Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pqb3MwLDAZQPNQtFa8bGEDZhvHo.roa
File: pqb3MwLDAZQPNQtFa8bGEDZhvHo.roa (raw, json)
Hash identifier: 313JEHn81w2IVN8veTQOffxxPQBeODxwMMS4isED1NQ=
Subject key identifier: A6:A6:F7:33:02:C3:01:94:0F:35:0B:45:6B:C6:C6:10:36:61:BC:7A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185E49DEF9ED09DF0D283C8B75ABB1C535C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pqb3MwLDAZQPNQtFa8bGEDZhvHo.roa
Signing time: Tue 24 Jan 2023 16:30:33 +0000
ROA not before: Tue 24 Jan 2023 16:30:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.204.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jan 2023 05:07:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:9d:ef:9e:d0:9d:f0:d2:83:c8:b7:5a:bb:1c:53:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 24 16:30:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6a6f73302c301940f350b456bc6c6103661bc7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:c5:9c:51:49:a0:84:cb:a2:8b:e9:78:e5:
68:4a:0b:4e:b9:1e:c3:32:0a:93:e7:65:49:95:c5:
f5:96:40:88:aa:bc:b1:eb:87:79:aa:13:45:ef:34:
21:74:e4:61:ed:72:4f:78:4e:81:14:a9:d5:4f:62:
c8:2a:91:14:af:7a:e9:00:5c:c5:97:f6:be:4d:c8:
e8:d4:fe:b1:15:03:86:7c:a1:d2:ac:5e:a9:d4:54:
3b:a9:f0:28:85:4d:db:8e:43:76:54:6d:02:98:03:
02:cc:21:8d:33:bd:d8:47:be:9b:78:7c:5e:9f:ce:
d4:37:a8:4d:e9:e4:47:d5:28:f4:30:94:eb:f0:1f:
4b:f8:89:bc:0b:38:a2:c0:38:20:2d:26:b7:50:16:
cb:eb:65:99:81:f5:55:bd:fc:de:51:c6:54:06:e4:
9f:c0:80:aa:29:97:be:f0:ce:3a:bb:e2:83:d5:b1:
06:f8:9a:74:2a:c7:9b:b0:3a:72:b0:a7:5c:fc:71:
7f:1b:b3:75:bd:a9:8d:25:e5:3d:b1:6c:ed:9d:fc:
55:23:fc:f7:35:df:6c:cb:c0:20:77:9a:d9:68:cb:
f4:b9:99:c2:a7:2a:18:27:18:9c:92:35:e8:9b:f1:
ef:43:a5:b8:54:96:3b:c7:37:e1:dc:2a:9e:f1:6d:
48:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A6:F7:33:02:C3:01:94:0F:35:0B:45:6B:C6:C6:10:36:61:BC:7A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pqb3MwLDAZQPNQtFa8bGEDZhvHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.204.0/24
194.87.208.0/24
194.87.231.0/24
195.58.38.0/24
195.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
11:cf:e3:22:b3:8d:23:46:f2:d9:41:7b:a7:f9:7f:8b:0f:8b:
eb:56:ee:28:97:c9:60:f1:f3:0d:fe:39:05:f1:63:5c:f5:94:
c9:82:ef:48:44:ad:08:a4:88:b4:1f:7a:15:9f:7e:05:a1:28:
46:c7:8d:2b:13:68:50:74:37:6d:3f:e6:52:f7:f3:5d:b9:ab:
6e:f7:bd:0f:59:6a:c4:e4:55:e6:23:dd:61:38:f3:88:16:7b:
91:69:a0:e2:97:30:b1:52:37:1a:b2:d4:f7:30:cb:7c:de:db:
d5:41:ae:eb:87:15:ec:b5:44:c3:45:18:a3:76:89:26:50:23:
69:33:05:40:9c:a5:18:8e:97:77:d6:47:8a:fe:7b:e6:0c:4a:
d6:7c:f6:ec:ae:44:45:b1:31:b6:fc:16:43:7e:6e:04:a8:5f:
b2:5e:f2:03:28:83:85:6c:c1:bf:b4:1d:ef:f6:ed:f1:c2:1e:
3b:8d:7e:2c:fd:6d:da:2b:59:4e:88:1e:2d:f5:d3:69:3b:a0:
94:f0:95:ee:bd:89:58:fe:81:5e:31:df:a1:3c:92:0c:72:5b:
ab:18:e2:b9:f8:fb:18:d9:e6:a2:90:15:fc:d7:fc:21:41:9f:
c4:37:5f:63:f6:39:07:82:43:e4:40:c2:3b:c7:a8:2f:3a:4e:
43:1e:6c:be
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXkne+e0J3w0oPIt1q7HFNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI0MTYzMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE2ZjczMzAyYzMwMTk0MGYzNTBiNDU2YmM2YzYxMDM2NjFiYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIbFnFFJoITLoovpeOVoSgtOuR7D
MgqT52VJlcX1lkCIqryx64d5qhNF7zQhdORh7XJPeE6BFKnVT2LIKpEUr3rpAFzF
l/a+Tcjo1P6xFQOGfKHSrF6p1FQ7qfAohU3bjkN2VG0CmAMCzCGNM73YR76beHxe
n87UN6hN6eRH1Sj0MJTr8B9L+Im8CziiwDggLSa3UBbL62WZgfVVvfzeUcZUBuSf
wICqKZe+8M46u+KD1bEG+Jp0KsebsDpysKdc/HF/G7N1vamNJeU9sWztnfxVI/z3
Nd9sy8Agd5rZaMv0uZnCpyoYJxickjXom/HvQ6W4VJY7xzfh3Cqe8W1IPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKam9zMCwwGUDzULRWvGxhA2Ybx6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcHFiM013TERBWlFQTlF0RmE4YkdFRFpodkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlfMAwQA
wlfQAwQAwlfnAwQAwzomAwQAw4UPMA0GCSqGSIb3DQEBCwUAA4IBAQARz+Mis40j
RvLZQXun+X+LD4vrVu4ol8lg8fMN/jkF8WNc9ZTJgu9IRK0IpIi0H3oVn34FoShG
x40rE2hQdDdtP+ZS9/Nduatu970PWWrE5FXmI91hOPOIFnuRaaDilzCxUjcastT3
MMt83tvVQa7rhxXstUTDRRijdokmUCNpMwVAnKUYjpd31keK/nvmDErWfPbsrkRF
sTG2/BZDfm4EqF+yXvIDKIOFbMG/tB3v9u3xwh47jX4s/W3aK1lOiB4t9dNpO6CU
8JXuvYlY/oFeMd+hPJIMclurGOK5+PsY2eaikBX81/whQZ/EN19j9jkHgkPkQMI7
x6gvOk5DHmy+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org