Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ_pu70vkCNs8JELW2eGsFBUcOg.roa
File: qZ_pu70vkCNs8JELW2eGsFBUcOg.roa (raw, json)
Hash identifier: ifCFJGRYtbKQg3qMBjuz7qcLuxvdTFWtTXlddJyTvt4=
Subject key identifier: A9:9F:E9:BB:BD:2F:90:23:6C:F0:91:0B:5B:67:86:B0:50:54:70:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B6AE8AFB7B6F8969A3AC4AD1D39228F88
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ_pu70vkCNs8JELW2eGsFBUcOg.roa
Signing time: Thu 26 Oct 2023 07:35:16 +0000
ROA not before: Thu 26 Oct 2023 07:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.135.105.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 15:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6a:e8:af:b7:b6:f8:96:9a:3a:c4:ad:1d:39:22:8f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 26 07:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a99fe9bbbd2f90236cf0910b5b6786b0505470e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:be:16:ba:53:3a:b7:55:cd:57:25:f7:6c:
54:47:5d:c4:bf:41:59:63:ed:f9:d7:f1:5e:f2:72:
e1:be:89:fc:f8:04:95:8a:24:b4:85:13:e7:e6:c1:
2f:f1:be:d5:fe:db:27:88:d8:fe:55:90:7f:6d:e7:
6d:b1:65:b6:21:aa:63:d4:ed:79:6a:7a:80:2a:41:
0c:3b:23:1c:d8:bb:ad:92:b9:cb:31:58:6a:5b:d1:
6c:a7:e1:b0:a3:ef:30:41:f8:52:c4:cf:5f:5e:66:
c5:be:73:d2:78:0d:90:0e:db:41:d5:0d:77:99:40:
75:87:57:f5:3c:69:a9:00:96:ba:36:73:60:26:11:
2b:c6:f9:ae:b4:ad:12:dd:ef:9e:a4:42:60:d8:a6:
8b:84:80:61:82:93:b4:a7:7c:e3:21:4f:c7:92:5c:
a9:1e:c5:d2:24:e0:71:3c:ec:0b:66:cc:12:ad:2d:
f0:5c:28:b1:f4:c7:69:47:7c:11:96:f0:1f:df:94:
85:72:f7:76:a6:2f:00:be:cc:11:da:90:f5:7d:ee:
a7:9d:ad:60:ed:48:ab:f5:ee:bc:b5:bb:de:ba:71:
ea:82:03:4b:f4:a4:19:e5:0b:0c:03:6f:12:05:21:
98:49:84:f9:f6:12:b8:95:20:13:de:6c:e0:66:19:
e6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:E9:BB:BD:2F:90:23:6C:F0:91:0B:5B:67:86:B0:50:54:70:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qZ_pu70vkCNs8JELW2eGsFBUcOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.52.0/24
194.87.84.0/24
194.87.87.0/24
194.135.105.0/24
195.133.8.0/23
195.133.41.0/24
Signature Algorithm: sha256WithRSAEncryption
69:20:91:9a:52:bd:83:cc:65:fc:ea:c4:07:ba:77:14:fa:8d:
9e:2a:7a:46:aa:92:63:df:38:13:4d:b4:77:cb:d9:24:b3:6f:
26:cb:51:8b:5b:be:f6:f0:27:94:7f:09:5f:58:0a:33:88:a9:
ed:9a:8f:a8:81:f7:61:84:ed:70:63:6f:74:15:a2:b0:70:ac:
ef:1c:a0:dc:a5:c1:63:dc:e2:4d:22:2f:c7:4d:6c:a6:d5:bf:
61:6f:27:68:67:e0:63:da:57:d1:53:eb:ef:38:81:9b:7e:10:
a1:7f:be:7b:7b:58:81:61:b8:a9:c0:f6:9c:15:b8:3f:4d:03:
a2:38:c4:9e:60:a9:47:c6:1d:9a:00:15:28:a2:ef:64:fe:ff:
b2:85:6d:30:92:5b:47:51:0a:79:39:80:7d:5e:f7:3c:ce:34:
82:3d:eb:72:89:9d:40:88:a2:09:e8:66:1d:5a:84:5d:83:c5:
19:5b:a0:4f:6a:66:6e:00:61:2d:df:1e:bb:81:08:d8:a6:cb:
e3:f6:64:d2:c8:b1:fb:ee:ac:d7:42:8f:20:7d:d6:1a:51:a1:
d0:34:92:a0:3b:e5:0f:36:93:9a:a7:01:3a:df:13:3b:f2:7d:
1c:07:04:9f:4e:8b:7f:82:5f:5c:98:2b:60:4e:51:a0:71:34:
c6:d2:93:63
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtq6K+3tviWmjrErR05Io+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI2MDczNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmZTliYmJkMmY5MDIzNmNmMDkxMGI1YjY3ODZiMDUwNTQ3MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW6+FrpTOrdVzVcl92xUR13Ev0FZ
Y+351/Fe8nLhvon8+ASViiS0hRPn5sEv8b7V/tsniNj+VZB/bedtsWW2Iapj1O15
anqAKkEMOyMc2LutkrnLMVhqW9Fsp+Gwo+8wQfhSxM9fXmbFvnPSeA2QDttB1Q13
mUB1h1f1PGmpAJa6NnNgJhErxvmutK0S3e+epEJg2KaLhIBhgpO0p3zjIU/Hklyp
HsXSJOBxPOwLZswSrS3wXCix9MdpR3wRlvAf35SFcvd2pi8AvswR2pD1fe6nna1g
7Uir9e68tbveunHqggNL9KQZ5QsMA28SBSGYSYT59hK4lSAT3mzgZhnmWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKmf6bu9L5AjbPCRC1tnhrBQVHDoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcVpfcHU3MHZrQ05zOEpFTFcyZUdzRkJVY09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlc0AwQA
wldUAwQAwldXAwQAwodpAwQBw4UIAwQAw4UpMA0GCSqGSIb3DQEBCwUAA4IBAQBp
IJGaUr2DzGX86sQHuncU+o2eKnpGqpJj3zgTTbR3y9kks28my1GLW7728CeUfwlf
WAoziKntmo+ogfdhhO1wY290FaKwcKzvHKDcpcFj3OJNIi/HTWym1b9hbydoZ+Bj
2lfRU+vvOIGbfhChf757e1iBYbipwPacFbg/TQOiOMSeYKlHxh2aABUoou9k/v+y
hW0wkltHUQp5OYB9Xvc8zjSCPetyiZ1AiKIJ6GYdWoRdg8UZW6BPamZuAGEt3x67
gQjYpsvj9mTSyLH77qzXQo8gfdYaUaHQNJKgO+UPNpOapwE63xM78n0cBwSfTot/
gl9cmCtgTlGgcTTG0pNj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org