Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sKpUH0O_2H5Io9lh9Ny6JrXP8kg.roa
File: sKpUH0O_2H5Io9lh9Ny6JrXP8kg.roa (raw, json)
Hash identifier: Y48QiHG4wbLqX0i58i6/wfTRiUJciiLnEPPcLToCby8=
Subject key identifier: B0:AA:54:1F:43:BF:D8:7E:48:A3:D9:61:F4:DC:BA:26:B5:CF:F2:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F1F797E398D6BE0AA74F5322A82033DF8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sKpUH0O_2H5Io9lh9Ny6JrXP8kg.roa
Signing time: Sat 27 Apr 2024 12:13:26 +0000
ROA not before: Sat 27 Apr 2024 12:13:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.172.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Apr 2024 14:11:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:79:7e:39:8d:6b:e0:aa:74:f5:32:2a:82:03:3d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 27 12:13:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0aa541f43bfd87e48a3d961f4dcba26b5cff248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:e8:ee:83:cc:31:2f:16:93:9c:c3:40:7c:
61:44:c9:78:39:0c:36:a6:aa:fd:a9:9d:e5:50:05:
76:6c:bc:be:e4:e6:4a:40:76:82:f1:77:e6:a4:55:
36:53:c8:ec:57:ff:58:4f:c0:3a:88:b4:62:6d:96:
60:cd:ae:ca:3c:5a:2c:78:0e:9c:f7:44:73:e7:9e:
29:57:48:e4:3a:0e:10:a6:7d:4f:2f:a4:96:11:0f:
32:9e:a0:87:00:47:ac:97:9e:8b:48:60:8a:3f:6a:
93:1a:6e:90:a1:cc:c0:9a:c2:29:b0:fe:b9:dc:68:
f9:5c:56:1f:2a:9f:fa:93:38:fd:7c:51:a9:17:a0:
84:a9:89:9d:e5:7d:cc:b4:24:e5:30:82:5a:fd:df:
cd:41:2f:68:18:ca:86:e8:ca:d3:5d:d1:5d:6e:14:
49:03:0d:74:1a:51:1a:3a:00:0d:2c:99:b5:e2:7a:
36:5e:27:2d:43:4d:0a:22:a5:f8:29:8f:40:cd:d6:
ca:d1:0d:45:42:fa:21:e0:5a:77:55:bd:c6:77:80:
cb:03:15:64:d6:a6:47:70:42:95:7f:c4:30:8e:06:
ad:05:bd:c5:22:32:19:4a:91:a2:ea:09:96:1b:5b:
d6:22:1f:9b:3e:3c:94:09:b4:ff:3f:56:06:4c:fb:
a7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AA:54:1F:43:BF:D8:7E:48:A3:D9:61:F4:DC:BA:26:B5:CF:F2:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sKpUH0O_2H5Io9lh9Ny6JrXP8kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
193.124.7.0/24
194.58.56.0/23
194.87.141.0/24
194.87.169.0/24
194.87.245.0/24
195.133.25.0/24
212.192.1.0/24
212.192.208.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
58:1d:32:82:ee:e3:a4:6d:49:7e:a1:f4:2a:6a:2c:10:be:8b:
31:e0:6b:ca:2f:26:21:a8:03:ff:9b:3d:c3:f7:b1:21:b3:f7:
fc:31:1c:84:b9:53:ae:bf:b8:8c:de:89:78:9b:ee:35:dc:3f:
6e:c4:fc:4a:ec:0b:c5:d6:f7:d9:30:f7:e7:9f:e3:5f:f4:e1:
5a:b1:be:ae:0e:eb:c6:c3:de:1c:b7:36:d3:37:93:28:44:4f:
75:93:98:e1:8f:d5:d3:74:fe:85:67:9f:77:08:e1:a9:23:d7:
54:72:87:27:23:79:5e:fd:4b:42:d3:09:99:f0:83:78:2a:92:
85:b5:e2:7c:11:9c:9a:99:4a:3e:fa:93:f9:d5:64:b5:3e:c4:
1a:8e:c1:24:88:29:a7:92:fc:a0:74:16:16:48:91:ba:ae:33:
a1:86:6e:29:8b:b5:1a:a3:8b:83:b9:d6:65:52:d4:82:a6:34:
61:71:ac:5f:19:46:55:62:22:ff:7e:aa:b2:31:16:5a:e1:6f:
e0:44:00:5a:bc:e4:d7:5c:2f:8f:0a:2b:4e:7b:b8:2b:14:5c:
cf:2e:3f:51:18:be:d9:f7:f2:21:82:ac:78:22:a5:1e:8b:b2:
c4:6e:6c:5e:f9:01:f1:1b:45:ec:3d:f2:ec:68:a7:fb:0f:5d:
2b:59:0c:14
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY8feX45jWvgqnT1MiqCAz34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDI3MTIxMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFhNTQxZjQzYmZkODdlNDhhM2Q5NjFmNGRjYmEyNmI1Y2ZmMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRvo7oPMMS8Wk5zDQHxhRMl4OQw2
pqr9qZ3lUAV2bLy+5OZKQHaC8XfmpFU2U8jsV/9YT8A6iLRibZZgza7KPFoseA6c
90Rz554pV0jkOg4Qpn1PL6SWEQ8ynqCHAEesl56LSGCKP2qTGm6QoczAmsIpsP65
3Gj5XFYfKp/6kzj9fFGpF6CEqYmd5X3MtCTlMIJa/d/NQS9oGMqG6MrTXdFdbhRJ
Aw10GlEaOgANLJm14no2XictQ00KIqX4KY9AzdbK0Q1FQvoh4Fp3Vb3Gd4DLAxVk
1qZHcEKVf8QwjgatBb3FIjIZSpGi6gmWG1vWIh+bPjyUCbT/P1YGTPunhwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLCqVB9Dv9h+SKPZYfTcuia1z/JIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc0twVUgwT18ySDVJbzlsaDlOeTZKclhQOGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQAwHysAwQA
wXwHAwQBwjo4AwQAwleNAwQAwlepAwQAwlf1AwQAw4UZAwQA1MABAwQA1MDQAwQA
1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAWB0y
gu7jpG1JfqH0KmosEL6LMeBryi8mIagD/5s9w/exIbP3/DEchLlTrr+4jN6JeJvu
Ndw/bsT8SuwLxdb32TD355/jX/ThWrG+rg7rxsPeHLc20zeTKERPdZOY4Y/V03T+
hWefdwjhqSPXVHKHJyN5Xv1LQtMJmfCDeCqShbXifBGcmplKPvqT+dVktT7EGo7B
JIgpp5L8oHQWFkiRuq4zoYZuKYu1GqOLg7nWZVLUgqY0YXGsXxlGVWIi/36qsjEW
WuFv4EQAWrzk11wvjworTnu4KxRczy4/URi+2ffyIYKseCKlHouyxG5sXvkB8RtF
7D3y7Gin+w9dK1kMFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org