Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vwGA5ucKAkD4pAa5KfW5MJ13VG8.roa
File: vwGA5ucKAkD4pAa5KfW5MJ13VG8.roa (raw, json)
Hash identifier: jOQZhajTgvuILCKt7b3r+kVDMvrMj4rQakKPXubBFUI=
Subject key identifier: BF:01:80:E6:E7:0A:02:40:F8:A4:06:B9:29:F5:B9:30:9D:77:54:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A77B70A8136687EC97B5E967C36CC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vwGA5ucKAkD4pAa5KfW5MJ13VG8.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48614
IP address blocks: 195.133.68.0/22 maxlen: 22
194.87.112.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 14 Jun 2024 10:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:77:b7:0a:81:36:68:7e:c9:7b:5e:96:7c:36:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf0180e6e70a0240f8a406b929f5b9309d77546f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:95:8c:6e:35:1f:9b:bb:b8:37:cf:ee:5a:45:
c8:b5:d1:af:97:1d:fd:43:1f:60:67:c2:49:8b:81:
4b:c6:6b:4d:31:f9:f5:d2:33:83:c7:8c:17:e5:98:
a1:d6:57:e1:42:9a:c1:b8:64:96:3d:fe:46:0f:b7:
0a:10:f2:9d:e9:83:2f:56:83:bc:4e:1e:4e:84:0a:
81:bf:7b:d9:9a:9f:75:9c:75:e4:17:9a:5c:72:58:
90:2d:ff:7b:60:a2:fc:1f:83:f1:67:6a:46:f1:ca:
8f:3b:d8:22:75:71:41:79:98:5c:53:c1:45:4c:a6:
2c:62:04:fa:48:4a:5f:ae:d8:9f:b5:61:1a:3a:e8:
1a:20:14:47:ad:9c:d4:89:66:68:19:d0:2b:bd:73:
18:3e:05:a3:22:c7:25:34:1d:21:0d:9b:72:87:26:
e1:87:03:3a:b6:44:9f:42:ac:3a:72:fd:78:e5:72:
3c:22:a9:52:4d:cf:c4:34:94:c4:0e:23:ec:94:f8:
ab:3b:a2:b4:0c:35:04:90:63:39:bc:26:2c:08:a6:
1e:99:00:57:3f:87:70:c4:c5:df:86:8b:a7:58:42:
48:c7:e8:b6:f1:62:ae:e7:87:6c:01:27:92:5a:35:
6e:0a:6b:05:ef:66:8e:e5:97:86:3a:f7:18:af:f3:
ab:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:01:80:E6:E7:0A:02:40:F8:A4:06:B9:29:F5:B9:30:9D:77:54:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vwGA5ucKAkD4pAa5KfW5MJ13VG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.112.0/23
195.133.68.0/22
Signature Algorithm: sha256WithRSAEncryption
14:6c:a6:15:78:22:d9:ff:d6:d5:71:1f:8e:1c:82:2a:88:63:
c6:6c:f8:a5:b8:96:5c:d1:ae:2a:ed:cc:41:f4:16:a9:34:60:
0d:21:5d:ab:ed:dd:c1:8c:4c:8f:5e:36:70:70:cd:dd:51:a2:
ff:72:ef:06:e2:a3:57:92:23:0b:a1:7f:1f:7e:71:7a:cb:53:
a6:fb:63:e3:f4:e2:54:e1:50:66:6f:0b:61:d3:be:b4:2c:a1:
61:31:98:b7:19:60:cf:fa:e3:34:be:1a:96:3a:e4:ff:0a:67:
8d:bd:f7:f0:b7:c8:88:d0:21:a8:fd:29:22:d5:ae:c9:47:32:
3f:a9:90:cf:4a:90:39:34:6e:00:b6:b6:0d:02:f3:97:76:8e:
f5:6b:e8:0c:07:ca:d9:0b:e2:83:dd:cf:7b:2f:11:bf:fb:0c:
3d:19:1b:37:e1:9b:57:d0:82:16:8b:c5:a5:84:07:16:ed:8d:
af:34:4a:1a:59:8d:3d:2f:ee:d9:66:c8:98:c5:b7:19:86:f2:
3c:52:05:03:7f:cd:f8:43:2e:51:9e:5e:91:86:66:9a:51:c1:
d7:f7:a4:ed:bf:cc:a3:83:54:62:64:87:f7:99:2a:4d:a2:ab:
ab:63:49:43:b8:a0:05:67:fa:b2:48:e0:c9:f6:96:11:23:b2:
6a:73:a7:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKne3CoE2aH7Je16WfDbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjAxODBlNmU3MGEwMjQwZjhhNDA2YjkyOWY1YjkzMDlkNzc1NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpWMbjUfm7u4N8/uWkXItdGvlx39
Qx9gZ8JJi4FLxmtNMfn10jODx4wX5Zih1lfhQprBuGSWPf5GD7cKEPKd6YMvVoO8
Th5OhAqBv3vZmp91nHXkF5pccliQLf97YKL8H4PxZ2pG8cqPO9gidXFBeZhcU8FF
TKYsYgT6SEpfrtiftWEaOugaIBRHrZzUiWZoGdArvXMYPgWjIsclNB0hDZtyhybh
hwM6tkSfQqw6cv145XI8IqlSTc/ENJTEDiPslPirO6K0DDUEkGM5vCYsCKYemQBX
P4dwxMXfhounWEJIx+i28WKu54dsASeSWjVuCmsF72aO5ZeGOvcYr/OrhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8BgObnCgJA+KQGuSn1uTCdd1RvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdndHQTV1Y0tBa0Q0cEFhNUtmVzVNSjEzVkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwldwAwQC
w4VEMA0GCSqGSIb3DQEBCwUAA4IBAQAUbKYVeCLZ/9bVcR+OHIIqiGPGbPiluJZc
0a4q7cxB9BapNGANIV2r7d3BjEyPXjZwcM3dUaL/cu8G4qNXkiMLoX8ffnF6y1Om
+2Pj9OJU4VBmbwth0760LKFhMZi3GWDP+uM0vhqWOuT/CmeNvffwt8iI0CGo/Ski
1a7JRzI/qZDPSpA5NG4AtrYNAvOXdo71a+gMB8rZC+KD3c97LxG/+ww9GRs34ZtX
0IIWi8WlhAcW7Y2vNEoaWY09L+7ZZsiYxbcZhvI8UgUDf834Qy5Rnl6RhmaaUcHX
96Ttv8yjg1RiZIf3mSpNoqurY0lDuKAFZ/qySODJ9pYRI7Jqc6ea
-----END CERTIFICATE-----
Generated at Fri Jun 14 13:48:52 2024 by rpki-client on console-fra.rpki-client.org