Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v5y1i4hELMnJhASSuW3s3xq2ak0.roa
File: v5y1i4hELMnJhASSuW3s3xq2ak0.roa (raw, json)
Hash identifier: PR1Riu5kXTccqaf79CYZHRr3aIVOAZqfdbRbONMw1ow=
Subject key identifier: BF:9C:B5:8B:88:44:2C:C9:C9:84:04:92:B9:6D:EC:DF:1A:B6:6A:4D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186223ED6BA5524AF2A6C9B2CE07D9F0656
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v5y1i4hELMnJhASSuW3s3xq2ak0.roa
Signing time: Sun 05 Feb 2023 15:43:08 +0000
ROA not before: Sun 05 Feb 2023 15:43:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 195.133.75.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 04:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:22:3e:d6:ba:55:24:af:2a:6c:9b:2c:e0:7d:9f:06:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 15:43:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf9cb58b88442cc9c9840492b96decdf1ab66a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:b4:25:81:be:da:77:71:7a:31:4b:fc:ab:
b9:63:77:c9:fd:bb:be:d8:a5:58:17:77:35:94:e1:
e8:7d:85:5c:2b:63:a9:af:db:03:91:13:8f:c2:9b:
d3:33:00:23:d2:0e:42:f8:2b:15:68:3b:f3:25:f4:
70:44:82:9b:1e:0b:c6:8b:3a:d9:78:4b:5c:ca:d4:
2c:09:dc:d5:9a:88:b8:00:ed:d2:00:91:8e:72:24:
39:e1:eb:5a:3c:eb:da:3d:58:0a:a0:b6:3e:43:06:
74:b6:cc:4e:1e:9f:ec:3b:8c:4e:a0:3c:dc:ca:5b:
af:b4:4a:bf:77:59:1b:08:9d:76:af:6e:8b:80:31:
27:94:19:9f:4b:79:fc:27:80:ba:1a:ad:4a:4d:da:
c6:bf:aa:99:99:0a:6f:97:f8:04:07:f0:ad:6a:16:
0e:f3:0d:9d:0e:ec:7a:78:b8:48:13:a5:8c:1e:79:
dc:1e:bc:78:f9:09:e9:ea:13:3e:55:48:a7:e1:bd:
84:01:cc:1a:d7:51:27:c0:73:67:ec:43:5a:4e:d7:
b8:fb:31:2a:3a:ab:90:10:12:cd:22:aa:79:4f:87:
23:e8:53:15:4e:60:2c:bc:2d:19:11:4e:35:30:be:
07:50:21:4f:5c:60:ba:31:05:75:b4:ba:e2:aa:fd:
01:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9C:B5:8B:88:44:2C:C9:C9:84:04:92:B9:6D:EC:DF:1A:B6:6A:4D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v5y1i4hELMnJhASSuW3s3xq2ak0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.62.0/24
194.87.82.0/24
194.87.191.0/24
194.87.219.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d7:8a:2a:02:ee:a7:17:59:d9:4d:a9:c5:e6:2f:d3:af:34:
de:e1:c5:8c:e6:5a:f6:d7:5f:03:38:28:1c:d9:78:18:d5:5a:
34:f3:40:88:8d:4e:83:a5:e0:10:c8:0f:6a:d7:d8:45:a4:34:
c8:c1:63:6b:dc:a9:ab:af:a7:90:4f:c5:1d:1a:b9:23:58:9d:
85:24:1b:d9:97:10:f4:ce:cc:e0:b0:99:1b:75:ad:2b:70:7d:
e6:70:85:b9:a3:92:01:e7:ca:b5:60:d1:cd:01:82:b6:4b:9b:
e1:92:c9:47:c9:bb:85:e1:38:df:38:32:3d:2a:64:6c:51:74:
0d:d5:8c:9c:72:c1:dc:13:56:b5:23:92:8a:41:4b:0a:b5:ed:
c3:4d:50:50:e7:e5:2d:81:3e:80:08:c7:af:ae:bf:78:85:cf:
a6:98:ee:a7:72:a3:83:01:c5:6e:5f:8f:7d:1d:09:35:e1:fc:
7b:e0:44:43:32:f8:40:67:c8:d7:11:f0:52:cf:39:8f:a9:62:
9d:ed:a6:84:55:af:1d:f7:d9:01:43:29:9b:d3:16:7a:1d:78:
04:af:f8:15:a3:8f:ea:a6:6b:d4:e2:2a:e9:e5:84:f1:ee:6f:
48:5b:77:42:89:67:7b:12:b0:ef:ff:09:c3:92:80:1a:ba:6a:
82:d8:7b:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYiPta6VSSvKmybLOB9nwZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA1MTU0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjljYjU4Yjg4NDQyY2M5Yzk4NDA0OTJiOTZkZWNkZjFhYjY2YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqe0JYG+2ndxejFL/Ku5Y3fJ/bu+
2KVYF3c1lOHofYVcK2Opr9sDkROPwpvTMwAj0g5C+CsVaDvzJfRwRIKbHgvGizrZ
eEtcytQsCdzVmoi4AO3SAJGOciQ54etaPOvaPVgKoLY+QwZ0tsxOHp/sO4xOoDzc
yluvtEq/d1kbCJ12r26LgDEnlBmfS3n8J4C6Gq1KTdrGv6qZmQpvl/gEB/CtahYO
8w2dDux6eLhIE6WMHnncHrx4+Qnp6hM+VUin4b2EAcwa11EnwHNn7ENaTte4+zEq
OquQEBLNIqp5T4cj6FMVTmAsvC0ZEU41ML4HUCFPXGC6MQV1tLriqv0BawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL+ctYuIRCzJyYQEkrlt7N8atmpNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdjV5MWk0aEVMTW5KaEFTU3VXM3MzeHEyYWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlc+AwQA
wldSAwQAwle/AwQAwlfbAwQAw4VLMA0GCSqGSIb3DQEBCwUAA4IBAQBg14oqAu6n
F1nZTanF5i/TrzTe4cWM5lr2118DOCgc2XgY1Vo080CIjU6DpeAQyA9q19hFpDTI
wWNr3Kmrr6eQT8UdGrkjWJ2FJBvZlxD0zszgsJkbda0rcH3mcIW5o5IB58q1YNHN
AYK2S5vhkslHybuF4TjfODI9KmRsUXQN1YyccsHcE1a1I5KKQUsKte3DTVBQ5+Ut
gT6ACMevrr94hc+mmO6ncqODAcVuX499HQk14fx74ERDMvhAZ8jXEfBSzzmPqWKd
7aaEVa8d99kBQymb0xZ6HXgEr/gVo4/qpmvU4irp5YTx7m9IW3dCiWd7ErDv/wnD
koAaumqC2HsG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org