ+
NmfOCaraqfRl33KpzSU9LdLokH1d0Y+FvVn2nYqCMMJaokA9yXGraA==
-----END CERTIFICATE-----
Generated at Tue Oct 29 19:20:08 2024 by rpki-client on console-fra.rpki-client.org