Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m4faY9ryPY1MGZkh0UOZU0Li1ek.roa
File: m4faY9ryPY1MGZkh0UOZU0Li1ek.roa (raw, json)
Hash identifier: kMnyn5dXNOq/z0hoTsPCTGrYUtXUgbPvNB3/loy2gqU=
Subject key identifier: 9B:87:DA:63:DA:F2:3D:8D:4C:19:99:21:D1:43:99:53:42:E2:D5:E9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191B39F896269A483EA941759C27C56CB95
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m4faY9ryPY1MGZkh0UOZU0Li1ek.roa
Signing time: Mon 02 Sep 2024 16:44:22 +0000
ROA not before: Mon 02 Sep 2024 16:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 193.124.44.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:9f:89:62:69:a4:83:ea:94:17:59:c2:7c:56:cb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 2 16:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b87da63daf23d8d4c199921d143995342e2d5e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0c:0e:87:6f:22:b1:4d:76:07:ef:43:6e:13:
ea:67:62:db:86:6a:e8:37:e4:4e:20:51:49:75:16:
65:fd:15:08:e0:e7:22:25:7a:a0:dd:f6:77:26:3a:
a2:ce:69:72:7e:fb:5d:2c:d7:44:9e:c3:d5:39:f3:
c2:ac:30:7a:ce:9d:48:5a:b7:69:32:70:61:2d:b3:
e0:d7:37:d2:a7:a8:ba:06:89:e5:fe:63:60:93:46:
e3:fa:76:1e:a2:f6:ac:18:94:08:b7:6e:7e:6d:b8:
a5:e3:dc:d9:13:53:da:34:8d:d7:03:7a:2b:55:34:
c7:2d:68:b5:0f:63:e8:48:7f:97:b1:be:6f:86:f0:
e6:17:43:1e:1e:32:76:2f:10:29:f4:cd:9a:d2:3f:
57:b9:de:a1:3f:7b:1d:eb:7c:c3:24:6e:63:4a:15:
87:4a:5e:b4:6c:1e:a5:bf:34:a3:87:00:95:8c:1c:
a3:5c:71:89:2f:da:63:6b:81:76:31:df:37:83:14:
91:db:bc:1c:14:b3:9a:02:3d:64:0f:33:b3:97:82:
14:fc:e7:a0:c0:b1:39:36:20:17:bc:dd:42:fb:d9:
f5:d1:7e:43:0c:df:0f:cb:75:89:d5:a7:ea:ff:5c:
81:cc:62:80:e5:03:cb:06:00:dd:bd:24:ec:ce:69:
1e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:87:DA:63:DA:F2:3D:8D:4C:19:99:21:D1:43:99:53:42:E2:D5:E9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/m4faY9ryPY1MGZkh0UOZU0Li1ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.37.0/24
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f0:33:40:5b:81:96:70:ab:3c:0c:5c:3b:6e:53:33:f1:48:
aa:c6:4a:c0:88:34:8e:9b:f3:2d:ab:71:cb:d1:bf:49:99:f8:
a2:3a:e5:48:e6:65:64:cc:68:23:13:12:85:a4:db:60:d0:23:
d0:66:03:30:36:67:a8:8c:75:0b:20:78:cb:68:ce:5f:b1:a2:
b1:af:f7:d4:f1:87:6d:31:ee:d7:5c:61:5e:29:e8:af:e0:e6:
46:84:9b:f4:62:8c:2b:9d:9e:a0:47:a0:40:b0:39:bd:ae:4a:
17:4f:bb:16:b8:22:f0:68:53:26:e4:e2:ba:94:f4:d9:b6:2b:
6c:10:1f:79:0b:2f:24:13:f7:e4:70:dd:61:cc:9c:1e:c2:7a:
15:ce:ae:e4:d6:ae:ca:2d:98:bb:20:a7:ed:aa:16:91:45:95:
04:e7:28:28:7d:e1:28:0b:ff:de:55:d3:1d:31:d2:bf:ae:98:
ea:84:58:81:ef:23:10:05:3f:d7:5d:99:1f:6d:28:26:08:14:
70:81:1a:99:f2:aa:f2:89:d9:30:80:2a:e5:d0:bf:fb:79:83:
44:01:04:17:52:ab:6f:04:c3:c7:3b:16:7a:a4:04:cd:ca:ee:
93:ec:80:16:92:d6:e5:65:66:db:6a:e8:df:cf:d8:54:98:52:
99:17:ee:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGzn4liaaSD6pQXWcJ8VsuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMTY0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg3ZGE2M2RhZjIzZDhkNGMxOTk5MjFkMTQzOTk1MzQyZTJkNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAwOh28isU12B+9DbhPqZ2Lbhmro
N+ROIFFJdRZl/RUI4OciJXqg3fZ3JjqizmlyfvtdLNdEnsPVOfPCrDB6zp1IWrdp
MnBhLbPg1zfSp6i6Bonl/mNgk0bj+nYeovasGJQIt25+bbil49zZE1PaNI3XA3or
VTTHLWi1D2PoSH+Xsb5vhvDmF0MeHjJ2LxAp9M2a0j9Xud6hP3sd63zDJG5jShWH
Sl60bB6lvzSjhwCVjByjXHGJL9pja4F2Md83gxSR27wcFLOaAj1kDzOzl4IU/Oeg
wLE5NiAXvN1C+9n10X5DDN8Py3WJ1afq/1yBzGKA5QPLBgDdvSTszmkemQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJuH2mPa8j2NTBmZIdFDmVNC4tXpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbTRmYVk5cnlQWTFNR1praDBVT1pVMExpMWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwsAwQA
wlclAwQAw4URAwQAw4UnMA0GCSqGSIb3DQEBCwUAA4IBAQBX8DNAW4GWcKs8DFw7
blMz8UiqxkrAiDSOm/Mtq3HL0b9JmfiiOuVI5mVkzGgjExKFpNtg0CPQZgMwNmeo
jHULIHjLaM5fsaKxr/fU8YdtMe7XXGFeKeiv4OZGhJv0YowrnZ6gR6BAsDm9rkoX
T7sWuCLwaFMm5OK6lPTZtitsEB95Cy8kE/fkcN1hzJwewnoVzq7k1q7KLZi7IKft
qhaRRZUE5ygofeEoC//eVdMdMdK/rpjqhFiB7yMQBT/XXZkfbSgmCBRwgRqZ8qry
idkwgCrl0L/7eYNEAQQXUqtvBMPHOxZ6pATNyu6T7IAWktblZWbbaujfz9hUmFKZ
F+5s
-----END CERTIFICATE-----
Generated at Mon Oct 7 14:40:53 2024 by rpki-client on console-ams.rpki-client.org