Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mnJovq7vvRaUCGB2ka7ByDTUbMk.roa
File: mnJovq7vvRaUCGB2ka7ByDTUbMk.roa (raw, json)
Hash identifier: MHT+0iaSV3EcO217urPCOepcSpGeaUDIjK67N86K3xU=
Subject key identifier: 9A:72:68:BE:AE:EF:BD:16:94:08:60:76:91:AE:C1:C8:34:D4:6C:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D1611618B824B82409B7D3516193C74D1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mnJovq7vvRaUCGB2ka7ByDTUbMk.roa
Signing time: Wed 17 Jan 2024 06:17:34 +0000
ROA not before: Wed 17 Jan 2024 06:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.66.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 11:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:11:61:8b:82:4b:82:40:9b:7d:35:16:19:3c:74:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 06:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a7268beaeefbd169408607691aec1c834d46cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:4e:b1:27:08:28:df:16:f6:0b:ab:eb:34:
5f:d8:96:13:ff:2e:57:d8:d3:3c:31:42:14:31:46:
17:76:0d:26:90:b6:ad:e6:2f:9a:52:cd:14:f2:c2:
27:27:ab:a2:28:3b:35:4e:f9:82:e9:12:0c:5d:0b:
97:a2:76:5b:61:80:0e:cc:70:df:4c:ab:3b:dc:d5:
cf:78:5d:2e:ff:f6:0d:ec:ec:7e:26:95:de:93:fe:
d8:61:8d:14:51:d9:1c:92:75:52:2f:11:64:e8:5b:
f6:29:30:78:48:ea:28:04:af:11:38:3f:bf:50:51:
b0:64:8d:33:bc:b4:c4:1c:fd:3b:f9:5d:dc:74:1f:
60:0d:39:9b:04:b9:dc:91:39:a2:c7:b8:9b:72:fb:
e6:9d:98:a1:35:79:3c:f9:e7:f6:72:23:3f:ec:1d:
15:1a:cd:c7:a4:47:83:2a:60:69:a2:b9:80:5d:39:
f5:24:d3:9a:a8:da:e2:f2:d0:a7:e4:e5:1d:d7:5b:
8f:b1:16:18:5d:e6:9f:39:4b:5d:c6:ad:63:94:24:
6c:40:e5:f3:a4:bf:01:ee:7a:81:76:6c:08:f4:74:
0c:3c:9f:c8:67:3c:cb:f9:29:33:67:cf:1a:dc:b8:
1d:9f:07:2f:72:88:ad:9a:b4:a2:d2:34:d9:d7:8c:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:72:68:BE:AE:EF:BD:16:94:08:60:76:91:AE:C1:C8:34:D4:6C:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mnJovq7vvRaUCGB2ka7ByDTUbMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.32.0/24
194.87.40.0/24
194.87.66.0/24
194.135.30.0/24
195.58.35.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:fc:90:4b:9f:47:c6:f2:f2:28:60:62:73:c2:97:7a:cf:eb:
5d:03:dd:b1:8c:95:80:9a:89:c6:0f:92:92:dd:ab:27:0b:d1:
7a:eb:7d:e1:cf:e9:1f:ee:b2:3f:20:7a:00:c7:e1:da:4d:22:
08:d5:27:4d:3c:53:b7:90:56:53:97:91:e1:aa:49:4c:ff:7a:
e5:ae:27:e5:6c:71:bf:2c:a9:81:93:38:20:ff:59:c0:44:7f:
52:43:b3:e6:b6:20:3b:3f:5f:11:e9:93:21:71:e0:c1:63:65:
68:27:ba:4c:2b:4d:7e:b3:8f:d9:d9:b4:e4:2c:09:25:34:95:
5a:d4:a4:17:dc:cf:a7:4f:6a:93:e7:35:7c:dc:91:89:1b:b1:
74:88:69:6f:2a:3a:6c:05:06:91:22:26:3f:f7:7d:18:8b:17:
4b:31:06:d5:16:39:26:ed:0a:7c:4f:73:e5:c0:06:0b:9c:f3:
61:1b:59:9d:cb:6b:b4:e3:a0:ec:a8:87:d9:7f:5b:7f:54:8a:
d2:46:5e:95:48:03:b6:8b:74:13:88:2d:ef:f5:48:a8:b9:0e:
16:36:3c:60:69:81:21:8d:27:4d:ea:da:62:12:d3:50:87:d1:
0e:9d:68:23:4e:c6:c1:76:dd:d8:60:77:9b:e8:58:0c:6c:2d:
63:b4:86:05
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0WEWGLgkuCQJt9NRYZPHTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE3MDYxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTcyNjhiZWFlZWZiZDE2OTQwODYwNzY5MWFlYzFjODM0ZDQ2Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbROsScIKN8W9gur6zRf2JYT/y5X
2NM8MUIUMUYXdg0mkLat5i+aUs0U8sInJ6uiKDs1TvmC6RIMXQuXonZbYYAOzHDf
TKs73NXPeF0u//YN7Ox+JpXek/7YYY0UUdkcknVSLxFk6Fv2KTB4SOooBK8ROD+/
UFGwZI0zvLTEHP07+V3cdB9gDTmbBLnckTmix7ibcvvmnZihNXk8+ef2ciM/7B0V
Gs3HpEeDKmBpormAXTn1JNOaqNri8tCn5OUd11uPsRYYXeafOUtdxq1jlCRsQOXz
pL8B7nqBdmwI9HQMPJ/IZzzL+SkzZ88a3LgdnwcvcoitmrSi0jTZ14zvhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJpyaL6u770WlAhgdpGuwcg01GzJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbW5Kb3ZxN3Z2UmFVQ0dCMmthN0J5RFRVYk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlcgAwQA
wlcoAwQAwldCAwQAwoceAwQAwzojAwQCw4UoAwQA1MD+MA0GCSqGSIb3DQEBCwUA
A4IBAQAq/JBLn0fG8vIoYGJzwpd6z+tdA92xjJWAmonGD5KS3asnC9F6633hz+kf
7rI/IHoAx+HaTSII1SdNPFO3kFZTl5HhqklM/3rlriflbHG/LKmBkzgg/1nARH9S
Q7PmtiA7P18R6ZMhceDBY2VoJ7pMK01+s4/Z2bTkLAklNJVa1KQX3M+nT2qT5zV8
3JGJG7F0iGlvKjpsBQaRIiY/930YixdLMQbVFjkm7Qp8T3PlwAYLnPNhG1mdy2u0
46DsqIfZf1t/VIrSRl6VSAO2i3QTiC3v9UiouQ4WNjxgaYEhjSdN6tpiEtNQh9EO
nWgjTsbBdt3YYHeb6FgMbC1jtIYF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org