Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qtJDJ8Hj9MrQO1vI8nHHzJDZt-A.roa
File: qtJDJ8Hj9MrQO1vI8nHHzJDZt-A.roa (raw, json)
Hash identifier: HFlk6T7/1dCSvUrGEgEzkQIZYYHPSspmRTrrYK/8klA=
Subject key identifier: AA:D2:43:27:C1:E3:F4:CA:D0:3B:5B:C8:F2:71:C7:CC:90:D9:B7:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CD9D0CA8966C78EDE05A92BE52FEDFC2F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qtJDJ8Hj9MrQO1vI8nHHzJDZt-A.roa
Signing time: Fri 05 Jan 2024 13:29:48 +0000
ROA not before: Fri 05 Jan 2024 13:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 11:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:d0:ca:89:66:c7:8e:de:05:a9:2b:e5:2f:ed:fc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 5 13:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aad24327c1e3f4cad03b5bc8f271c7cc90d9b7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0e:ec:1f:0b:84:2f:35:c4:53:5b:02:28:ac:
e8:6a:81:a5:01:a9:ef:1c:e7:82:01:3b:d8:eb:aa:
e9:aa:34:9c:09:3a:30:ea:7f:fc:ae:09:3f:64:be:
b5:0e:4b:2e:19:8d:b8:67:42:b8:73:c2:4b:af:a8:
dc:83:c1:42:a3:4e:c4:17:2a:69:e0:0e:6e:98:76:
e3:86:56:3a:83:5d:a2:fb:77:7f:af:ba:2c:46:c7:
86:73:dc:42:70:96:be:fd:c9:fd:a7:0d:73:0d:f9:
56:6a:f4:dd:80:5f:3c:3f:cf:a9:6f:5b:53:82:1f:
e9:6a:fe:05:7e:d9:62:e4:cd:a3:f4:9f:ed:17:7d:
79:95:de:f5:f1:d1:53:04:c8:ce:84:6c:13:c2:88:
00:66:7e:df:2f:c7:23:62:f1:87:b9:59:66:a1:2f:
68:ab:c4:c9:cb:03:25:b0:6d:64:c4:61:5d:f2:2e:
9c:8f:dc:cf:dc:f7:f4:d5:0d:18:79:e2:58:20:f8:
c4:90:9a:b9:62:ac:8b:cf:87:93:31:83:cf:80:08:
84:15:d4:58:69:22:23:d1:6b:7a:13:e3:03:6e:20:
27:d2:50:0b:6e:28:80:c6:c4:36:92:54:38:ba:59:
d8:b2:9c:ae:29:34:e2:c7:0e:54:2d:23:11:48:2f:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D2:43:27:C1:E3:F4:CA:D0:3B:5B:C8:F2:71:C7:CC:90:D9:B7:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qtJDJ8Hj9MrQO1vI8nHHzJDZt-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.76.0/24
194.87.172.0/24
194.87.231.0/24
195.133.15.0/24
195.133.28.0/24
195.133.81.0/24
212.193.12.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:29:f5:c6:f4:3c:9b:da:f2:ce:c7:87:ce:e1:f1:dd:5b:a3:
04:36:9b:fe:96:09:2b:99:4e:a8:3a:a4:a5:be:16:db:24:4f:
60:f8:8d:f8:97:86:87:13:71:8c:a2:81:4c:4b:a0:a2:a5:88:
a2:4b:56:e0:b0:dc:9f:66:e3:94:2c:84:1d:90:59:7d:ae:60:
6c:d1:35:4b:6f:a0:10:57:38:12:f2:5d:ac:1a:b7:9f:85:95:
9f:62:1b:44:cc:34:34:2f:0b:c8:d9:f8:65:4e:e6:c2:8b:03:
11:6d:70:0e:93:a5:00:53:8b:a4:f9:e4:9c:88:eb:85:6e:94:
5a:4a:ab:e3:41:23:03:8a:be:d1:d7:47:19:e5:7d:e9:24:f7:
5b:c5:67:34:a4:6d:82:40:cd:89:9c:91:6d:b8:7e:3a:79:82:
1f:4e:4f:04:a5:4a:9e:aa:2c:92:b4:a5:5d:7e:cd:b8:bb:94:
01:a6:00:03:83:76:04:37:fd:31:f8:91:39:95:4a:2e:a7:a6:
22:ef:86:c6:d5:17:25:64:73:a6:37:11:f4:e4:b9:38:bc:aa:
b0:4f:a7:d9:ed:ab:b6:c4:7e:5e:64:f9:b6:76:4e:a7:a9:98:
7b:6e:ff:a6:ab:ed:62:ab:8e:34:94:70:49:62:fc:c2:94:3b:
4a:93:41:5f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzZ0MqJZseO3gWpK+Uv7fwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA1MTMyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQyNDMyN2MxZTNmNGNhZDAzYjViYzhmMjcxYzdjYzkwZDliN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng7sHwuELzXEU1sCKKzoaoGlAanv
HOeCATvY66rpqjScCTow6n/8rgk/ZL61DksuGY24Z0K4c8JLr6jcg8FCo07EFypp
4A5umHbjhlY6g12i+3d/r7osRseGc9xCcJa+/cn9pw1zDflWavTdgF88P8+pb1tT
gh/pav4Fftli5M2j9J/tF315ld718dFTBMjOhGwTwogAZn7fL8cjYvGHuVlmoS9o
q8TJywMlsG1kxGFd8i6cj9zP3Pf01Q0YeeJYIPjEkJq5YqyLz4eTMYPPgAiEFdRY
aSIj0Wt6E+MDbiAn0lALbiiAxsQ2klQ4ulnYspyuKTTixw5ULSMRSC+1xwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKrSQyfB4/TK0DtbyPJxx8yQ2bfgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcXRKREo4SGo5TXJRTzF2SThuSEh6SkRadC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXzKAwQA
wldMAwQAwlesAwQAwlfnAwQAw4UPAwQAw4UcAwQAw4VRAwQB1MEMMA0GCSqGSIb3
DQEBCwUAA4IBAQANKfXG9Dyb2vLOx4fO4fHdW6MENpv+lgkrmU6oOqSlvhbbJE9g
+I34l4aHE3GMooFMS6CipYiiS1bgsNyfZuOULIQdkFl9rmBs0TVLb6AQVzgS8l2s
GrefhZWfYhtEzDQ0LwvI2fhlTubCiwMRbXAOk6UAU4uk+eSciOuFbpRaSqvjQSMD
ir7R10cZ5X3pJPdbxWc0pG2CQM2JnJFtuH46eYIfTk8EpUqeqiyStKVdfs24u5QB
pgADg3YEN/0x+JE5lUoup6Yi74bG1RclZHOmNxH05Lk4vKqwT6fZ7au2xH5eZPm2
dk6nqZh7bv+mq+1iq440lHBJYvzClDtKk0Ff
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org