Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNXAQwpRh53XFv4L9AqKHkkPa38.roa
File: uNXAQwpRh53XFv4L9AqKHkkPa38.roa (raw, json)
Hash identifier: OyECGk4E3KusWABWylfBDc2P9eXm45c5eHNnocjdbkA=
Subject key identifier: B8:D5:C0:43:0A:51:87:9D:D7:16:FE:0B:F4:0A:8A:1E:49:0F:6B:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185C967D82C707BEA389325F207E7EF4659
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNXAQwpRh53XFv4L9AqKHkkPa38.roa
Signing time: Thu 19 Jan 2023 09:41:44 +0000
ROA not before: Thu 19 Jan 2023 09:41:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jan 2023 07:24:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:67:d8:2c:70:7b:ea:38:93:25:f2:07:e7:ef:46:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 19 09:41:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d5c0430a51879dd716fe0bf40a8a1e490f6b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8f:4c:a3:dd:ff:92:ef:ba:d4:71:e4:93:1e:
a0:14:82:03:57:23:c9:cc:92:6b:48:9f:b3:05:6e:
65:35:6a:64:d2:a4:c3:30:15:9a:d7:ea:63:28:f3:
66:eb:77:0b:1e:96:e7:b7:c2:9b:b2:4a:99:bf:33:
cc:2b:45:d9:29:65:f9:40:4c:60:fe:2b:98:29:e2:
94:6a:b9:72:c7:8c:48:af:b2:6c:7a:5a:18:57:56:
62:3a:f9:d7:a8:62:a5:f2:40:46:9f:e5:78:a7:52:
47:99:8a:68:d0:9e:80:8f:dc:38:0a:5d:b7:a5:1b:
eb:1e:c0:22:a2:e3:bc:c3:69:a5:d5:e4:bb:12:0e:
5a:02:23:4a:2f:37:9f:b1:2e:c0:73:e9:cc:c0:ce:
ab:34:42:9b:dc:9b:fb:d4:d9:79:02:85:51:53:f6:
1d:ed:9d:00:40:d5:1e:fa:b9:af:05:cf:1f:7b:41:
65:cb:1b:13:07:a4:9b:41:46:c8:5a:e2:77:35:9d:
8c:83:58:0e:57:00:b0:34:5d:b1:7c:69:e6:0b:f9:
0b:45:91:ad:af:78:28:3f:9f:65:fe:4a:ae:8c:7e:
db:8a:e2:25:9f:8b:b2:a2:9a:a3:27:c0:ff:0a:99:
76:02:f7:1e:84:85:f8:11:7c:e4:1d:97:30:e7:8b:
4b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D5:C0:43:0A:51:87:9D:D7:16:FE:0B:F4:0A:8A:1E:49:0F:6B:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uNXAQwpRh53XFv4L9AqKHkkPa38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
193.124.9.0/24
193.124.44.0/24
193.124.201.0/24
194.87.1.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.170.0/23
194.87.178.0/23
194.87.182.0/24
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.56.0/24
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
195.133.195.0/24
212.192.10.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:6f:91:33:b2:46:82:37:03:03:a4:e4:23:e5:33:5f:bd:ff:
21:77:57:41:38:c0:1f:98:09:81:59:08:dc:47:c5:a1:aa:10:
75:a6:51:f6:65:3d:c6:75:19:73:d0:84:50:4c:4e:3e:66:2b:
69:aa:b2:5d:08:3f:9e:63:b7:e6:d8:f6:84:c2:d9:38:40:65:
99:e1:ae:1b:f5:d5:cb:0f:f6:0b:1c:46:53:fd:7d:0b:e2:a4:
8f:93:2b:fb:80:e2:53:23:68:cb:de:bb:12:01:cc:ac:c4:44:
62:07:d6:1b:6e:2c:3b:ea:dc:7a:18:a4:71:f7:6f:e1:29:0a:
2a:72:b4:8c:e2:09:d3:0e:f9:d8:72:4c:f7:d3:99:f9:58:c3:
5e:22:fd:8c:a4:89:9f:bb:0b:57:9e:23:bc:ea:26:40:49:93:
66:97:3c:2a:46:0e:fc:ea:44:f6:8f:39:13:33:23:b7:89:b5:
2d:56:b6:0b:79:dc:a7:25:64:9a:23:ca:53:67:ee:58:36:48:
1f:f8:fc:fe:71:76:1d:6e:8c:0a:1a:35:6b:e9:67:5f:21:0e:
dc:0c:5d:9e:01:d7:25:ca:02:23:4a:29:a5:14:d4:5a:ac:23:
b5:a7:f5:c2:d4:6c:a8:c0:d1:2a:ed:0b:25:69:bf:01:63:28:
85:d3:e8:ef
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYXJZ9gscHvqOJMl8gfn70ZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE5MDk0MTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ1YzA0MzBhNTE4NzlkZDcxNmZlMGJmNDBhOGExZTQ5MGY2YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI9Mo93/ku+61HHkkx6gFIIDVyPJ
zJJrSJ+zBW5lNWpk0qTDMBWa1+pjKPNm63cLHpbnt8KbskqZvzPMK0XZKWX5QExg
/iuYKeKUarlyx4xIr7JseloYV1ZiOvnXqGKl8kBGn+V4p1JHmYpo0J6Aj9w4Cl23
pRvrHsAiouO8w2ml1eS7Eg5aAiNKLzefsS7Ac+nMwM6rNEKb3Jv71Nl5AoVRU/Yd
7Z0AQNUe+rmvBc8fe0FlyxsTB6SbQUbIWuJ3NZ2Mg1gOVwCwNF2xfGnmC/kLRZGt
r3goP59l/kqujH7biuIln4uyopqjJ8D/Cpl2AvcehIX4EXzkHZcw54tLzQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLjVwEMKUYed1xb+C/QKih5JD2t/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdU5YQVF3cFJoNTNYRnY0TDlBcUtIa2tQYTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBADB
fAMDBADBfAkDBADBfCwDBADBfMkDBADCVwEDBADCVyoDBADCV0kDBAHCV4IDBADC
V6YDBADCV6gDBAHCV6oDBAHCV7IDBADCV7YDBADCV7sDBADChxIDBADChxcwDAME
AMM6IwMEAMM6JAMEAMM6MgMEAMM6OAMEAMOFAAMEAMOFHgMEAMOFIwMEAMOFwwME
ANTACgMEANTAHzANBgkqhkiG9w0BAQsFAAOCAQEADG+RM7JGgjcDA6TkI+UzX73/
IXdXQTjAH5gJgVkI3EfFoaoQdaZR9mU9xnUZc9CEUExOPmYraaqyXQg/nmO35tj2
hMLZOEBlmeGuG/XVyw/2CxxGU/19C+Kkj5Mr+4DiUyNoy967EgHMrMREYgfWG24s
O+rcehikcfdv4SkKKnK0jOIJ0w752HJM99OZ+VjDXiL9jKSJn7sLV54jvOomQEmT
Zpc8KkYO/OpE9o85EzMjt4m1LVa2C3ncpyVkmiPKU2fuWDZIH/j8/nF2HW6MCho1
a+lnXyEO3AxdngHXJcoCI0oppRTUWqwjtaf1wtRsqMDRKu0LJWm/AWMohdPo7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org