Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rb2xLhVSgOaQxFoOZwaC4_8KP2c.roa
File: rb2xLhVSgOaQxFoOZwaC4_8KP2c.roa (raw, json)
Hash identifier: sVZHkPIwvjd0qZQ8CWl5LamNfJJcbt5tNCCUrR13msU=
Subject key identifier: AD:BD:B1:2E:15:52:80:E6:90:C4:5A:0E:67:06:82:E3:FF:0A:3F:67
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01869BFABAF62941B7DA649E1C9EC0279DCB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rb2xLhVSgOaQxFoOZwaC4_8KP2c.roa
Signing time: Wed 01 Mar 2023 07:02:25 +0000
ROA not before: Wed 01 Mar 2023 07:02:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 15:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:fa:ba:f6:29:41:b7:da:64:9e:1c:9e:c0:27:9d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 1 07:02:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adbdb12e155280e690c45a0e670682e3ff0a3f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c7:99:d2:ab:7c:3d:4f:e8:87:ce:f7:ec:9a:
4f:42:00:c6:38:7c:8c:06:ee:69:98:96:28:25:77:
a0:15:a2:b0:4f:a9:c7:04:8c:0b:72:d3:66:51:b7:
e6:4b:c3:84:52:39:aa:90:45:de:98:1f:85:f6:fd:
77:75:4a:09:20:5b:5d:1e:13:66:86:eb:80:f6:d7:
6b:c8:94:d7:3f:04:c4:42:51:17:a4:33:cf:4c:81:
df:12:36:93:9d:a7:cb:1f:f2:3b:90:a4:a0:85:9e:
de:28:81:1c:6b:f9:66:e9:49:88:b1:61:97:c5:85:
50:66:7b:1c:2a:4a:5a:55:23:5a:42:11:2b:7c:28:
12:23:32:1c:33:45:36:fe:27:b0:f8:95:cd:33:34:
fb:63:c3:91:be:ec:6f:61:81:2e:ed:64:85:10:6e:
7a:b6:a2:52:a4:e2:ff:64:72:fe:a1:db:bf:19:d1:
b2:13:4a:12:78:97:57:96:d1:9e:d3:cf:b3:85:94:
fc:01:23:0c:f8:cd:47:e9:6c:00:7d:b7:56:d8:d9:
11:28:6e:9e:41:4b:09:bf:58:dc:12:d5:04:08:3b:
10:ce:25:f4:d9:41:de:07:94:f6:83:bd:58:61:61:
98:82:79:ec:f5:44:03:21:b2:19:df:ed:c7:85:c2:
93:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BD:B1:2E:15:52:80:E6:90:C4:5A:0E:67:06:82:E3:FF:0A:3F:67
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rb2xLhVSgOaQxFoOZwaC4_8KP2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.41.0/24
193.124.47.0/24
193.124.205.0/24
194.58.43.0/24
194.58.46.0/24
194.58.155.0/24
194.87.30.0/24
194.87.64.0/24
194.87.108.0/24
194.87.161.0/24
194.87.163.0/24
194.87.207.0/24
195.133.12.0/24
195.133.94.0/24
212.192.7.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e9:e7:39:38:e0:f1:4c:8d:7e:63:71:50:29:3a:f3:9e:bc:
d0:3c:3d:d2:99:ce:d1:71:b3:38:0d:4f:0d:d3:97:14:d0:70:
05:c6:77:1e:1c:29:f4:3b:42:80:b0:c3:f5:0a:57:09:2f:0c:
35:05:59:2c:68:84:1a:92:de:0e:15:88:8a:29:10:bb:ca:f5:
48:dd:36:c4:03:61:58:92:a1:50:59:cb:1c:3f:de:e3:d6:78:
bb:f9:f1:08:b2:d3:62:e1:d8:d6:9c:23:6b:6e:a5:66:03:2f:
d7:75:bf:99:61:e7:13:47:cc:6e:a7:b7:03:e6:4c:b9:9b:04:
b1:07:ac:7b:0b:79:7a:ef:70:8f:c6:16:da:89:14:97:ae:61:
bf:98:3b:01:ba:38:4f:c6:d0:9e:f3:e2:49:75:22:45:3d:8a:
6c:80:70:47:92:98:35:86:b3:2e:65:b9:4b:ec:9d:8d:68:8d:
85:6c:df:3d:43:13:87:ff:7c:60:b0:d4:cb:93:d7:39:31:13:
59:72:6e:bb:93:04:8f:e4:76:92:61:a0:ae:e2:f1:67:3b:f9:
be:35:5e:39:f8:f6:00:f2:d0:98:f0:91:90:61:e0:6a:7f:c1:
97:66:71:35:25:07:19:3c:b2:99:c2:c2:11:5e:65:d9:63:70:
c0:2d:02:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYab+rr2KUG32mSeHJ7AJ53LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAxMDcwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGJkYjEyZTE1NTI4MGU2OTBjNDVhMGU2NzA2ODJlM2ZmMGEzZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8eZ0qt8PU/oh8737JpPQgDGOHyM
Bu5pmJYoJXegFaKwT6nHBIwLctNmUbfmS8OEUjmqkEXemB+F9v13dUoJIFtdHhNm
huuA9tdryJTXPwTEQlEXpDPPTIHfEjaTnafLH/I7kKSghZ7eKIEca/lm6UmIsWGX
xYVQZnscKkpaVSNaQhErfCgSIzIcM0U2/iew+JXNMzT7Y8ORvuxvYYEu7WSFEG56
tqJSpOL/ZHL+odu/GdGyE0oSeJdXltGe08+zhZT8ASMM+M1H6WwAfbdW2NkRKG6e
QUsJv1jcEtUECDsQziX02UHeB5T2g71YYWGYgnns9UQDIbIZ3+3HhcKTuwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFK29sS4VUoDmkMRaDmcGguP/Cj9nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcmIyeExoVlNnT2FReEZvT1p3YUM0XzhLUDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwXwSAwQA
wXwpAwQAwXwvAwQAwXzNAwQAwjorAwQAwjouAwQAwjqbAwQAwlceAwQAwldAAwQA
wldsAwQAwlehAwQAwlejAwQAwlfPAwQAw4UMAwQAw4VeAwQA1MAHAwQA1MAeMA0G
CSqGSIb3DQEBCwUAA4IBAQAy6ec5OODxTI1+Y3FQKTrznrzQPD3Smc7RcbM4DU8N
05cU0HAFxnceHCn0O0KAsMP1ClcJLww1BVksaIQakt4OFYiKKRC7yvVI3TbEA2FY
kqFQWcscP97j1ni7+fEIstNi4djWnCNrbqVmAy/Xdb+ZYecTR8xup7cD5ky5mwSx
B6x7C3l673CPxhbaiRSXrmG/mDsBujhPxtCe8+JJdSJFPYpsgHBHkpg1hrMuZblL
7J2NaI2FbN89QxOH/3xgsNTLk9c5MRNZcm67kwSP5HaSYaCu4vFnO/m+NV45+PYA
8tCY8JGQYeBqf8GXZnE1JQcZPLKZwsIRXmXZY3DALQJZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org