Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v0Q65fwrqDsDa48By7oY62nKML4.roa
File: v0Q65fwrqDsDa48By7oY62nKML4.roa (raw, json)
Hash identifier: W+lRmEHGjPXLPQKmK73kG6A4Ssv1nTSAJ1GQZJ77ugM=
Subject key identifier: BF:44:3A:E5:FC:2B:A8:3B:03:6B:8F:01:CB:BA:18:EB:69:CA:30:BE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C7109074CF9F19D4CF5E95E22BFE414A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v0Q65fwrqDsDa48By7oY62nKML4.roa
Signing time: Sat 16 Dec 2023 05:11:06 +0000
ROA not before: Sat 16 Dec 2023 05:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.13.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 04:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:09:07:4c:f9:f1:9d:4c:f5:e9:5e:22:bf:e4:14:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 16 05:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf443ae5fc2ba83b036b8f01cbba18eb69ca30be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:bf:53:82:fa:bf:34:04:67:35:c3:00:5c:
af:60:a0:f2:43:60:2b:a9:d0:e8:20:04:68:3e:66:
22:56:f7:48:98:0e:c5:be:c7:7b:ba:6c:50:8a:d1:
e2:f5:28:73:f9:ba:b3:ae:4d:01:33:c6:ca:ed:8f:
6a:f5:b1:a9:20:59:fb:19:cd:09:ab:df:40:74:95:
1a:47:c9:b4:47:64:90:49:ad:9a:af:3b:26:4e:96:
23:0f:4d:36:2c:3a:0f:c0:48:a8:f8:2b:3f:20:7d:
5b:ab:7c:b3:ac:28:81:cb:49:5f:fe:c8:61:da:70:
4f:51:ed:6a:a6:df:a2:ed:cf:e9:1d:8d:96:b7:29:
bd:f1:7c:59:de:31:41:9f:eb:e6:7b:cc:71:79:a5:
88:6b:c8:0c:24:bb:1b:34:72:fa:46:01:11:3f:71:
33:4c:f9:33:68:95:39:03:ae:79:1c:3e:be:d9:e5:
85:99:d0:fd:87:ff:ce:a8:29:50:36:74:29:dc:7d:
f9:94:53:28:e6:6f:ed:3f:f4:2b:a1:48:bd:48:e9:
6c:cf:c6:0e:98:0b:42:6f:64:d3:30:13:3c:d9:5b:
d6:ae:0e:c0:23:68:24:85:6c:3b:a1:5a:ab:2f:7e:
80:d9:8b:61:80:bd:0a:d2:46:c8:cd:bb:5a:a8:5d:
b6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:44:3A:E5:FC:2B:A8:3B:03:6B:8F:01:CB:BA:18:EB:69:CA:30:BE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v0Q65fwrqDsDa48By7oY62nKML4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.202.0/24
194.87.76.0/24
194.87.208.0/24
195.133.81.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1b:d2:36:94:5c:3f:a7:f4:7b:a6:22:bf:6f:1b:cd:f0:2c:
ba:3d:6d:f7:65:c0:e1:11:d4:5f:2f:92:9e:bb:43:b7:0b:52:
b6:fa:08:ad:c1:f0:01:39:14:f4:75:c4:06:62:4e:29:e6:36:
0b:2c:c4:dc:83:9e:57:42:ab:d7:57:81:48:f1:be:06:26:19:
a9:f1:d1:b8:9a:c5:3d:b5:1a:3f:53:22:19:67:74:a3:ee:8e:
70:cc:f2:03:b9:cb:3e:d7:1c:a5:75:26:4d:0d:04:29:ec:52:
2c:af:9b:6d:89:ae:5b:f3:e2:d3:7d:0a:ae:44:55:88:85:33:
e4:cf:06:2a:05:f2:29:1d:5b:34:0b:37:9c:a2:92:7a:f9:a0:
a0:71:7d:da:e3:70:9b:81:85:f4:b1:4e:46:3a:2b:c9:77:c4:
39:97:30:2b:a3:a6:46:fc:6a:26:15:7a:85:d3:5e:e0:6d:0b:
3f:c5:7f:26:cc:f6:af:95:5c:e8:70:30:e1:57:2a:ee:98:bf:
df:de:9c:45:84:16:9a:56:6c:be:72:02:2b:3f:dd:47:ba:71:
1d:ae:4b:61:1e:27:4c:80:6d:3e:02:88:2d:f9:a5:df:28:67:
a3:8b:f7:31:74:94:32:c4:6c:29:f6:c3:c7:3f:53:0a:1d:fa:
51:a0:bb:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxxCQdM+fGdTPXpXiK/5BSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE2MDUxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQ0M2FlNWZjMmJhODNiMDM2YjhmMDFjYmJhMThlYjY5Y2EzMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHm/U4L6vzQEZzXDAFyvYKDyQ2Ar
qdDoIARoPmYiVvdImA7Fvsd7umxQitHi9Shz+bqzrk0BM8bK7Y9q9bGpIFn7Gc0J
q99AdJUaR8m0R2SQSa2arzsmTpYjD002LDoPwEio+Cs/IH1bq3yzrCiBy0lf/shh
2nBPUe1qpt+i7c/pHY2Wtym98XxZ3jFBn+vme8xxeaWIa8gMJLsbNHL6RgERP3Ez
TPkzaJU5A655HD6+2eWFmdD9h//OqClQNnQp3H35lFMo5m/tP/QroUi9SOlsz8YO
mAtCb2TTMBM82VvWrg7AI2gkhWw7oVqrL36A2YthgL0K0kbIzbtaqF22nQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL9EOuX8K6g7A2uPAcu6GOtpyjC+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdjBRNjVmd3JxRHNEYTQ4Qnk3b1k2Mm5LTUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzKAwQA
wldMAwQAwlfQAwQAw4VRAwQA1MENMA0GCSqGSIb3DQEBCwUAA4IBAQBQG9I2lFw/
p/R7piK/bxvN8Cy6PW33ZcDhEdRfL5Keu0O3C1K2+gitwfABORT0dcQGYk4p5jYL
LMTcg55XQqvXV4FI8b4GJhmp8dG4msU9tRo/UyIZZ3Sj7o5wzPIDucs+1xyldSZN
DQQp7FIsr5ttia5b8+LTfQquRFWIhTPkzwYqBfIpHVs0CzecopJ6+aCgcX3a43Cb
gYX0sU5GOivJd8Q5lzAro6ZG/GomFXqF017gbQs/xX8mzPavlVzocDDhVyrumL/f
3pxFhBaaVmy+cgIrP91HunEdrkthHidMgG0+Aogt+aXfKGeji/cxdJQyxGwp9sPH
P1MKHfpRoLtT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org