Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/q7eFBgeqloHdIeVCnFjbqszCb0E.roa
File: q7eFBgeqloHdIeVCnFjbqszCb0E.roa (raw, json)
Hash identifier: 6BVGno5sX9gdgyFT0CBP8rQNHVOrZNyzQiNHpHBl0t8=
Subject key identifier: AB:B7:85:06:07:AA:96:81:DD:21:E5:42:9C:58:DB:AA:CC:C2:6F:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A0734A469A0F6CC73EC7011728522C609
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/q7eFBgeqloHdIeVCnFjbqszCb0E.roa
Signing time: Fri 18 Aug 2023 05:53:25 +0000
ROA not before: Fri 18 Aug 2023 05:53:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 195.133.78.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
194.87.20.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 10:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:34:a4:69:a0:f6:cc:73:ec:70:11:72:85:22:c6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 18 05:53:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abb7850607aa9681dd21e5429c58dbaaccc26f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:1d:39:c4:0e:b8:68:92:1e:9f:78:74:ea:
c1:eb:3d:10:c1:7e:ae:5b:06:e2:06:5a:4f:24:10:
e9:02:d1:80:ed:f5:66:7e:50:88:90:de:3f:4c:93:
2d:4c:73:50:be:a4:c5:b7:f0:d4:06:a9:5d:f1:b9:
b2:f9:fd:9f:6c:3f:c0:24:cf:70:78:3c:4b:7c:e3:
35:b1:a3:53:ab:97:6b:dd:91:1b:ee:db:8d:22:00:
fd:60:3e:85:2d:e0:79:62:0e:18:0f:4d:43:3f:ae:
2c:72:24:ab:ef:b3:89:df:3b:9a:ab:44:95:89:32:
6a:00:30:67:9a:92:8d:13:c9:c4:89:fd:7b:f5:dd:
4d:05:c8:6d:c8:c1:47:c1:aa:9d:59:c2:f9:8e:6d:
a7:26:55:83:9e:da:a4:af:e0:fe:56:0b:26:56:3a:
28:89:74:51:a2:61:4a:12:3f:50:c3:2d:0d:03:f8:
6e:de:6e:a1:6a:39:40:74:58:a8:4b:cb:de:2b:ad:
65:d8:71:eb:90:35:fe:79:3f:2b:0b:cc:f9:65:d9:
b0:89:54:70:79:48:03:99:05:51:a0:60:9e:b7:5f:
18:9f:ad:35:d0:4c:52:42:d6:a2:4e:ba:ec:b3:69:
85:2c:d3:7e:f0:a7:41:70:33:92:5c:a8:ac:7a:fc:
d9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B7:85:06:07:AA:96:81:DD:21:E5:42:9C:58:DB:AA:CC:C2:6F:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/q7eFBgeqloHdIeVCnFjbqszCb0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.2.0/24
194.87.20.0/24
194.135.105.0/24
195.58.34.0/24
195.58.58.0/24
195.133.35.0/24
195.133.78.0/23
Signature Algorithm: sha256WithRSAEncryption
91:f9:6e:c3:81:7b:ac:f7:16:88:fa:33:64:bd:61:1d:f5:54:
0d:77:1c:2c:00:43:15:47:84:2e:d2:41:90:f3:69:7e:b4:a1:
ad:97:18:33:6f:e2:56:e0:4f:19:f8:26:c7:bc:98:79:28:19:
38:68:86:58:b2:56:28:eb:af:d7:dc:fb:8c:2f:0c:c7:b5:6c:
3d:7a:59:fa:a7:c2:cc:97:88:d0:f4:4d:17:c6:c1:76:55:b9:
cf:2d:f8:62:78:9f:7e:75:be:b0:2d:d3:da:35:6a:54:17:91:
35:a5:79:34:f7:0c:bf:8c:3b:a2:e3:ff:02:29:55:c6:20:f6:
24:db:80:74:bb:02:b3:fa:37:f0:b8:f3:1b:21:68:7a:f9:1c:
fb:b8:4a:ac:5f:27:cb:56:23:84:b9:93:e2:bb:b8:e1:59:92:
8e:3d:1b:bf:07:51:b4:01:67:31:b0:e7:3e:b5:d7:57:23:c2:
a4:c4:2c:d2:47:c9:76:15:6a:4d:75:44:eb:6c:71:71:cb:d4:
02:b0:98:e7:8f:39:b9:a2:b1:cb:66:fa:be:44:f1:c1:df:6a:
ff:f9:95:13:aa:64:22:30:89:8d:ad:b4:a6:47:8d:b5:bd:44:
3d:12:9f:d5:c8:63:32:8e:28:f3:23:91:14:a7:63:2a:63:5c:
7d:0e:ab:d0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYoHNKRpoPbMc+xwEXKFIsYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE4MDU1MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI3ODUwNjA3YWE5NjgxZGQyMWU1NDI5YzU4ZGJhYWNjYzI2ZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7odOcQOuGiSHp94dOrB6z0QwX6u
WwbiBlpPJBDpAtGA7fVmflCIkN4/TJMtTHNQvqTFt/DUBqld8bmy+f2fbD/AJM9w
eDxLfOM1saNTq5dr3ZEb7tuNIgD9YD6FLeB5Yg4YD01DP64sciSr77OJ3zuaq0SV
iTJqADBnmpKNE8nEif179d1NBchtyMFHwaqdWcL5jm2nJlWDntqkr+D+VgsmVjoo
iXRRomFKEj9Qwy0NA/hu3m6hajlAdFioS8veK61l2HHrkDX+eT8rC8z5ZdmwiVRw
eUgDmQVRoGCet18Yn6010ExSQtaiTrrss2mFLNN+8KdBcDOSXKisevzZrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKu3hQYHqpaB3SHlQpxY26rMwm9BMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcTdlRkJnZXFsb0hkSWVWQ25GamJxc3pDYjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlcCAwQA
wlcUAwQAwodpAwQAwzoiAwQAwzo6AwQAw4UjAwQBw4VOMA0GCSqGSIb3DQEBCwUA
A4IBAQCR+W7DgXus9xaI+jNkvWEd9VQNdxwsAEMVR4Qu0kGQ82l+tKGtlxgzb+JW
4E8Z+CbHvJh5KBk4aIZYslYo66/X3PuMLwzHtWw9eln6p8LMl4jQ9E0XxsF2VbnP
LfhieJ9+db6wLdPaNWpUF5E1pXk09wy/jDui4/8CKVXGIPYk24B0uwKz+jfwuPMb
IWh6+Rz7uEqsXyfLViOEuZPiu7jhWZKOPRu/B1G0AWcxsOc+tddXI8KkxCzSR8l2
FWpNdUTrbHFxy9QCsJjnjzm5orHLZvq+RPHB32r/+ZUTqmQiMImNrbSmR421vUQ9
Ep/VyGMyjijzI5EUp2MqY1x9DqvQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:27 2024 by rpki-client on console-fra.rpki-client.org