Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sYqu3ONZqwtPVuDcA1PDNDlmetk.roa
File: sYqu3ONZqwtPVuDcA1PDNDlmetk.roa (raw, json)
Hash identifier: sEJZz4CFektZ37NswjPp6jRRkGPneIZ3E4CCxryff4Q=
Subject key identifier: B1:8A:AE:DC:E3:59:AB:0B:4F:56:E0:DC:03:53:C3:34:39:66:7A:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D35E9CF00CA6435C8F033E0DACEEBBEC3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sYqu3ONZqwtPVuDcA1PDNDlmetk.roa
Signing time: Tue 23 Jan 2024 10:42:11 +0000
ROA not before: Tue 23 Jan 2024 10:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.114.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.179.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 13:46:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:e9:cf:00:ca:64:35:c8:f0:33:e0:da:ce:eb:be:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 10:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b18aaedce359ab0b4f56e0dc0353c33439667ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9d:63:d0:23:bd:c2:2e:80:ef:7b:10:c8:90:
a4:8c:0b:72:24:57:03:14:3e:b6:e4:95:fd:fd:ab:
5b:ea:54:1e:a6:68:44:d7:31:1a:dc:24:35:4a:89:
50:b7:80:3a:45:69:bb:7a:7a:40:91:aa:b4:cf:28:
f6:4f:0e:28:56:39:e9:3c:6f:54:17:fc:0b:e8:e4:
46:a9:67:35:b2:01:23:c6:ff:80:c5:e4:26:e5:1d:
14:23:6d:39:01:eb:2b:6c:0e:79:4e:e7:bf:cf:69:
0e:d9:6b:e5:29:b1:b7:5e:83:e9:d9:49:ae:99:60:
44:6a:ec:c7:23:ae:72:6b:2e:e7:f8:76:23:bb:53:
89:96:d9:ae:18:62:7a:ce:e2:64:f2:3a:07:d9:4b:
6f:7f:10:cf:4f:24:a5:d7:f5:53:f1:5b:49:ea:05:
2c:4c:67:05:dc:24:59:de:ed:2c:c5:21:f7:f6:77:
27:b0:41:a2:6b:f5:65:22:5c:08:c8:b1:ca:7e:97:
1d:e8:31:6d:6f:56:39:42:f8:01:24:5a:76:d9:b8:
87:ca:d6:c4:cd:ae:08:23:99:5c:4f:39:d9:6e:be:
34:eb:8c:e1:fe:0f:2e:47:94:fc:7a:e9:de:50:a1:
e7:a8:43:91:8b:df:39:1d:15:3c:5d:83:36:aa:1f:
cc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8A:AE:DC:E3:59:AB:0B:4F:56:E0:DC:03:53:C3:34:39:66:7A:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sYqu3ONZqwtPVuDcA1PDNDlmetk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a1:a3:07:9f:75:15:d8:2f:8d:52:a4:72:51:1d:a1:9a:f9:
6c:55:aa:da:81:9b:02:00:38:19:fa:c9:76:82:f4:57:30:17:
e3:fe:79:04:0f:dd:f9:e5:12:4d:ba:e5:b8:e1:4b:96:60:83:
f8:a5:67:73:82:e5:5c:69:1e:8f:ed:81:38:49:59:7a:08:3c:
21:09:d3:43:49:9e:f3:c5:5c:7f:63:5c:98:49:88:fe:b6:ce:
65:7f:3e:78:3d:78:01:19:76:3d:6b:f3:bf:27:fb:d0:ba:09:
d7:28:85:4b:a9:e9:48:13:a5:3c:c1:6e:44:e9:4d:48:45:01:
c8:41:43:48:fb:51:2e:52:52:aa:45:ce:5b:cf:e8:cf:6b:6a:
81:12:b7:b6:15:66:8f:8a:88:c9:7e:fe:db:3e:8e:92:8a:d2:
7f:4a:17:20:98:69:2f:48:70:0f:bb:d7:8e:1e:b9:a5:5c:2b:
f5:2c:2f:7f:fa:db:c0:f5:4d:34:ac:9b:e2:62:9f:08:3c:47:
49:ae:06:93:5a:fc:35:73:55:73:c1:f5:a8:f8:cf:5a:8a:c4:
9f:dd:b7:67:0f:55:11:0b:55:cd:29:ec:f0:d9:d6:b7:4d:76:
95:1e:24:94:c2:45:11:b0:aa:33:07:63:27:32:b1:29:c2:57:
a9:77:43:c5
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY016c8AymQ1yPAz4NrO677DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIzMTA0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThhYWVkY2UzNTlhYjBiNGY1NmUwZGMwMzUzYzMzNDM5NjY3YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Z1j0CO9wi6A73sQyJCkjAtyJFcD
FD625JX9/atb6lQepmhE1zEa3CQ1SolQt4A6RWm7enpAkaq0zyj2Tw4oVjnpPG9U
F/wL6ORGqWc1sgEjxv+AxeQm5R0UI205AesrbA55Tue/z2kO2WvlKbG3XoPp2Umu
mWBEauzHI65yay7n+HYju1OJltmuGGJ6zuJk8joH2UtvfxDPTySl1/VT8VtJ6gUs
TGcF3CRZ3u0sxSH39ncnsEGia/VlIlwIyLHKfpcd6DFtb1Y5QvgBJFp22biHytbE
za4II5lcTznZbr4064zh/g8uR5T8euneUKHnqEORi985HRU8XYM2qh/MLQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLGKrtzjWasLT1bg3ANTwzQ5ZnrZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1lxdTNPTlpxd3RQVnVEY0ExUERORGxtZXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXbAMEAcJXcgMEAMJXegME
AMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAME
AcOFVAMEANTA3jANBgkqhkiG9w0BAQsFAAOCAQEAFaGjB591FdgvjVKkclEdoZr5
bFWq2oGbAgA4GfrJdoL0VzAX4/55BA/d+eUSTbrluOFLlmCD+KVnc4LlXGkej+2B
OElZegg8IQnTQ0me88Vcf2NcmEmI/rbOZX8+eD14ARl2PWvzvyf70LoJ1yiFS6np
SBOlPMFuROlNSEUByEFDSPtRLlJSqkXOW8/oz2tqgRK3thVmj4qIyX7+2z6OkorS
f0oXIJhpL0hwD7vXjh65pVwr9Swvf/rbwPVNNKyb4mKfCDxHSa4Gk1r8NXNVc8H1
qPjPWorEn923Zw9VEQtVzSns8NnWt012lR4klMJFEbCqMwdjJzKxKcJXqXdDxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org