Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uX7dsfVeaotSI1GP1nFIEeylOxA.roa
File: uX7dsfVeaotSI1GP1nFIEeylOxA.roa (raw, json)
Hash identifier: mXD3pf1AHG6a/Od/NNjprkgcPSe3FpWyFObWKcdhx/8=
Subject key identifier: B9:7E:DD:B1:F5:5E:6A:8B:52:23:51:8F:D6:71:48:11:EC:A5:3B:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F8B41523052778DC39E2D6DA8716A1ACA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uX7dsfVeaotSI1GP1nFIEeylOxA.roa
Signing time: Sat 18 May 2024 10:31:04 +0000
ROA not before: Sat 18 May 2024 10:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.58.56.0/23 maxlen: 23
194.87.134.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.54.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 19 May 2024 17:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:41:52:30:52:77:8d:c3:9e:2d:6d:a8:71:6a:1a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 18 10:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b97eddb1f55e6a8b5223518fd6714811eca53b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:ba:14:de:2c:74:16:cf:8b:52:f5:68:9e:
e2:9c:65:d3:24:5d:2a:1c:bb:4f:65:b4:73:80:a4:
87:b7:25:c5:8b:83:c1:29:77:8a:23:f5:8e:04:22:
4d:e4:67:6f:91:1b:2e:c1:30:2f:1c:b8:36:33:b6:
2a:3b:02:90:60:28:61:7a:27:11:62:46:4a:b4:b8:
01:b4:e9:25:2d:95:39:34:21:2a:0b:33:38:6e:1b:
3b:1e:b6:24:1c:e3:a5:45:03:0a:27:01:72:5d:60:
57:83:4e:49:75:60:52:59:76:78:61:86:d8:76:46:
52:1f:22:e5:12:74:52:cd:b3:9a:31:3e:f7:c7:a0:
a5:89:e3:6a:c4:dd:75:6a:cd:3f:05:14:62:a1:53:
59:a4:9f:79:8a:4e:44:47:96:6f:92:b9:43:09:af:
36:7f:aa:ad:0b:a4:3f:f4:e9:9f:35:77:38:de:0b:
3c:14:8b:ff:10:3c:7c:97:14:12:3b:11:34:18:da:
99:2f:64:a3:de:79:ba:01:b4:17:fa:c0:a0:06:5c:
77:5e:13:d1:eb:99:04:a4:73:6c:76:eb:22:5c:23:
f7:95:36:5a:e1:72:c2:ac:20:ed:b4:cd:41:60:ad:
52:e1:ae:40:9e:b9:35:1e:e3:24:f2:40:af:c0:c7:
60:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7E:DD:B1:F5:5E:6A:8B:52:23:51:8F:D6:71:48:11:EC:A5:3B:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uX7dsfVeaotSI1GP1nFIEeylOxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.56.0/23
194.87.134.0/24
194.87.141.0/24
194.87.169.0/24
194.87.198.0/24
194.87.201.0/24
195.133.25.0/24
195.133.54.0/24
195.133.92.0/23
212.192.1.0/24
212.193.4.0/24
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
47:84:4c:2a:e8:a0:38:fb:05:f4:3a:2a:94:a1:58:29:d5:bb:
2c:b6:fc:ef:50:12:4a:ab:d2:9d:30:76:01:ad:2a:b6:e3:de:
eb:87:d8:b7:a7:d0:3f:83:b6:ad:6b:2f:1c:2a:da:4d:1a:86:
8a:43:8d:a6:a6:ce:3d:67:6e:f5:76:af:8b:c0:76:5c:7c:93:
5f:8b:4f:91:68:91:88:39:1b:48:4a:5d:4b:29:84:f2:f3:a7:
89:c6:71:d6:fb:b9:f5:cf:6a:4d:2a:e2:ef:14:da:d5:31:dc:
61:38:df:7e:da:10:e4:0e:58:2f:4a:34:22:3d:b6:c4:4a:45:
87:bd:44:b3:74:a0:8c:8f:39:b2:73:b3:45:ec:a6:ee:0a:e3:
5a:47:42:6c:5d:4f:e1:db:83:32:06:8e:65:ea:d4:e5:b8:ac:
c4:e5:5c:06:ca:87:92:62:0c:21:8b:38:83:5f:3f:8b:5a:d9:
48:1b:bd:2c:38:4a:94:f4:69:e3:36:6a:aa:a5:f8:b9:83:9e:
92:45:6a:c2:2e:27:0a:3a:3a:bf:eb:fc:c5:ed:c7:87:3c:7d:
d7:98:77:a2:79:6a:65:35:6d:30:05:77:53:32:2e:9c:93:d2:
a5:67:d3:fa:0e:95:7d:47:62:91:83:25:a0:3a:49:fa:28:71:
e5:43:2c:a9
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY+LQVIwUneNw54tbahxahrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTE4MTAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdlZGRiMWY1NWU2YThiNTIyMzUxOGZkNjcxNDgxMWVjYTUzYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfe6FN4sdBbPi1L1aJ7inGXTJF0q
HLtPZbRzgKSHtyXFi4PBKXeKI/WOBCJN5GdvkRsuwTAvHLg2M7YqOwKQYChheicR
YkZKtLgBtOklLZU5NCEqCzM4bhs7HrYkHOOlRQMKJwFyXWBXg05JdWBSWXZ4YYbY
dkZSHyLlEnRSzbOaMT73x6ClieNqxN11as0/BRRioVNZpJ95ik5ER5ZvkrlDCa82
f6qtC6Q/9OmfNXc43gs8FIv/EDx8lxQSOxE0GNqZL2Sj3nm6AbQX+sCgBlx3XhPR
65kEpHNsdusiXCP3lTZa4XLCrCDttM1BYK1S4a5Anrk1HuMk8kCvwMdgvwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFLl+3bH1XmqLUiNRj9ZxSBHspTsQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVg3ZHNmVmVhb3RTSTFHUDFuRklFZXlsT3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQBwjo4AwQA
wleGAwQAwleNAwQAwlepAwQAwlfGAwQAwlfJAwQAw4UZAwQAw4U2AwQBw4VcAwQA
1MABAwQA1MEEMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOC
AQEAR4RMKuigOPsF9DoqlKFYKdW7LLb871ASSqvSnTB2Aa0qtuPe64fYt6fQP4O2
rWsvHCraTRqGikONpqbOPWdu9Xavi8B2XHyTX4tPkWiRiDkbSEpdSymE8vOnicZx
1vu59c9qTSri7xTa1THcYTjfftoQ5A5YL0o0Ij22xEpFh71Es3SgjI85snOzReym
7grjWkdCbF1P4duDMgaOZerU5bisxOVcBsqHkmIMIYs4g18/i1rZSBu9LDhKlPRp
4zZqqqX4uYOekkVqwi4nCjo6v+v8xe3Hhzx915h3onlqZTVtMAV3UzIunJPSpWfT
+g6VfUdikYMloDpJ+ihx5UMsqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org