Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pY-mDmVJ8UcbIydhBJQVkYnavmw.roa
File: pY-mDmVJ8UcbIydhBJQVkYnavmw.roa (raw, json)
Hash identifier: ieB/opy/IF5ZNHA429wi0SYiyGMTLuws6YbYydYKIlg=
Subject key identifier: A5:8F:A6:0E:65:49:F1:47:1B:23:27:61:04:94:15:91:89:DA:BE:6C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191BDA219B6BA3802E72BE7B6CE347AB614
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pY-mDmVJ8UcbIydhBJQVkYnavmw.roa
Signing time: Wed 04 Sep 2024 15:23:22 +0000
ROA not before: Wed 04 Sep 2024 15:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.155.0/24 maxlen: 24
194.87.58.0/23 maxlen: 23
194.87.85.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.26.0/24 maxlen: 24
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.31.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Sep 2024 11:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:a2:19:b6:ba:38:02:e7:2b:e7:b6:ce:34:7a:b6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 15:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a58fa60e6549f1471b2327610494159189dabe6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:67:c3:4c:18:79:0e:13:05:b9:6e:22:20:bc:
97:3b:84:ab:6c:9b:7e:04:a7:1d:5d:37:89:07:d3:
f9:de:37:45:dd:c0:9a:5e:c1:40:15:76:b9:39:8c:
4f:b6:83:ff:90:fc:ba:0d:bc:4f:54:09:23:d0:bc:
76:fd:f3:60:94:cd:16:12:6c:2b:96:6f:c5:36:5d:
7e:11:7e:59:b5:64:d2:5e:d7:28:81:be:85:0e:14:
f5:f2:b4:a0:f9:96:df:f2:5d:77:36:10:8d:87:0d:
fd:5b:bd:2a:78:c9:ee:0e:99:de:b7:e5:80:be:50:
0c:db:df:41:78:2c:60:bf:67:00:1e:17:91:da:a1:
1f:44:a0:7b:7e:0b:fd:bc:0b:fa:47:74:0c:cd:09:
0e:6c:d6:13:27:91:a8:8e:1d:18:3f:1d:f2:49:6b:
50:fb:b0:5c:14:c7:a7:83:20:8d:5d:d2:2e:7c:52:
7a:b8:6c:b3:b2:9c:4f:82:81:94:fb:29:2c:13:22:
15:e4:e6:ac:7c:3b:59:07:96:b0:aa:81:25:0f:0e:
89:7e:0a:80:98:f4:ac:ef:29:a6:bb:76:0f:c7:9e:
98:d0:97:d3:89:e4:ce:92:85:70:18:f2:3c:f1:1a:
41:b2:f4:da:69:2e:d4:35:0a:bd:39:1e:b5:a8:e2:
4d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8F:A6:0E:65:49:F1:47:1B:23:27:61:04:94:15:91:89:DA:BE:6C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pY-mDmVJ8UcbIydhBJQVkYnavmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.155.0/24
194.87.58.0/23
194.87.85.0/24
194.87.169.0/24
195.133.18.0/24
195.133.24.0-195.133.26.255
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.192.246.0/24
212.192.248.0/24
212.193.26.0/23
212.193.31.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:8a:4a:82:28:49:9c:60:0b:3f:4f:77:60:07:87:73:f3:87:
32:1d:68:25:46:be:0e:78:9b:ef:03:af:90:da:a5:c1:c6:09:
f2:87:e4:4b:97:e4:11:86:12:18:33:ab:6c:5b:e3:a9:09:b7:
01:c3:f8:f4:a0:83:cf:ae:7b:58:9f:c4:36:75:8b:f4:d4:c9:
0f:c1:26:46:4e:46:7a:51:09:86:07:85:e3:cb:e2:52:b5:e0:
fd:c9:8b:d9:3e:18:25:73:aa:44:49:e6:3d:2a:5f:ad:b6:b3:
94:12:4c:c8:9e:49:dc:11:a5:24:e0:40:a7:81:94:8c:2a:21:
11:63:44:5c:1a:8b:1f:d2:0f:7a:bf:88:b4:9b:e0:c0:a8:5b:
8d:c9:84:23:be:7f:88:24:23:d3:ae:3b:b0:6d:e2:c6:05:4e:
20:10:3d:e4:51:d7:32:77:7c:63:0b:8d:c1:8f:11:f8:79:78:
d9:6c:c9:76:3e:a8:81:57:cb:1d:69:70:87:f7:ff:be:b1:26:
34:63:5f:a5:43:bb:00:0b:ff:f3:b6:85:29:79:4d:10:78:46:
f6:d8:14:c3:14:8e:da:71:9d:4b:f1:16:81:0e:a0:af:8d:61:
2c:10:12:6c:5b:42:b0:24:64:38:24:38:78:5c:5a:aa:fb:ca:
de:60:74:89
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZG9ohm2ujgC5yvnts40erYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA0MTUyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThmYTYwZTY1NDlmMTQ3MWIyMzI3NjEwNDk0MTU5MTg5ZGFiZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmfDTBh5DhMFuW4iILyXO4SrbJt+
BKcdXTeJB9P53jdF3cCaXsFAFXa5OYxPtoP/kPy6DbxPVAkj0Lx2/fNglM0WEmwr
lm/FNl1+EX5ZtWTSXtcogb6FDhT18rSg+Zbf8l13NhCNhw39W70qeMnuDpnet+WA
vlAM299BeCxgv2cAHheR2qEfRKB7fgv9vAv6R3QMzQkObNYTJ5Gojh0YPx3ySWtQ
+7BcFMengyCNXdIufFJ6uGyzspxPgoGU+yksEyIV5OasfDtZB5awqoElDw6JfgqA
mPSs7ymmu3YPx56Y0JfTieTOkoVwGPI88RpBsvTaaS7UNQq9OR61qOJNiwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKWPpg5lSfFHGyMnYQSUFZGJ2r5sMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcFktbURtVko4VWNiSXlkaEJKUVZrWW5hdm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVgMEAMI6mwME
AcJXOgMEAMJXVQMEAMJXqQMEAMOFEjAMAwQDw4UYAwQAw4UaAwQBw4UyAwQBw4Vc
AwQA1MABAwQA1MD2AwQA1MD4AwQB1MEaAwQA1MEfMBQEAgACMA4DBQMqAVfAAwUD
Kgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAG4pKgihJnGALP093YAeHc/OHMh1oJUa+
Dnib7wOvkNqlwcYJ8ofkS5fkEYYSGDOrbFvjqQm3AcP49KCDz657WJ/ENnWL9NTJ
D8EmRk5GelEJhgeF48viUrXg/cmL2T4YJXOqREnmPSpfrbazlBJMyJ5J3BGlJOBA
p4GUjCohEWNEXBqLH9IPer+ItJvgwKhbjcmEI75/iCQj0647sG3ixgVOIBA95FHX
Mnd8YwuNwY8R+Hl42WzJdj6ogVfLHWlwh/f/vrEmNGNfpUO7AAv/87aFKXlNEHhG
9tgUwxSO2nGdS/EWgQ6gr41hLBASbFtCsCRkOCQ4eFxaqvvK3mB0iQ==
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:28:49 2024 by rpki-client on console-ams.rpki-client.org