Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rHivxyiJvve6yP5zc3Zpp1UZbW4.roa
File: rHivxyiJvve6yP5zc3Zpp1UZbW4.roa (raw, json)
Hash identifier: cAocvqHZQSlNb/Ch9L5YRS9a1QAcAKmyQyL8jeGdFHE=
Subject key identifier: AC:78:AF:C7:28:89:BE:F7:BA:C8:FE:73:73:76:69:A7:55:19:6D:6E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F6CA8DCB76D9E0686BC01C3076687C46F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rHivxyiJvve6yP5zc3Zpp1UZbW4.roa
Signing time: Sun 12 May 2024 11:55:56 +0000
ROA not before: Sun 12 May 2024 11:55:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.54.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 May 2024 16:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6c:a8:dc:b7:6d:9e:06:86:bc:01:c3:07:66:87:c4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 12 11:55:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac78afc72889bef7bac8fe73737669a755196d6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:16:88:b1:f1:87:b1:4a:58:0c:f3:a8:2d:
c7:bb:6c:82:94:c8:01:18:0f:c7:c9:b3:0d:bd:ef:
55:99:47:51:39:4e:b2:30:07:5b:98:7a:1f:15:f7:
af:f1:1d:31:39:c7:39:bc:70:8d:24:59:87:89:35:
86:5e:76:21:24:b8:5b:e7:22:b6:47:00:4a:d7:f2:
8b:03:e0:b9:e0:58:0b:74:c4:72:e3:b5:65:07:47:
39:74:ef:49:9d:e2:c0:4d:50:18:d4:88:34:53:a8:
cb:6f:85:33:ce:d2:97:10:0e:94:5a:14:f9:2f:05:
fc:a6:a0:0e:df:e2:cb:71:e8:35:7c:b5:3c:58:b1:
7d:ea:02:bf:51:e2:77:0b:cb:9d:97:7c:f9:f8:f8:
3a:2b:d5:e1:99:b2:88:2e:3f:ab:e7:fb:82:ef:15:
78:84:85:94:7d:d3:ef:9d:1d:53:42:18:69:96:fb:
50:62:f1:c2:c7:7b:a3:16:9c:8e:7b:b7:c2:d4:6e:
87:6c:84:14:71:da:c9:a6:71:8b:fe:0e:6e:b3:e0:
5c:e0:54:1e:cf:53:92:b1:86:5d:d6:56:56:3f:06:
00:b4:7f:b9:3d:0d:84:d3:03:90:d1:16:96:8f:83:
30:51:68:47:57:37:7c:cf:d9:39:3f:3e:90:05:ed:
1c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:AF:C7:28:89:BE:F7:BA:C8:FE:73:73:76:69:A7:55:19:6D:6E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rHivxyiJvve6yP5zc3Zpp1UZbW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
195.133.38.0/24
195.133.54.0/24
195.133.92.0/23
212.192.1.0/24
212.192.212.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
53:34:7a:fb:d2:24:bf:9d:8c:91:00:cc:25:ca:7d:4c:78:52:
56:76:68:a9:4a:a9:8c:cb:db:14:2c:86:63:23:0c:c9:a3:ba:
62:75:19:d8:62:a0:9c:cc:9e:1e:77:01:a5:6c:c0:2e:ad:1e:
00:fe:82:54:f0:1f:0e:71:8c:37:6a:78:b1:b9:c3:01:0b:a1:
76:82:4b:9b:c2:c6:32:70:2e:f3:6b:d0:ad:6e:dd:1c:2d:da:
a6:37:0b:f8:81:e4:ad:22:a0:28:4f:19:7c:83:0e:8c:37:f2:
50:1c:9e:3e:33:18:cf:a2:20:91:83:ba:8c:66:9b:20:d3:3a:
bb:15:74:ae:4f:26:1b:1b:7b:48:e0:72:62:c6:f6:9a:9d:c8:
e6:b0:32:71:c3:01:08:2c:87:a0:76:22:9b:9f:a2:ac:ee:bf:
b4:99:78:0f:2e:d3:9f:0a:36:93:15:c6:82:17:b9:be:e0:d8:
7d:0a:bc:38:31:e3:57:b2:4b:51:59:49:05:3b:e1:c7:9b:87:
db:2c:65:33:8d:1f:4b:ec:38:c4:51:98:62:38:9c:a3:ed:37:
b8:86:04:15:1e:e1:dd:da:93:25:8b:83:b2:79:e4:80:b5:23:
51:4e:6a:d4:65:33:d3:fa:23:dd:95:cc:c8:09:a0:ac:5b:bb:
ea:16:97:17
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY9sqNy3bZ4GhrwBwwdmh8RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTEyMTE1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc4YWZjNzI4ODliZWY3YmFjOGZlNzM3Mzc2NjlhNzU1MTk2ZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq0WiLHxh7FKWAzzqC3Hu2yClMgB
GA/HybMNve9VmUdROU6yMAdbmHofFfev8R0xOcc5vHCNJFmHiTWGXnYhJLhb5yK2
RwBK1/KLA+C54FgLdMRy47VlB0c5dO9JneLATVAY1Ig0U6jLb4UzztKXEA6UWhT5
LwX8pqAO3+LLceg1fLU8WLF96gK/UeJ3C8udl3z5+Pg6K9XhmbKILj+r5/uC7xV4
hIWUfdPvnR1TQhhplvtQYvHCx3ujFpyOe7fC1G6HbIQUcdrJpnGL/g5us+Bc4FQe
z1OSsYZd1lZWPwYAtH+5PQ2E0wOQ0RaWj4MwUWhHVzd8z9k5Pz6QBe0cQwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKx4r8coib73usj+c3N2aadVGW1uMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvckhpdnh5aUp2dmU2eVA1emMzWnBwMVVaYlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQBwjo4AwQA
wleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQAw4UmAwQAw4U2AwQBw4VcAwQA
1MABAwQA1MDUAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0B
AQsFAAOCAQEAUzR6+9Ikv52MkQDMJcp9THhSVnZoqUqpjMvbFCyGYyMMyaO6YnUZ
2GKgnMyeHncBpWzALq0eAP6CVPAfDnGMN2p4sbnDAQuhdoJLm8LGMnAu82vQrW7d
HC3apjcL+IHkrSKgKE8ZfIMOjDfyUByePjMYz6IgkYO6jGabINM6uxV0rk8mGxt7
SOByYsb2mp3I5rAyccMBCCyHoHYim5+irO6/tJl4Dy7Tnwo2kxXGghe5vuDYfQq8
ODHjV7JLUVlJBTvhx5uH2yxlM40fS+w4xFGYYjico+03uIYEFR7h3dqTJYuDsnnk
gLUjUU5q1GUz0/oj3ZXMyAmgrFu76haXFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org