Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nVB-o7HMTKwcxtYg8R-0vClCURY.roa
File: nVB-o7HMTKwcxtYg8R-0vClCURY.roa (raw, json)
Hash identifier: wZLHIFXP4hDftaBFp0DxM+gqZ9FpoFdsjmzKThepU4Y=
Subject key identifier: 9D:50:7E:A3:B1:CC:4C:AC:1C:C6:D6:20:F1:1F:B4:BC:29:42:51:16
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875713B9C6179CD3DF683B98B13FFDE07F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nVB-o7HMTKwcxtYg8R-0vClCURY.roa
Signing time: Thu 06 Apr 2023 14:58:43 +0000
ROA not before: Thu 06 Apr 2023 14:58:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26383
IP address blocks: 193.124.22.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 09:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:13:b9:c6:17:9c:d3:df:68:3b:98:b1:3f:fd:e0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 14:58:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d507ea3b1cc4cac1cc6d620f11fb4bc29425116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:da:8d:b1:ea:a3:f2:1d:87:cf:c3:d6:b5:d1:
a3:34:e3:bc:72:3c:73:79:db:f2:4c:cb:0b:06:39:
8e:39:6d:e6:da:be:54:df:4e:5c:83:70:a1:10:dd:
6e:61:27:68:21:3f:b6:29:aa:4d:4e:73:d6:e5:af:
9c:16:22:21:bd:9c:44:5e:f7:36:ac:f0:7f:79:5b:
17:7b:d6:47:f8:05:6e:f0:17:82:aa:27:d2:b0:42:
f7:87:58:1e:a2:57:a1:86:8b:9c:bc:25:12:07:dd:
4f:08:ed:93:8e:35:d1:36:9f:a4:4f:f8:f2:97:c1:
c4:eb:49:fc:4d:0f:34:4b:e2:3e:38:21:21:8b:74:
b0:a1:f3:51:19:44:b1:92:52:eb:2c:0a:e7:43:b9:
4e:f2:a2:76:9d:02:8f:9f:42:97:de:4b:3d:a0:ff:
2d:26:34:2f:d3:8a:6e:66:71:d3:fc:d1:0c:cc:7e:
8e:18:52:e9:c5:94:7f:64:bb:ff:5c:75:03:1d:14:
45:cf:2f:de:92:28:fc:d2:aa:1d:e9:23:14:12:ac:
32:fc:1f:60:0d:bb:0e:4d:4e:81:06:87:c6:fb:bc:
88:2a:0b:08:7c:30:eb:b6:60:be:45:5e:75:ae:16:
d8:9d:c5:9b:db:53:b4:62:b2:c6:53:09:4f:35:02:
7f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:50:7E:A3:B1:CC:4C:AC:1C:C6:D6:20:F1:1F:B4:BC:29:42:51:16
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nVB-o7HMTKwcxtYg8R-0vClCURY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
185.72.8.0/24
193.124.22.0/24
194.58.34.0/24
194.87.47.0/24
194.87.189.0/24
212.192.12.0/24
212.192.15.0/24
Signature Algorithm: sha256WithRSAEncryption
58:0e:1c:58:7f:5c:9c:fa:fa:75:47:53:2d:ed:30:c7:e3:f1:
e0:01:25:a5:1d:3d:fd:2f:f0:a4:05:4c:76:05:0d:27:c6:33:
12:2d:9c:24:7a:ea:97:13:ab:bc:d3:a7:71:98:31:76:ea:eb:
f0:bb:18:24:b9:90:3f:cd:0d:7b:5a:5f:34:40:5f:f4:4f:bb:
a7:4d:b3:cc:8e:3b:e4:5b:1e:55:55:c3:54:c8:c4:27:39:11:
43:1e:ba:45:db:63:ce:06:0e:5e:4c:f1:0c:00:10:f7:57:9a:
c2:1d:5b:2c:f4:d9:8c:af:c5:c1:53:85:80:80:80:3f:5b:48:
35:9a:ac:07:8f:a5:28:12:25:69:9b:ca:f9:ac:00:10:a8:ce:
b2:8d:6e:8d:9d:8c:01:dd:8d:97:9d:b2:45:61:a4:57:7f:57:
c6:b8:71:fd:75:f9:77:bf:78:c1:2d:5c:9e:67:a4:78:5e:82:
a7:f6:1a:54:cd:a9:43:cc:87:09:1d:3e:91:85:1b:b2:83:17:
bb:19:7a:97:32:a6:d3:04:8c:bb:6d:e5:43:57:1f:7f:99:63:
9e:1b:38:cd:2d:bd:fa:c3:26:92:63:02:f5:95:0c:5c:b4:2e:
c7:fc:e1:27:f8:2f:0c:dd:44:99:92:04:89:44:42:05:92:29:
38:34:4c:97
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdXE7nGF5zT32g7mLE//eB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTQ1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUwN2VhM2IxY2M0Y2FjMWNjNmQ2MjBmMTFmYjRiYzI5NDI1MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tqNseqj8h2Hz8PWtdGjNOO8cjxz
edvyTMsLBjmOOW3m2r5U305cg3ChEN1uYSdoIT+2KapNTnPW5a+cFiIhvZxEXvc2
rPB/eVsXe9ZH+AVu8BeCqifSsEL3h1geolehhoucvCUSB91PCO2TjjXRNp+kT/jy
l8HE60n8TQ80S+I+OCEhi3SwofNRGUSxklLrLArnQ7lO8qJ2nQKPn0KX3ks9oP8t
JjQv04puZnHT/NEMzH6OGFLpxZR/ZLv/XHUDHRRFzy/ekij80qod6SMUEqwy/B9g
DbsOTU6BBofG+7yIKgsIfDDrtmC+RV51rhbYncWb21O0YrLGUwlPNQJ/wQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ1QfqOxzEysHMbWIPEftLwpQlEWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvblZCLW83SE1US3djeHRZZzhSLTB2Q2xDVVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPkzqAwQA
uUgIAwQAwXwWAwQAwjoiAwQAwlcvAwQAwle9AwQA1MAMAwQA1MAPMA0GCSqGSIb3
DQEBCwUAA4IBAQBYDhxYf1yc+vp1R1Mt7TDH4/HgASWlHT39L/CkBUx2BQ0nxjMS
LZwkeuqXE6u806dxmDF26uvwuxgkuZA/zQ17Wl80QF/0T7unTbPMjjvkWx5VVcNU
yMQnORFDHrpF22POBg5eTPEMABD3V5rCHVss9NmMr8XBU4WAgIA/W0g1mqwHj6Uo
EiVpm8r5rAAQqM6yjW6NnYwB3Y2XnbJFYaRXf1fGuHH9dfl3v3jBLVyeZ6R4XoKn
9hpUzalDzIcJHT6RhRuygxe7GXqXMqbTBIy7beVDVx9/mWOeGzjNLb36wyaSYwL1
lQxctC7H/OEn+C8M3USZkgSJREIFkik4NEyX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org