Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNV9cAVmjSlCsfa5gBBvmSyWuYc.roa
File: uNV9cAVmjSlCsfa5gBBvmSyWuYc.roa (raw, json)
Hash identifier: 1vQ3uhgSTcdTCWhtST9bxgX9/fQibV89LVzvdaXUxf0=
Subject key identifier: B8:D5:7D:70:05:66:8D:29:42:B1:F6:B9:80:10:6F:99:2C:96:B9:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CFC9DAC02CB9075E4440F8BCFF81D8C4D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNV9cAVmjSlCsfa5gBBvmSyWuYc.roa
Signing time: Fri 12 Jan 2024 07:40:40 +0000
ROA not before: Fri 12 Jan 2024 07:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.135.30.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 06:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:9d:ac:02:cb:90:75:e4:44:0f:8b:cf:f8:1d:8c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 12 07:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d57d7005668d2942b1f6b980106f992c96b987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:32:90:f3:cb:da:50:5d:a5:33:11:ab:56:16:
39:f1:5b:e9:2b:54:bb:ca:9b:eb:6b:d9:d1:34:f2:
48:6a:08:b9:42:6c:3b:09:8c:2c:15:0a:f4:60:93:
8c:97:da:d8:ca:f4:b5:33:e2:94:0e:73:a8:16:c1:
88:fb:0d:ff:a8:fd:3b:1c:bb:d6:e2:9e:20:c4:5c:
f7:ba:cc:0c:61:fb:a9:aa:90:5a:5b:f4:ac:c0:c6:
c9:b6:62:92:8a:08:57:c5:23:01:9d:af:7e:dc:bd:
b4:37:d4:a4:6e:dd:eb:e8:0c:6f:81:dc:4b:5c:8e:
94:e2:fd:f8:6b:5b:e3:9a:67:41:c5:7b:b3:8c:aa:
05:df:65:b9:7e:df:6b:2a:9a:f4:2c:05:62:87:d7:
1f:7a:14:5c:c5:e9:a5:eb:58:d9:28:ea:d6:8c:6c:
7d:89:66:b3:d9:ef:4b:b9:ea:d2:4c:36:30:13:cb:
e5:dd:c5:ce:74:89:55:7d:a4:ad:14:4e:61:1a:8d:
e4:a9:9a:b2:a7:31:ae:21:91:6d:7d:07:3d:c5:65:
9d:34:4f:b2:d4:e0:7e:fe:96:cc:02:94:68:2d:6c:
b6:a3:ba:0c:d1:eb:ee:4e:a0:8d:8f:bc:1f:49:3d:
1b:0d:8d:86:ad:d0:37:bb:8e:5d:0a:36:f7:d1:30:
48:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D5:7D:70:05:66:8D:29:42:B1:F6:B9:80:10:6F:99:2C:96:B9:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNV9cAVmjSlCsfa5gBBvmSyWuYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.32.0/24
194.87.40.0/24
194.87.66.0/24
194.135.30.0/24
195.58.35.0/24
195.58.60.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
35:76:09:45:4f:a7:3b:9b:da:78:68:d6:41:89:54:fd:d2:ee:
9c:a4:8e:6a:1f:f9:24:32:62:c2:bf:9e:06:bd:88:4e:43:f9:
3b:a8:0c:fb:b7:7f:6e:5b:d0:7b:06:91:7e:cc:2b:32:1c:cf:
8d:fb:40:a0:ff:49:34:65:31:d9:35:9c:4e:5b:99:1e:6e:f8:
5e:b9:f1:4b:6e:30:1b:5f:80:1e:74:26:1f:ab:63:17:29:ef:
58:a6:82:7f:84:24:28:39:cb:31:64:f7:a9:ef:e0:42:17:2a:
d8:0f:ad:0c:15:4b:81:80:cb:65:17:72:c4:ef:cb:a9:e4:97:
96:9e:51:b6:f0:fe:c4:21:aa:72:12:a6:3c:76:13:73:74:59:
93:f1:a4:bf:98:ad:0c:7a:89:19:03:cd:4c:c8:e5:38:3f:3b:
2f:49:94:66:fb:59:83:e2:f9:a7:9d:7e:13:db:98:ed:30:23:
3d:3c:0b:1d:66:05:f1:79:d6:c1:58:6c:c4:e9:98:5e:ba:94:
d0:13:28:a9:c4:aa:ca:62:78:be:ee:4c:f4:bb:a5:0c:c3:44:
b2:6d:f3:62:be:c3:d0:2e:92:a8:d7:3a:c1:fa:f4:dc:f8:8c:
34:16:28:6e:fd:27:1f:4f:39:15:6c:b5:9c:35:c1:d9:16:37:
eb:48:47:c0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYz8nawCy5B15EQPi8/4HYxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTEyMDc0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ1N2Q3MDA1NjY4ZDI5NDJiMWY2Yjk4MDEwNmY5OTJjOTZiOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTKQ88vaUF2lMxGrVhY58VvpK1S7
ypvra9nRNPJIagi5Qmw7CYwsFQr0YJOMl9rYyvS1M+KUDnOoFsGI+w3/qP07HLvW
4p4gxFz3uswMYfupqpBaW/SswMbJtmKSighXxSMBna9+3L20N9Skbt3r6AxvgdxL
XI6U4v34a1vjmmdBxXuzjKoF32W5ft9rKpr0LAVih9cfehRcxeml61jZKOrWjGx9
iWaz2e9LuerSTDYwE8vl3cXOdIlVfaStFE5hGo3kqZqypzGuIZFtfQc9xWWdNE+y
1OB+/pbMApRoLWy2o7oM0evuTqCNj7wfST0bDY2GrdA3u45dCjb30TBIgwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLjVfXAFZo0pQrH2uYAQb5kslrmHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdU5WOWNBVm1qU2xDc2ZhNWdCQnZtU3lXdVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwlcgAwQA
wlcoAwQAwldCAwQAwoceAwQAwzojAwQAwzo8AwQCw4UoAwQA1MD+MA0GCSqGSIb3
DQEBCwUAA4IBAQA1dglFT6c7m9p4aNZBiVT90u6cpI5qH/kkMmLCv54GvYhOQ/k7
qAz7t39uW9B7BpF+zCsyHM+N+0Cg/0k0ZTHZNZxOW5kebvheufFLbjAbX4AedCYf
q2MXKe9YpoJ/hCQoOcsxZPep7+BCFyrYD60MFUuBgMtlF3LE78up5JeWnlG28P7E
IapyEqY8dhNzdFmT8aS/mK0MeokZA81MyOU4PzsvSZRm+1mD4vmnnX4T25jtMCM9
PAsdZgXxedbBWGzE6ZheupTQEyipxKrKYni+7kz0u6UMw0SybfNivsPQLpKo1zrB
+vTc+Iw0Fihu/ScfTzkVbLWcNcHZFjfrSEfA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org