Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXwLK3BiiZ4T9ozGKqL-SH_tf7E.roa
File: sXwLK3BiiZ4T9ozGKqL-SH_tf7E.roa (raw, json)
Hash identifier: lIcgPkZngvWuyC9xYicmXmYFvk4w0DYNF82X3Phz50Y=
Subject key identifier: B1:7C:0B:2B:70:62:89:9E:13:F6:8C:C6:2A:A2:FE:48:7F:ED:7F:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C0B4B39A1092315D7684D7E506E443C6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXwLK3BiiZ4T9ozGKqL-SH_tf7E.roa
Signing time: Fri 13 Dec 2024 15:48:08 +0000
ROA not before: Fri 13 Dec 2024 15:48:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:b4:b3:9a:10:92:31:5d:76:84:d7:e5:06:e4:43:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:48:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b17c0b2b7062899e13f68cc62aa2fe487fed7fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:8d:18:e4:b0:87:60:ee:aa:e4:81:63:df:
1e:95:88:c5:47:b0:d6:bd:dd:8f:8b:44:c5:8d:03:
8b:5d:4a:b6:c1:bb:6c:e6:d7:c0:12:7b:50:58:70:
f5:f7:3b:5c:78:b5:0f:55:1c:b8:c4:7a:f1:28:dd:
e2:9e:b2:2e:47:5f:2c:87:5a:1c:ca:93:1b:57:04:
6b:e3:92:95:a5:52:e4:e8:78:47:90:18:0f:f9:4e:
b1:34:62:78:55:d9:a0:5f:60:98:03:f2:ad:9f:51:
1f:9b:25:e2:21:1f:ba:f6:0f:8d:1a:de:2d:d6:75:
83:49:4b:15:73:0d:aa:3e:2c:05:90:b3:64:d6:97:
1e:83:76:79:33:05:58:bf:4c:c4:29:54:d8:33:14:
1b:c9:a0:fd:72:b2:e0:6a:88:13:d0:22:6f:c9:26:
fe:f3:f3:0d:b9:4b:e9:59:a7:13:fb:7c:8f:1c:d6:
0f:a8:46:b1:cf:fd:8f:5f:aa:c8:70:62:fc:b3:5e:
c5:5b:84:82:49:c8:89:0d:06:db:52:92:e3:89:b4:
83:01:9f:61:fb:ca:52:3b:23:b4:ad:47:f8:83:db:
fd:db:a8:de:3f:2d:df:ff:66:19:de:5b:65:55:0c:
32:54:9b:38:fc:9d:01:06:11:2d:df:31:29:00:09:
d2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7C:0B:2B:70:62:89:9E:13:F6:8C:C6:2A:A2:FE:48:7F:ED:7F:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXwLK3BiiZ4T9ozGKqL-SH_tf7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:82:9e:1a:6c:6e:bf:a1:e6:b2:80:61:bb:35:d9:f7:99:79:
e1:e2:23:a7:87:74:5a:c9:41:69:c6:79:de:0b:f1:57:6a:6c:
6e:03:03:7c:da:d8:a0:db:80:e9:4f:c8:0f:e4:28:dc:47:8c:
e3:8f:8c:18:0b:95:3a:c0:d5:93:75:3a:7f:fb:85:03:32:cc:
43:4e:ff:7b:a5:c4:1d:04:07:52:bb:fd:ab:32:64:ed:55:45:
e8:8e:db:e7:6c:81:01:df:ef:3e:30:e1:62:32:b3:5b:21:5c:
6c:ad:2a:b5:80:d5:14:79:e9:cb:4f:f2:d5:d1:0b:79:8a:5c:
99:95:8d:6c:a3:a1:53:ee:b0:a4:9e:70:f2:56:8f:ac:24:2a:
82:38:74:76:e8:50:46:d9:e5:11:13:24:a5:41:ed:1a:ef:df:
fa:b5:88:7e:a8:0e:9c:ca:54:fd:e9:da:b6:74:58:cc:16:c0:
56:72:7d:33:15:d8:99:87:1e:85:f2:fe:7c:78:16:2c:dc:6e:
48:06:af:90:6a:ed:43:7e:42:ab:26:f1:85:6f:7e:7d:c2:00:
60:2b:c8:65:8d:10:80:2c:c9:bc:7c:86:d4:ae:e8:ca:85:be:
ed:30:e1:af:1c:e3:ee:f4:1e:51:b7:4f:d3:5d:6f:24:1e:3e:
95:7e:67:e3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPAtLOaEJIxXXaE1+UG5EPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTU0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdjMGIyYjcwNjI4OTllMTNmNjhjYzYyYWEyZmU0ODdmZWQ3ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWSNGOSwh2DuquSBY98elYjFR7DW
vd2Pi0TFjQOLXUq2wbts5tfAEntQWHD19ztceLUPVRy4xHrxKN3inrIuR18sh1oc
ypMbVwRr45KVpVLk6HhHkBgP+U6xNGJ4VdmgX2CYA/Ktn1EfmyXiIR+69g+NGt4t
1nWDSUsVcw2qPiwFkLNk1pceg3Z5MwVYv0zEKVTYMxQbyaD9crLgaogT0CJvySb+
8/MNuUvpWacT+3yPHNYPqEaxz/2PX6rIcGL8s17FW4SCSciJDQbbUpLjibSDAZ9h
+8pSOyO0rUf4g9v926jePy3f/2YZ3ltlVQwyVJs4/J0BBhEt3zEpAAnSJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLF8CytwYomeE/aMxiqi/kh/7X+xMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1h3TEszQmlpWjRUOW96R0txTC1TSF90ZjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYMA0GCSqGSIb3DQEBCwUAA4IBAQBd
gp4abG6/oeaygGG7Ndn3mXnh4iOnh3RayUFpxnneC/FXamxuAwN82tig24DpT8gP
5CjcR4zjj4wYC5U6wNWTdTp/+4UDMsxDTv97pcQdBAdSu/2rMmTtVUXojtvnbIEB
3+8+MOFiMrNbIVxsrSq1gNUUeenLT/LV0Qt5ilyZlY1so6FT7rCknnDyVo+sJCqC
OHR26FBG2eUREySlQe0a79/6tYh+qA6cylT96dq2dFjMFsBWcn0zFdiZhx6F8v58
eBYs3G5IBq+Qau1DfkKrJvGFb359wgBgK8hljRCALMm8fIbUrujKhb7tMOGvHOPu
9B5Rt0/TXW8kHj6Vfmfj
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:45 2025 by rpki-client