Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rCDm_BQoKIbpowmajU3q_EO4N7U.roa
File: rCDm_BQoKIbpowmajU3q_EO4N7U.roa (raw, json)
Hash identifier: IkNpAKVYAsKqqON5AaKllggKkA1R8zgZOrrUdKH/s5E=
Subject key identifier: AC:20:E6:FC:14:28:28:86:E9:A3:09:9A:8D:4D:EA:FC:43:B8:37:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01929F1C2E709C16C0C5AA22013D0D9C47E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rCDm_BQoKIbpowmajU3q_EO4N7U.roa
Signing time: Fri 18 Oct 2024 10:11:17 +0000
ROA not before: Fri 18 Oct 2024 10:11:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.180.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.58.0/23 maxlen: 23
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 21 Oct 2024 13:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:1c:2e:70:9c:16:c0:c5:aa:22:01:3d:0d:9c:47:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 10:11:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac20e6fc14282886e9a3099a8d4deafc43b837b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b3:d9:53:f4:1b:29:91:db:a4:f7:58:01:4e:
0c:c2:f5:e8:6c:1f:5b:69:29:3c:0b:af:92:1f:d8:
3a:d3:c8:38:8e:3b:1d:33:60:70:36:5a:a5:22:45:
32:f4:a8:49:74:c5:98:3b:a1:d0:ba:60:78:26:4c:
6a:89:b4:f0:9e:de:87:b9:0a:46:69:81:ad:55:09:
0f:ef:3a:8b:bb:33:66:f5:08:b0:b7:88:71:c7:34:
18:a6:70:7f:88:c4:29:8e:f6:3f:95:b5:98:b4:a2:
ca:ea:42:92:b1:96:f6:55:41:1c:40:44:43:40:b5:
6c:47:9d:21:fe:fe:a0:7e:aa:38:92:0c:22:79:45:
b0:a6:b3:1f:2d:ff:f2:72:0e:24:2b:74:c1:be:77:
31:25:f5:ef:6b:58:c6:16:72:82:e6:39:08:1a:ba:
e1:eb:1e:ac:2e:cd:88:4b:45:2a:20:88:e5:ea:c3:
de:28:50:67:34:99:30:0f:a3:01:01:8b:be:c8:7e:
ec:5a:4d:e9:9c:8b:ff:6f:ef:3c:4d:7a:33:2d:75:
8e:06:c4:27:cf:72:39:87:32:5d:ab:46:06:2f:47:
a2:b8:17:16:87:ab:bf:bf:a5:66:77:14:5f:97:2d:
b5:89:65:cd:5b:d8:a4:f2:9e:e5:b6:09:1d:b5:27:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:20:E6:FC:14:28:28:86:E9:A3:09:9A:8D:4D:EA:FC:43:B8:37:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rCDm_BQoKIbpowmajU3q_EO4N7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
194.58.155.0/24
194.87.52.0/24
194.87.58.0/23
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.25.0-212.193.27.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:43:b6:81:44:9b:5f:a9:51:f8:81:16:9c:5e:85:b9:ec:6b:
08:6e:b0:ba:24:ac:b4:af:51:db:2b:53:6a:85:ee:9d:72:8d:
b6:e9:3b:25:89:be:27:b3:76:6e:0a:ee:86:33:d2:9b:79:7d:
6d:7c:c9:a1:b4:53:fc:26:89:e7:55:ab:b1:5b:b6:de:61:b0:
da:90:e7:61:18:5e:cc:7b:0c:f7:91:70:b5:09:d7:3d:27:a5:
2f:3f:89:8d:09:41:14:c6:eb:d3:66:5b:88:80:6b:ec:37:ec:
9a:28:45:ab:6d:49:77:bc:d8:a7:ed:fd:c9:ee:16:59:ec:cd:
08:33:6b:d5:bd:94:91:7e:77:3c:14:ad:6f:9e:03:10:dc:cc:
fd:c6:09:00:76:d1:12:36:14:ff:e9:c1:a3:c9:5e:1c:69:9a:
d3:38:86:43:ee:90:8e:f7:2b:63:9b:8d:26:da:78:5d:b2:dc:
52:13:24:4c:fc:37:34:c1:59:51:7b:d2:ed:58:b2:4e:b2:b0:
0b:d7:5f:83:69:1b:d5:40:be:64:12:1a:cc:de:5e:21:71:da:
4f:80:8b:13:ce:40:5b:37:9e:81:89:d7:6e:82:f6:e1:9f:de:
4f:0c:bf:96:44:34:a9:0e:39:2c:46:88:7e:e5:83:32:1e:05:
7c:07:a1:ef
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZKfHC5wnBbAxaoiAT0NnEfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE4MTAxMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzIwZTZmYzE0MjgyODg2ZTlhMzA5OWE4ZDRkZWFmYzQzYjgzN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLPZU/QbKZHbpPdYAU4MwvXobB9b
aSk8C6+SH9g608g4jjsdM2BwNlqlIkUy9KhJdMWYO6HQumB4JkxqibTwnt6HuQpG
aYGtVQkP7zqLuzNm9Qiwt4hxxzQYpnB/iMQpjvY/lbWYtKLK6kKSsZb2VUEcQERD
QLVsR50h/v6gfqo4kgwieUWwprMfLf/ycg4kK3TBvncxJfXva1jGFnKC5jkIGrrh
6x6sLs2IS0UqIIjl6sPeKFBnNJkwD6MBAYu+yH7sWk3pnIv/b+88TXozLXWOBsQn
z3I5hzJdq0YGL0eiuBcWh6u/v6VmdxRfly21iWXNW9ik8p7ltgkdtSdfVQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFKwg5vwUKCiG6aMJmo1N6vxDuDe1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvckNEbV9CUW9LSWJwb3dtYWpVM3FfRU80TjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAMB8tAME
AMI6mwMEAMJXNAMEAcJXOgMEAMJXqQMEAMJXsgMEAMJX4AMEAMKHIQMEAcOFGAME
AcOFKAMEAcOFMgMEAcOFXAMEANTAATAMAwQA1MEZAwQC1MEYMBQEAgACMA4DBQMq
AVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAfkO2gUSbX6lR+IEWnF6Fuexr
CG6wuiSstK9R2ytTaoXunXKNtuk7JYm+J7N2bgruhjPSm3l9bXzJobRT/CaJ51Wr
sVu23mGw2pDnYRhezHsM95FwtQnXPSelLz+JjQlBFMbr02ZbiIBr7DfsmihFq21J
d7zYp+39ye4WWezNCDNr1b2UkX53PBStb54DENzM/cYJAHbREjYU/+nBo8leHGma
0ziGQ+6QjvcrY5uNJtp4XbLcUhMkTPw3NMFZUXvS7ViyTrKwC9dfg2kb1UC+ZBIa
zN5eIXHaT4CLE85AWzeegYnXboL24Z/eTwy/lkQ0qQ45LEaIfuWDMh4FfAeh7w==
-----END CERTIFICATE-----
Generated at Mon Oct 21 16:36:33 2024 by rpki-client on console-ams.rpki-client.org