Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vNOeqdchoDGhxRRDM-UySc9NzAk.roa
File: vNOeqdchoDGhxRRDM-UySc9NzAk.roa (raw, json)
Hash identifier: HDY33mvM/OA4Sgs026jX3zWF4dwRAIkSyZRPVN90BFI=
Subject key identifier: BC:D3:9E:A9:D7:21:A0:31:A1:C5:14:43:33:E5:32:49:CF:4D:CC:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BD12B00538224527547F2349DB7311771
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vNOeqdchoDGhxRRDM-UySc9NzAk.roa
Signing time: Wed 15 Nov 2023 04:08:58 +0000
ROA not before: Wed 15 Nov 2023 04:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:2b:00:53:82:24:52:75:47:f2:34:9d:b7:31:17:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 04:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcd39ea9d721a031a1c5144333e53249cf4dcc09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:ce:a2:3f:0a:c7:83:e8:7c:b2:d2:d3:a3:
09:49:cc:df:b8:78:97:74:33:6e:e4:17:d7:5c:24:
72:ef:f5:f8:ae:db:65:4e:e6:04:6b:12:6e:96:ad:
1b:cd:16:e4:7b:09:78:27:e9:ce:4c:b9:f4:38:6a:
9b:03:e6:5e:60:e6:6f:c9:b6:3b:cc:87:7d:56:3c:
e6:bf:4d:7d:62:5a:dc:e9:06:e7:6e:c1:9e:5c:a6:
c1:1f:d3:b5:08:d1:f1:1a:f5:c5:08:1f:ab:9e:16:
c1:77:c9:be:ba:c1:ff:e0:03:ae:15:ec:83:2d:3c:
5f:04:cd:d8:83:22:b5:6f:66:5d:c6:24:ad:47:63:
f7:4c:29:44:12:1f:cf:67:b2:13:86:e7:5c:58:6b:
00:bb:a8:a1:ca:15:4d:1e:fc:1a:5d:ac:43:ba:04:
90:76:35:f5:6e:dc:f9:f3:c9:1a:0f:1c:09:64:50:
b3:b5:f1:e7:69:e1:81:a8:0c:bc:e9:8f:6d:7f:32:
53:c5:8b:d0:b6:ea:2a:26:e3:d9:e3:7f:3d:e9:73:
06:0b:d4:2d:49:07:cc:35:02:b7:96:69:d1:ed:3c:
61:fa:b5:5b:1c:01:c1:b2:4f:3b:6d:76:d6:e7:10:
82:22:4d:2e:0c:8e:b1:f5:30:c6:94:ac:75:84:b7:
41:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:9E:A9:D7:21:A0:31:A1:C5:14:43:33:E5:32:49:CF:4D:CC:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vNOeqdchoDGhxRRDM-UySc9NzAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.58.223.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.26.0/23
195.133.30.0/24
195.133.83.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0f:16:3f:13:43:5a:25:0a:95:b9:d0:c1:b6:b7:28:ff:91:
e7:67:fd:3a:72:30:ab:19:64:56:0d:df:8c:2a:13:6f:da:d3:
5e:fe:bb:62:6c:c6:6f:07:0f:8f:ab:6a:9a:b5:13:90:c9:d9:
2d:9f:47:b1:58:85:70:83:c0:51:c9:e0:cf:32:ef:87:27:6e:
72:74:88:88:46:92:58:8d:cf:89:a3:4e:db:f6:5d:cf:05:51:
38:0f:f7:a0:04:5c:f6:97:f7:29:17:29:59:4b:ac:e8:d1:4e:
50:27:28:1b:9d:09:3e:8b:53:7a:58:01:bf:48:67:4d:24:6f:
f6:e9:19:ee:15:64:d6:ec:d6:47:0a:fb:b1:40:67:a3:71:aa:
ed:30:1e:8d:c2:b8:cd:1b:a7:c1:e3:2a:8c:66:04:ff:84:bd:
f1:02:bd:12:64:79:a4:2f:1c:a4:87:d0:4b:8b:5f:c7:c4:ed:
1c:df:d0:99:1a:e1:f3:9d:6f:a2:db:5e:58:ab:eb:ee:80:80:
97:34:ad:52:98:7d:d8:6f:d4:33:d4:c7:47:18:a0:4a:aa:b7:
40:0b:09:ee:a8:55:6d:95:03:0e:1e:57:58:c5:98:53:80:8e:
62:14:17:dc:d5:57:d0:47:4e:16:37:84:40:5d:61:54:6e:ae:
4d:ed:ae:0f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYvRKwBTgiRSdUfyNJ23MRdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE1MDQwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QzOWVhOWQ3MjFhMDMxYTFjNTE0NDMzM2U1MzI0OWNmNGRjYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRTOoj8Kx4PofLLS06MJSczfuHiX
dDNu5BfXXCRy7/X4rttlTuYEaxJulq0bzRbkewl4J+nOTLn0OGqbA+ZeYOZvybY7
zId9Vjzmv019Ylrc6QbnbsGeXKbBH9O1CNHxGvXFCB+rnhbBd8m+usH/4AOuFeyD
LTxfBM3YgyK1b2ZdxiStR2P3TClEEh/PZ7IThudcWGsAu6ihyhVNHvwaXaxDugSQ
djX1btz588kaDxwJZFCztfHnaeGBqAy86Y9tfzJTxYvQtuoqJuPZ43896XMGC9Qt
SQfMNQK3lmnR7Txh+rVbHAHBsk87bXbW5xCCIk0uDI6x9TDGlKx1hLdBpwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLzTnqnXIaAxocUUQzPlMknPTcwJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdk5PZXFkY2hvREdoeFJSRE0tVXlTYzlOekFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwPAwQA
wXwYAwQAwjrfAwQAwlcdAwQAwld7AwQAwodoAwQBw4UaAwQAw4UeAwQAw4VTMA0G
CSqGSIb3DQEBCwUAA4IBAQBADxY/E0NaJQqVudDBtrco/5HnZ/06cjCrGWRWDd+M
KhNv2tNe/rtibMZvBw+Pq2qatROQydktn0exWIVwg8BRyeDPMu+HJ25ydIiIRpJY
jc+Jo07b9l3PBVE4D/egBFz2l/cpFylZS6zo0U5QJygbnQk+i1N6WAG/SGdNJG/2
6RnuFWTW7NZHCvuxQGejcartMB6NwrjNG6fB4yqMZgT/hL3xAr0SZHmkLxykh9BL
i1/HxO0c39CZGuHznW+i215Yq+vugICXNK1SmH3Yb9Qz1MdHGKBKqrdACwnuqFVt
lQMOHldYxZhTgI5iFBfc1VfQR04WN4RAXWFUbq5N7a4P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org