Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u8vMCxrgh2JaB4V-mskcgRZCVnw.roa
File: u8vMCxrgh2JaB4V-mskcgRZCVnw.roa (raw, json)
Hash identifier: 4ELgFrOV32ss4xQ7TYUlcZBosIU4lrz78de50HFddSA=
Subject key identifier: BB:CB:CC:0B:1A:E0:87:62:5A:07:85:7E:9A:C9:1C:81:16:42:56:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018756FF9406527B7D053E479F98F74F41EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u8vMCxrgh2JaB4V-mskcgRZCVnw.roa
Signing time: Thu 06 Apr 2023 14:36:42 +0000
ROA not before: Thu 06 Apr 2023 14:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.23.0/24 maxlen: 24
195.58.48.0/23 maxlen: 23
194.87.106.0/24 maxlen: 24
195.133.5.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.70.0/24 maxlen: 24
194.87.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 06 Apr 2023 14:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:ff:94:06:52:7b:7d:05:3e:47:9f:98:f7:4f:41:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 14:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbcbcc0b1ae087625a07857e9ac91c811642567c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ac:8e:93:fa:4d:8a:c4:59:fa:08:94:00:fd:
ab:ec:c4:b3:3e:65:fd:06:0b:d9:80:a4:1d:16:ef:
dc:4d:52:f5:05:ec:2d:2b:5c:27:b6:3e:03:c3:7f:
db:56:5e:98:9d:8f:09:4b:ae:45:3f:ae:04:2f:99:
70:ff:42:38:fe:82:23:41:77:b8:e9:6f:15:2d:29:
bf:13:ba:e6:8b:ec:f0:24:39:2d:f3:b0:bd:05:57:
43:39:74:45:69:7e:7e:93:f3:0b:04:94:70:81:4c:
ce:9e:35:d5:3a:12:a1:a8:c8:4c:f2:4c:21:32:ad:
97:98:eb:5f:19:c1:65:ac:a9:6d:b0:03:1e:b0:13:
d6:45:8d:24:dd:ee:21:79:64:06:06:af:eb:e8:6d:
e8:6e:ad:be:49:63:fb:c0:6f:42:e1:52:c1:df:6d:
d1:d8:45:11:1d:c2:f9:3b:6b:7b:89:19:72:bd:16:
64:14:b8:28:02:7d:24:51:52:a5:48:52:21:b0:7b:
29:01:55:a0:8a:02:6b:8e:80:3b:3e:cc:32:77:6c:
ce:92:f3:8c:61:12:87:89:01:96:22:e3:23:df:4f:
b2:7d:63:65:54:e0:e4:ca:fd:99:73:e9:0d:a5:72:
ed:11:62:57:b5:32:31:76:a8:1f:20:8f:76:8f:07:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CB:CC:0B:1A:E0:87:62:5A:07:85:7E:9A:C9:1C:81:16:42:56:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u8vMCxrgh2JaB4V-mskcgRZCVnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.48.0/23
194.87.68.0-194.87.70.255
194.87.106.0/24
194.87.215.0/24
194.135.38.0/24
195.58.37.0/24
195.58.48.0/23
195.133.5.0/24
195.133.8.0/23
195.133.23.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:51:58:dd:42:61:63:1b:72:98:0a:d6:92:ee:f5:23:61:ef:
df:68:14:dd:07:74:0a:c4:ee:9f:8d:cb:dd:d8:13:7c:ff:e1:
fc:4b:47:31:47:c2:51:07:b1:38:00:f0:51:5d:3d:68:2f:4f:
ce:81:5d:a0:4a:41:0b:5c:ab:e0:58:a8:a0:69:7f:b1:d9:a8:
41:8b:be:12:de:79:4d:56:49:3a:fd:72:1f:2a:e7:54:e0:d3:
ec:97:85:32:68:39:6d:34:5c:e2:92:2c:03:c1:f2:cc:a2:78:
9a:20:88:b1:71:ec:a2:f4:aa:e8:7e:8f:cb:0f:1e:7f:5f:41:
6c:04:4c:c9:dd:e2:64:8c:30:75:a6:ef:ba:86:ef:8d:87:a4:
d4:da:95:fc:0b:2c:a4:fc:1c:2b:c2:06:7b:26:c7:b5:42:2b:
ca:2b:19:b2:d6:04:62:d2:07:19:29:00:20:b6:8e:ac:b4:b7:
9f:c2:6d:37:99:97:58:ed:9e:1b:58:66:d5:bd:a8:42:44:49:
88:42:8a:d4:b3:4f:9c:75:75:67:ff:e0:56:31:c1:d7:dd:09:
6a:b6:75:89:3e:ff:dd:dd:2d:fa:37:a5:5c:4c:71:83:3e:9e:
49:4f:00:a8:c8:53:6b:47:4f:6a:07:cc:d8:7b:7d:8b:2e:2f:
00:d8:d8:0d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYdW/5QGUnt9BT5Hn5j3T0HqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTQzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNiY2MwYjFhZTA4NzYyNWEwNzg1N2U5YWM5MWM4MTE2NDI1NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqyOk/pNisRZ+giUAP2r7MSzPmX9
BgvZgKQdFu/cTVL1BewtK1wntj4Dw3/bVl6YnY8JS65FP64EL5lw/0I4/oIjQXe4
6W8VLSm/E7rmi+zwJDkt87C9BVdDOXRFaX5+k/MLBJRwgUzOnjXVOhKhqMhM8kwh
Mq2XmOtfGcFlrKltsAMesBPWRY0k3e4heWQGBq/r6G3obq2+SWP7wG9C4VLB323R
2EURHcL5O2t7iRlyvRZkFLgoAn0kUVKlSFIhsHspAVWgigJrjoA7Pswyd2zOkvOM
YRKHiQGWIuMj30+yfWNlVODkyv2Zc+kNpXLtEWJXtTIxdqgfII92jwfZRwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFLvLzAsa4IdiWgeFfprJHIEWQlZ8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdTh2TUN4cmdoMkphQjRWLW1za2NnUlpDVm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAwXwHAwQB
wlcwMAwDBALCV0QDBADCV0YDBADCV2oDBADCV9cDBADChyYDBADDOiUDBAHDOjAD
BADDhQUDBAHDhQgDBADDhRcwDQYJKoZIhvcNAQELBQADggEBAHpRWN1CYWMbcpgK
1pLu9SNh799oFN0HdArE7p+Ny93YE3z/4fxLRzFHwlEHsTgA8FFdPWgvT86BXaBK
QQtcq+BYqKBpf7HZqEGLvhLeeU1WSTr9ch8q51Tg0+yXhTJoOW00XOKSLAPB8syi
eJogiLFx7KL0quh+j8sPHn9fQWwETMnd4mSMMHWm77qG742HpNTalfwLLKT8HCvC
Bnsmx7VCK8orGbLWBGLSBxkpACC2jqy0t5/CbTeZl1jtnhtYZtW9qEJESYhCitSz
T5x1dWf/4FYxwdfdCWq2dYk+/93dLfo3pVxMcYM+nklPAKjIU2tHT2oHzNh7fYsu
LwDY2A0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org