Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjDLSAxtKQpRygcs75pkppCU4zA.roa
File: pjDLSAxtKQpRygcs75pkppCU4zA.roa (raw, json)
Hash identifier: HgzW/PcsH9MVQY9KxwVarcPElaJUGb9trndm8ewMcNI=
Subject key identifier: A6:30:CB:48:0C:6D:29:0A:51:CA:07:2C:EF:9A:64:A6:90:94:E3:30
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187D1F9D06EE5764916F7EDA4050FAD213E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjDLSAxtKQpRygcs75pkppCU4zA.roa
Signing time: Sun 30 Apr 2023 11:43:42 +0000
ROA not before: Sun 30 Apr 2023 11:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 06:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d1:f9:d0:6e:e5:76:49:16:f7:ed:a4:05:0f:ad:21:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 30 11:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a630cb480c6d290a51ca072cef9a64a69094e330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f6:14:9a:c1:75:39:87:6c:67:13:83:d0:0e:
4c:e8:22:f2:bf:6c:95:17:e8:28:2e:79:7a:d5:0d:
8e:1e:09:e6:75:75:d6:09:9f:58:d2:04:51:9b:33:
5e:70:50:56:44:d0:1e:b0:0e:cd:d0:85:cd:78:a5:
4f:f0:38:f1:67:87:8a:a5:0f:ca:4c:bb:77:52:1e:
f7:9b:aa:f7:cd:4f:f1:91:f9:ee:b2:be:6a:39:75:
92:54:18:dc:c5:e6:bf:2c:c9:22:27:3b:4e:0f:08:
7a:aa:bf:3b:cb:90:36:ea:9e:86:f1:6c:a8:d5:d6:
15:fc:05:39:95:fd:13:b1:8c:9e:46:6c:34:28:fb:
3e:05:34:09:8a:75:95:ec:66:4c:bd:d7:7c:2b:f5:
8d:75:be:f5:de:ef:5c:c0:fa:41:48:3f:7a:38:7c:
05:9d:e3:52:12:c1:b6:0e:50:5c:89:64:0b:c1:fd:
e5:f4:c2:44:d8:3a:95:b5:fe:00:1f:79:98:2b:73:
19:ff:0e:e1:1d:e2:ab:7d:de:73:d7:ff:d5:87:3c:
d7:a1:27:23:d6:19:df:f7:67:21:b6:6d:b0:00:88:
69:42:a8:62:61:20:01:44:f7:60:6b:e8:22:31:59:
ac:5d:e0:f0:2a:86:b1:f6:54:87:a9:d2:36:09:9f:
14:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:30:CB:48:0C:6D:29:0A:51:CA:07:2C:EF:9A:64:A6:90:94:E3:30
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pjDLSAxtKQpRygcs75pkppCU4zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.180.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
88:0a:9c:e0:b3:19:ce:98:29:24:11:7e:08:d5:f7:a7:f7:96:
7e:f1:c7:27:5c:e0:e1:2e:fb:82:5b:50:59:24:a5:79:40:4a:
53:07:f4:22:2c:6c:a2:c8:85:92:ef:e0:35:85:f6:42:1b:65:
f6:e3:0c:c7:e4:26:16:7d:a9:a1:0c:ea:41:14:17:e4:67:d2:
82:65:fd:31:e3:75:24:87:3d:6e:46:7b:8b:65:57:8d:25:8f:
8f:9c:70:1d:e4:10:56:03:39:d5:01:4b:38:15:a3:6a:0c:d8:
db:a4:46:3a:6e:31:b2:e0:c0:e5:cc:3b:59:e2:58:7d:6a:96:
6c:e9:ac:c8:34:a7:f1:d1:3f:d4:9a:41:72:46:5b:61:72:b8:
e2:9c:6d:75:f6:ef:c4:ba:a7:aa:4c:76:c0:b1:73:49:a8:7d:
33:ea:37:e7:fc:8b:9b:92:ea:6b:db:18:68:f6:45:05:68:55:
df:53:ad:65:0b:e6:14:ae:ff:4b:1c:1e:1b:76:5e:7f:d4:e7:
76:f2:41:d1:67:86:41:50:e5:d1:f1:75:0d:8a:a2:d2:e4:f2:
4c:f5:ef:22:5e:3a:ca:d8:ba:9f:03:ed:e6:35:5f:29:47:a5:
78:c4:45:fe:b9:44:5c:d1:a3:a6:73:e6:9d:94:70:de:b9:5b:
5c:89:1a:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfR+dBu5XZJFvftpAUPrSE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDMwMTE0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjMwY2I0ODBjNmQyOTBhNTFjYTA3MmNlZjlhNjRhNjkwOTRlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/YUmsF1OYdsZxOD0A5M6CLyv2yV
F+goLnl61Q2OHgnmdXXWCZ9Y0gRRmzNecFBWRNAesA7N0IXNeKVP8DjxZ4eKpQ/K
TLt3Uh73m6r3zU/xkfnusr5qOXWSVBjcxea/LMkiJztODwh6qr87y5A26p6G8Wyo
1dYV/AU5lf0TsYyeRmw0KPs+BTQJinWV7GZMvdd8K/WNdb713u9cwPpBSD96OHwF
neNSEsG2DlBciWQLwf3l9MJE2DqVtf4AH3mYK3MZ/w7hHeKrfd5z1//VhzzXoScj
1hnf92chtm2wAIhpQqhiYSABRPdga+giMVmsXeDwKoax9lSHqdI2CZ8UuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKYwy0gMbSkKUcoHLO+aZKaQlOMwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGpETFNBeHRLUXBSeWdjczc1cGtwcENVNHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo9AwQA
wle0AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQCICpzgsxnOmCkkEX4I1fen95Z+
8ccnXODhLvuCW1BZJKV5QEpTB/QiLGyiyIWS7+A1hfZCG2X24wzH5CYWfamhDOpB
FBfkZ9KCZf0x43Ukhz1uRnuLZVeNJY+PnHAd5BBWAznVAUs4FaNqDNjbpEY6bjGy
4MDlzDtZ4lh9apZs6azINKfx0T/UmkFyRlthcrjinG119u/EuqeqTHbAsXNJqH0z
6jfn/Iubkupr2xho9kUFaFXfU61lC+YUrv9LHB4bdl5/1Od28kHRZ4ZBUOXR8XUN
iqLS5PJM9e8iXjrK2LqfA+3mNV8pR6V4xEX+uURc0aOmc+adlHDeuVtciRog
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:27 2024 by rpki-client on console-fra.rpki-client.org