Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ-4NBVI3zJqifARhhyJIKNI_Es.roa
File: qZ-4NBVI3zJqifARhhyJIKNI_Es.roa (raw, json)
Hash identifier: Oyfn9XdsJILwr7BSc0Sg30V6nMigDY+7twrBOd/URbU=
Subject key identifier: A9:9F:B8:34:15:48:DF:32:6A:89:F0:11:86:1C:89:20:A3:48:FC:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F38018D0679B2B1B3312F14DEFE31309B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ-4NBVI3zJqifARhhyJIKNI_Es.roa
Signing time: Thu 02 May 2024 06:32:56 +0000
ROA not before: Thu 02 May 2024 06:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 May 2024 06:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:01:8d:06:79:b2:b1:b3:31:2f:14:de:fe:31:30:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 2 06:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a99fb8341548df326a89f011861c8920a348fc4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:8e:f4:a4:d0:5f:22:43:e0:4e:cc:ce:70:
2e:f1:21:45:20:97:ae:ff:fd:3b:e3:09:05:08:0f:
66:94:96:92:83:61:8d:94:ba:e5:5e:62:a3:17:7f:
ed:9c:36:e8:e7:a3:62:9a:78:a8:2e:73:9f:e0:2b:
64:fc:51:ad:4d:74:60:a6:9b:d9:5c:ee:86:58:30:
c8:12:64:f3:c7:64:a2:14:c4:56:d4:26:ba:19:df:
a3:77:ee:df:ac:93:58:8b:1c:27:6d:04:d2:da:99:
58:61:cb:1d:c9:b6:32:1e:80:fb:13:11:59:3e:92:
e8:48:71:89:ca:c2:31:a4:f0:7a:65:aa:4c:91:c1:
6e:06:13:1b:20:60:b5:b5:47:43:62:2e:ef:46:0f:
aa:9a:80:4d:97:4b:85:8c:7e:95:3d:3c:50:5b:09:
fa:fb:7c:cc:7f:44:3f:54:d9:93:be:82:2f:4a:fb:
31:49:f5:e2:5f:c5:40:7f:80:06:1f:d9:79:8f:47:
d9:f2:0e:f0:4e:0a:0c:ff:dd:f6:1d:a9:a4:ec:d0:
86:c1:09:f5:eb:07:5d:55:a2:ad:de:56:c6:e4:c5:
1a:c1:59:77:f6:57:f8:39:49:10:19:ac:67:cb:41:
48:8d:00:63:43:5d:a7:ad:bd:ab:81:7e:8d:f3:99:
f8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:B8:34:15:48:DF:32:6A:89:F0:11:86:1C:89:20:A3:48:FC:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ-4NBVI3zJqifARhhyJIKNI_Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
195.133.25.0/24
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
46:59:74:81:b0:10:da:fc:7b:ae:06:b6:b1:6c:4e:19:6f:25:
a0:3d:bd:3f:32:c8:89:7f:74:30:1d:53:23:a0:be:c4:18:53:
22:cd:99:db:9c:4a:17:d2:f8:34:8b:0b:a1:65:f0:5c:00:eb:
15:d3:8b:ef:88:07:01:05:4b:da:5c:dd:61:b8:3a:22:9e:fc:
0a:fd:ee:f4:bc:4c:84:b3:6a:47:0e:bb:42:0f:6e:0a:55:96:
49:90:59:44:65:25:41:1c:a9:f1:c8:72:9a:53:2f:35:3e:6d:
0b:70:2c:fe:0f:e9:40:95:f3:8c:3b:2e:09:77:fd:ff:15:6a:
83:13:a3:6a:3f:c8:57:3f:f0:64:c1:6d:b3:32:e4:1b:8e:59:
14:2c:7d:15:3b:0b:3c:9f:e6:e0:e4:7c:d0:af:e8:8c:b0:b6:
82:55:a0:89:6e:5b:c5:49:07:29:34:2f:60:33:70:fe:60:32:
a0:2d:36:6a:87:2c:11:cc:b3:66:c2:1a:67:10:31:9d:e7:42:
0c:4f:6d:ad:da:16:3c:70:66:83:68:3e:d5:b9:18:b7:26:17:
8a:66:90:62:a2:34:40:84:db:95:6f:9b:22:fc:3c:6c:09:89:
40:56:ed:21:95:bc:ef:61:5a:50:3e:ef:e7:2c:2c:f6:70:7f:
03:c8:2a:4c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY84AY0GebKxszEvFN7+MTCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTAyMDYzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmYjgzNDE1NDhkZjMyNmE4OWYwMTE4NjFjODkyMGEzNDhmYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIKO9KTQXyJD4E7MznAu8SFFIJeu
//074wkFCA9mlJaSg2GNlLrlXmKjF3/tnDbo56NimnioLnOf4Ctk/FGtTXRgppvZ
XO6GWDDIEmTzx2SiFMRW1Ca6Gd+jd+7frJNYixwnbQTS2plYYcsdybYyHoD7ExFZ
PpLoSHGJysIxpPB6ZapMkcFuBhMbIGC1tUdDYi7vRg+qmoBNl0uFjH6VPTxQWwn6
+3zMf0Q/VNmTvoIvSvsxSfXiX8VAf4AGH9l5j0fZ8g7wTgoM/932Hamk7NCGwQn1
6wddVaKt3lbG5MUawVl39lf4OUkQGaxny0FIjQBjQ12nrb2rgX6N85n46wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKmfuDQVSN8yaonwEYYciSCjSPxLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcVotNE5CVkkzekpxaWZBUmhoeUpJS05JX0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBwjo4AwQA
wleNAwQAwlepAwQAw4UZAwQA1MABAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/
QDANBgkqhkiG9w0BAQsFAAOCAQEARll0gbAQ2vx7rga2sWxOGW8loD29PzLIiX90
MB1TI6C+xBhTIs2Z25xKF9L4NIsLoWXwXADrFdOL74gHAQVL2lzdYbg6Ip78Cv3u
9LxMhLNqRw67Qg9uClWWSZBZRGUlQRyp8chymlMvNT5tC3As/g/pQJXzjDsuCXf9
/xVqgxOjaj/IVz/wZMFtszLkG45ZFCx9FTsLPJ/m4OR80K/ojLC2glWgiW5bxUkH
KTQvYDNw/mAyoC02aocsEcyzZsIaZxAxnedCDE9trdoWPHBmg2g+1bkYtyYXimaQ
YqI0QITblW+bIvw8bAmJQFbtIZW872FaUD7v5yws9nB/A8gqTA==
-----END CERTIFICATE-----
Generated at Tue May 7 10:45:49 2024 by rpki-client on console-ams.rpki-client.org