Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsnX1CSqo8ZZvYs9w57Tkm_8IOM.roa
File: rsnX1CSqo8ZZvYs9w57Tkm_8IOM.roa (raw, json)
Hash identifier: xrwbgOPKjcB4G3ZFcs9mk5gaX4YaK7qm4KMdaFZuGd4=
Subject key identifier: AE:C9:D7:D4:24:AA:A3:C6:59:BD:8B:3D:C3:9E:D3:92:6F:FC:20:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1E81F6FE6D444B5BAF8E4C910F48C800
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsnX1CSqo8ZZvYs9w57Tkm_8IOM.roa
Signing time: Wed 11 Oct 2023 11:31:55 +0000
ROA not before: Wed 11 Oct 2023 11:31:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.106.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
195.133.5.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
195.133.23.0/24 maxlen: 24
195.58.48.0/23 maxlen: 23
194.87.70.0/24 maxlen: 24
194.87.68.0/23 maxlen: 23
194.87.196.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 06 Dec 2023 18:55:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:81:f6:fe:6d:44:4b:5b:af:8e:4c:91:0f:48:c8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 11:31:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec9d7d424aaa3c659bd8b3dc39ed3926ffc20e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:89:ca:27:a8:c9:35:e3:cc:b8:6b:ac:03:
5d:26:1d:2c:85:4d:e9:62:1f:86:1f:ac:35:31:36:
34:df:d5:42:55:cf:3c:4b:30:ba:9b:72:c7:f7:ac:
e9:78:94:41:db:82:e3:2a:bf:27:f8:74:33:29:d1:
ba:23:0c:5f:d2:c4:72:61:0d:65:ea:92:55:78:8a:
59:8a:d5:a6:6e:e5:4f:97:98:99:08:a1:d9:9d:4a:
20:78:37:66:d6:b1:b2:6b:da:2a:0f:39:06:68:25:
be:97:25:1f:0d:a5:f8:6d:11:a3:91:83:d2:83:5e:
94:6d:b8:8e:b6:73:ae:8e:0d:07:53:04:cb:ec:c0:
dc:e6:df:2f:08:eb:4d:52:40:b5:35:25:c9:70:c8:
a8:d6:89:32:5b:5f:1f:3a:5b:f5:4b:8a:38:55:eb:
6c:f2:d6:4b:8c:ef:01:18:74:cc:b0:0d:25:12:3d:
37:c5:b0:21:54:21:79:ca:ab:9f:22:cf:64:8c:4f:
02:a6:ae:59:fd:1e:b5:e3:d3:28:93:2b:f7:53:df:
a6:aa:3d:76:9e:0f:4f:79:e2:aa:42:69:b3:4d:f7:
f7:80:12:83:11:b1:1a:47:ae:c7:19:3e:80:f9:e0:
6b:7d:e9:ae:07:79:3a:37:b6:7d:0f:eb:b5:e6:42:
c8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C9:D7:D4:24:AA:A3:C6:59:BD:8B:3D:C3:9E:D3:92:6F:FC:20:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsnX1CSqo8ZZvYs9w57Tkm_8IOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.48.0/24
194.87.68.0-194.87.70.255
194.87.106.0/24
194.87.196.0/23
194.87.215.0/24
195.58.48.0/23
195.133.5.0/24
195.133.23.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0d:0b:aa:d4:8e:c7:30:78:b1:6e:42:69:50:ab:c4:da:82:
4d:61:b7:89:1f:06:ef:30:cc:6f:6b:49:c6:e0:cf:a9:82:c3:
93:5f:49:5d:19:50:c7:cb:3f:0c:7c:c4:6c:59:af:32:74:d9:
1d:b3:1a:57:3d:be:3b:f6:c7:be:e0:86:6a:00:54:8b:dd:e2:
28:41:0d:eb:d7:18:15:e9:50:d8:66:62:27:a2:e7:6e:dd:02:
4a:00:4b:d1:20:ae:75:0b:af:95:01:84:2b:c9:7d:d2:65:36:
3f:83:dc:81:6e:ca:ee:88:0e:07:75:59:81:e3:cb:10:e9:17:
88:0d:b0:59:19:b8:38:ca:4f:cc:ac:13:c9:b4:99:bd:20:aa:
b5:69:c2:6d:24:0e:6c:4c:c4:8c:60:c8:ee:78:0e:c5:64:d0:
fd:55:4d:fb:63:0a:be:95:11:45:cd:b4:5f:2c:63:af:b2:66:
6e:ea:8f:5f:cf:5c:1e:92:46:44:1b:15:c9:e6:c3:39:1c:79:
a8:ad:f1:5c:28:67:05:eb:28:7b:86:73:72:22:a1:92:e6:bc:
e0:6f:d0:81:be:d4:ad:05:79:65:5c:39:ce:2e:47:cb:f6:94:
d8:fe:67:ad:37:fe:a6:42:80:92:bc:43:2d:91:cb:15:16:0b:
cf:a7:99:bd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYsegfb+bURLW6+OTJEPSMgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTEzMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM5ZDdkNDI0YWFhM2M2NTliZDhiM2RjMzllZDM5MjZmZmMyMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk6JyieoyTXjzLhrrANdJh0shU3p
Yh+GH6w1MTY039VCVc88SzC6m3LH96zpeJRB24LjKr8n+HQzKdG6Iwxf0sRyYQ1l
6pJVeIpZitWmbuVPl5iZCKHZnUogeDdm1rGya9oqDzkGaCW+lyUfDaX4bRGjkYPS
g16UbbiOtnOujg0HUwTL7MDc5t8vCOtNUkC1NSXJcMio1okyW18fOlv1S4o4Vets
8tZLjO8BGHTMsA0lEj03xbAhVCF5yqufIs9kjE8Cpq5Z/R6149Mokyv3U9+mqj12
ng9PeeKqQmmzTff3gBKDEbEaR67HGT6A+eBrfemuB3k6N7Z9D+u15kLIrwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFK7J19QkqqPGWb2LPcOe05Jv/CDjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcnNuWDFDU3FvOFpadllzOXc1N1RrbV84SU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAwXwHAwQA
wlcwMAwDBALCV0QDBADCV0YDBADCV2oDBAHCV8QDBADCV9cDBAHDOjADBADDhQUD
BADDhRcwDQYJKoZIhvcNAQELBQADggEBAG8NC6rUjscweLFuQmlQq8Tagk1ht4kf
Bu8wzG9rScbgz6mCw5NfSV0ZUMfLPwx8xGxZrzJ02R2zGlc9vjv2x77ghmoAVIvd
4ihBDevXGBXpUNhmYiei527dAkoAS9EgrnULr5UBhCvJfdJlNj+D3IFuyu6IDgd1
WYHjyxDpF4gNsFkZuDjKT8ysE8m0mb0gqrVpwm0kDmxMxIxgyO54DsVk0P1VTftj
Cr6VEUXNtF8sY6+yZm7qj1/PXB6SRkQbFcnmwzkceait8VwoZwXrKHuGc3IioZLm
vOBv0IG+1K0FeWVcOc4uR8v2lNj+Z603/qZCgJK8Qy2RyxUWC8+nmb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org