Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rI_bLDrSmkbnF6PufE8tVUrhSLI.roa
File: rI_bLDrSmkbnF6PufE8tVUrhSLI.roa (raw, json)
Hash identifier: oQnOuU+d5OlDiucFw7kQZBUp7EWw6ytfVxPD0/841iU=
Subject key identifier: AC:8F:DB:2C:3A:D2:9A:46:E7:17:A3:EE:7C:4F:2D:55:4A:E1:48:B2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E9F5842976335B25BBFF9C0C20CAF52BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rI_bLDrSmkbnF6PufE8tVUrhSLI.roa
Signing time: Tue 02 Apr 2024 15:05:45 +0000
ROA not before: Tue 02 Apr 2024 15:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 05 Apr 2024 11:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:58:42:97:63:35:b2:5b:bf:f9:c0:c2:0c:af:52:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 2 15:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac8fdb2c3ad29a46e717a3ee7c4f2d554ae148b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:85:73:cd:3d:f3:48:1a:46:9f:72:a2:c4:8b:
34:2c:a3:f0:79:c2:4a:ef:23:ec:4d:d0:28:96:1e:
66:4d:e5:ca:6f:38:5f:1c:be:d0:9e:54:de:72:8f:
a0:12:42:1a:7a:9a:be:57:4b:96:21:95:e1:18:7a:
c0:fa:bb:14:cb:53:23:dd:e3:6f:47:cd:86:37:d2:
80:0c:c4:22:54:87:5b:54:2d:3f:ad:6c:38:0f:a5:
d6:e7:56:07:a7:a1:f0:58:dd:dd:4d:f5:7d:16:b1:
3c:1b:b3:71:1f:d1:17:78:e6:cf:f7:f2:f8:23:e6:
d9:bc:a9:f0:33:61:a9:7d:eb:f9:09:0c:3f:73:ea:
d5:71:c5:b8:d4:0e:d1:eb:55:eb:2b:49:48:5f:4d:
89:63:21:42:ac:a3:0c:e5:91:46:dd:7c:a1:c1:0b:
23:ac:85:8b:f2:6b:04:b2:15:23:1d:a2:85:54:69:
31:22:e1:2f:00:c9:4a:56:5a:69:eb:5f:ca:8e:f0:
ae:f9:a6:40:ed:32:d1:b2:96:af:de:ed:e7:6a:8e:
15:ec:02:8c:ad:85:ba:5e:8f:27:fb:7f:c9:16:54:
23:00:db:e1:25:4f:aa:df:f3:ad:59:4e:ab:d2:86:
59:4f:b2:9b:4c:62:2b:33:df:bb:b2:e7:ac:98:f1:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8F:DB:2C:3A:D2:9A:46:E7:17:A3:EE:7C:4F:2D:55:4A:E1:48:B2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rI_bLDrSmkbnF6PufE8tVUrhSLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
194.87.169.0/24
194.87.201.0/24
194.87.245.0/24
195.133.25.0/24
195.133.84.0/24
212.192.1.0/24
212.192.208.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:17:f7:77:10:db:b9:93:c7:8c:7a:3b:b8:03:83:f1:d2:0c:
2a:b5:f0:fb:f0:e3:2f:f5:4c:e6:8d:07:07:55:77:ed:ee:02:
f4:ae:15:39:1f:51:2f:74:e6:f3:fe:57:7c:53:51:28:2d:3c:
97:35:f0:be:28:d0:8d:ea:df:78:a7:fd:4b:0f:17:aa:70:b1:
19:8c:70:3b:15:95:d7:b1:8a:7a:40:02:12:b7:f2:87:a3:00:
f2:e4:c4:f6:a8:29:e6:32:28:c8:92:35:ec:c5:b6:9f:91:13:
46:40:e6:10:2a:da:d9:9f:5d:79:7d:36:e0:38:6a:a6:34:4a:
12:de:4d:72:11:37:8a:d0:5c:68:21:22:f1:da:0e:c3:83:b8:
0f:77:83:17:54:6c:55:dd:d1:fd:4d:f6:ff:4e:e2:57:7d:39:
1e:eb:07:de:9e:e4:58:90:f0:24:51:08:a7:f8:8c:07:53:2c:
72:c5:21:63:c4:d0:f2:93:4f:aa:fd:7e:e5:78:db:33:db:c4:
e3:94:fc:93:69:7a:00:b2:0f:c3:4c:63:f6:1d:27:30:42:3a:
c2:79:1d:68:3a:6a:fb:85:a6:dc:98:ff:21:39:64:a7:a7:d8:
df:5e:f7:9d:37:2e:3f:2a:89:2d:33:dd:90:17:6f:d3:b6:db:
75:a5:09:94
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY6fWEKXYzWyW7/5wMIMr1K7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDAyMTUwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhmZGIyYzNhZDI5YTQ2ZTcxN2EzZWU3YzRmMmQ1NTRhZTE0OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYVzzT3zSBpGn3KixIs0LKPwecJK
7yPsTdAolh5mTeXKbzhfHL7QnlTeco+gEkIaepq+V0uWIZXhGHrA+rsUy1Mj3eNv
R82GN9KADMQiVIdbVC0/rWw4D6XW51YHp6HwWN3dTfV9FrE8G7NxH9EXeObP9/L4
I+bZvKnwM2Gpfev5CQw/c+rVccW41A7R61XrK0lIX02JYyFCrKMM5ZFG3XyhwQsj
rIWL8msEshUjHaKFVGkxIuEvAMlKVlpp61/KjvCu+aZA7TLRspav3u3nao4V7AKM
rYW6Xo8n+3/JFlQjANvhJU+q3/OtWU6r0oZZT7KbTGIrM9+7suesmPHU8wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKyP2yw60ppG5xej7nxPLVVK4UiyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcklfYkxEclNta2JuRjZQdWZFOHRWVXJoU0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQAwHysAwQA
wXwHAwQAwlepAwQAwlfJAwQAwlf1AwQAw4UZAwQAw4VUAwQA1MABAwQA1MDQMBQE
AgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAHxf3dxDbuZPH
jHo7uAOD8dIMKrXw+/DjL/VM5o0HB1V37e4C9K4VOR9RL3Tm8/5XfFNRKC08lzXw
vijQjerfeKf9Sw8XqnCxGYxwOxWV17GKekACErfyh6MA8uTE9qgp5jIoyJI17MW2
n5ETRkDmECra2Z9deX024DhqpjRKEt5NchE3itBcaCEi8doOw4O4D3eDF1RsVd3R
/U32/07iV305HusH3p7kWJDwJFEIp/iMB1MscsUhY8TQ8pNPqv1+5XjbM9vE45T8
k2l6ALIPw0xj9h0nMEI6wnkdaDpq+4Wm3Jj/ITlkp6fY3173nTcuPyqJLTPdkBdv
07bbdaUJlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org