Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9bUyJ76O9vywYBIEnVYACTcfZw.roa
File: w9bUyJ76O9vywYBIEnVYACTcfZw.roa (raw, json)
Hash identifier: Z9M4XsEvI4NuIl+yGRkIwEnsuMCCdmmz/uq4zrS9AiA=
Subject key identifier: C3:D6:D4:C8:9E:FA:3B:DB:F2:C1:80:48:12:75:58:00:24:DC:7D:9C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01911243962918AE3E6A7110E9AB4BEB0D12
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9bUyJ76O9vywYBIEnVYACTcfZw.roa
Signing time: Fri 02 Aug 2024 08:45:04 +0000
ROA not before: Fri 02 Aug 2024 08:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.85.251.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.134.0/23 maxlen: 23
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 10:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:43:96:29:18:ae:3e:6a:71:10:e9:ab:4b:eb:0d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 08:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3d6d4c89efa3bdbf2c180481275580024dc7d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:72:28:0a:f5:55:d9:a8:9b:00:16:e8:d4:be:
73:f9:8a:32:4d:2e:a1:f6:cb:33:42:25:cf:d5:57:
d6:82:a2:e8:15:bb:f6:bb:2c:d6:85:89:da:31:b3:
7f:7e:ca:dd:07:e1:99:ef:bf:df:72:36:f8:85:ac:
7a:ad:c8:1c:fb:9f:d7:66:8a:37:2e:7a:45:4e:f2:
7f:02:cb:f6:77:3c:fa:45:65:0f:3d:5e:60:75:4d:
12:77:96:bd:f1:f0:85:2b:e7:b4:41:c8:79:ad:d8:
3b:da:0f:87:0e:ab:d6:66:63:3a:cb:ce:f7:d1:4a:
b3:87:87:05:03:d3:c3:c6:2d:c4:c0:b8:30:e8:d0:
f9:52:1e:a8:9b:dd:24:5f:56:5d:57:1d:11:2e:e3:
94:40:a8:cf:7f:19:2c:d9:90:a0:0f:66:67:5f:41:
e9:64:29:ac:36:eb:b0:2c:d2:0c:e8:c7:7d:4a:6f:
a4:70:f3:74:38:48:79:e0:7f:55:7c:4e:c7:4a:70:
41:fe:66:a0:f2:22:23:62:84:42:2d:94:bf:29:bd:
35:4d:fe:66:e6:01:ae:2f:04:ff:5a:3f:3a:be:06:
b6:1c:ea:01:41:5e:45:86:ad:c6:c8:1d:1f:04:f5:
99:91:f3:1e:e1:f9:6e:8e:7a:75:dc:a2:7a:5c:5c:
f5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D6:D4:C8:9E:FA:3B:DB:F2:C1:80:48:12:75:58:00:24:DC:7D:9C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/w9bUyJ76O9vywYBIEnVYACTcfZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.251.0/24
194.87.21.0/24
194.87.30.0/24
194.87.114.0/23
194.87.134.0/23
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e7:2f:c2:88:76:0b:97:4b:be:76:ba:6e:b4:0a:49:bd:85:
88:4d:e3:11:91:30:b6:8d:68:a3:c7:fe:c9:b0:2a:60:bf:45:
48:dc:82:ef:93:3f:03:c6:14:9f:40:a0:ad:5d:3c:72:9b:94:
91:c2:69:36:d9:3c:2a:61:be:a2:51:1b:a8:72:5f:75:81:75:
0b:70:a5:72:57:72:b0:fc:32:fa:06:16:9c:ac:23:92:c9:c6:
53:22:40:4f:61:8c:36:5c:d1:dc:39:aa:ab:12:e2:40:c1:41:
f5:61:57:82:2e:bb:dd:d2:37:e7:10:cb:5c:d4:3b:31:5c:a0:
7f:ae:e7:ce:d9:7f:19:a6:d6:35:1b:f9:c3:ca:62:04:c3:7d:
bd:8b:d6:de:17:ff:76:51:7e:75:8d:df:dc:78:6d:ff:69:d6:
5f:5c:4c:7d:d7:53:f0:bc:fe:f7:7d:71:19:7c:e0:97:78:03:
0d:29:44:b3:eb:83:0d:6c:b2:78:7e:f5:a9:51:a5:a6:3e:6b:
82:09:44:3a:4f:f0:af:f9:e1:0b:d2:1b:b1:32:58:ce:6e:c1:
89:61:15:dc:73:37:76:d1:64:92:7b:59:69:1f:98:aa:85:2f:
09:ff:ae:af:52:90:ae:79:40:dc:dd:6a:b8:82:41:27:00:95:
e2:85:ed:2b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZESQ5YpGK4+anEQ6atL6w0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODAyMDg0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q2ZDRjODllZmEzYmRiZjJjMTgwNDgxMjc1NTgwMDI0ZGM3ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3IoCvVV2aibABbo1L5z+YoyTS6h
9sszQiXP1VfWgqLoFbv2uyzWhYnaMbN/fsrdB+GZ77/fcjb4hax6rcgc+5/XZoo3
LnpFTvJ/Asv2dzz6RWUPPV5gdU0Sd5a98fCFK+e0Qch5rdg72g+HDqvWZmM6y873
0Uqzh4cFA9PDxi3EwLgw6ND5Uh6om90kX1ZdVx0RLuOUQKjPfxks2ZCgD2ZnX0Hp
ZCmsNuuwLNIM6Md9Sm+kcPN0OEh54H9VfE7HSnBB/mag8iIjYoRCLZS/Kb01Tf5m
5gGuLwT/Wj86vga2HOoBQV5Fhq3GyB0fBPWZkfMe4flujnp13KJ6XFz1hwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMPW1Mie+jvb8sGASBJ1WAAk3H2cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdzliVXlKNzZPOXZ5d1lCSUVuVllBQ1RjZlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwlX7AwQA
wlcVAwQAwlceAwQBwldyAwQBwleGAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA
1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQAs5y/CiHYLl0u+drputApJvYWITeMRkTC2
jWijx/7JsCpgv0VI3ILvkz8DxhSfQKCtXTxym5SRwmk22TwqYb6iURuocl91gXUL
cKVyV3Kw/DL6BhacrCOSycZTIkBPYYw2XNHcOaqrEuJAwUH1YVeCLrvd0jfnEMtc
1DsxXKB/rufO2X8ZptY1G/nDymIEw329i9beF/92UX51jd/ceG3/adZfXEx911Pw
vP73fXEZfOCXeAMNKUSz64MNbLJ4fvWpUaWmPmuCCUQ6T/Cv+eEL0huxMljObsGJ
YRXcczd20WSSe1lpH5iqhS8J/66vUpCueUDc3Wq4gkEnAJXihe0r
-----END CERTIFICATE-----
Generated at Wed Aug 7 13:00:28 2024 by rpki-client on console-ams.rpki-client.org