Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wJFXu7wWfbSWaspF-SYrj7z-Sug.roa
File: wJFXu7wWfbSWaspF-SYrj7z-Sug.roa (raw, json)
Hash identifier: eW51wDCTvqmXby8z3TVPq0o/RnBp7QQ85Wgaewl5QRQ=
Subject key identifier: C0:91:57:BB:BC:16:7D:B4:96:6A:CA:45:F9:26:2B:8F:BC:FE:4A:E8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186AB175E9C4E92F5747A30E846F9B47CEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wJFXu7wWfbSWaspF-SYrj7z-Sug.roa
Signing time: Sat 04 Mar 2023 05:28:00 +0000
ROA not before: Sat 04 Mar 2023 05:28:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.255.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Mar 2023 14:17:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ab:17:5e:9c:4e:92:f5:74:7a:30:e8:46:f9:b4:7c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 4 05:28:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c09157bbbc167db4966aca45f9262b8fbcfe4ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:a4:5a:b0:9a:f7:57:ae:2b:cb:75:b8:96:
e1:7c:6f:f2:b6:1b:cb:d1:cb:de:dc:cd:8e:fb:89:
a9:9c:11:ac:56:4d:ec:53:41:92:a9:3d:77:f5:3f:
a5:d1:00:70:02:96:d1:73:44:26:54:cd:40:dd:29:
87:80:dc:5b:c2:8c:1c:3f:e9:bd:9a:fd:58:01:d1:
53:c0:d6:e4:a5:c8:3f:95:e0:35:01:ff:78:62:5c:
b7:78:eb:9c:85:72:83:91:8d:bc:95:74:b2:ea:2a:
3a:53:32:0e:5c:9f:98:a1:e3:b4:80:98:2d:13:80:
2b:08:ab:c9:26:83:85:d5:62:f7:8e:21:1e:75:36:
f5:df:9b:49:60:66:cb:df:59:21:43:5b:dc:e6:1d:
81:ce:09:b2:3f:93:be:f0:30:2c:65:40:b4:63:f8:
56:19:a0:fa:78:16:de:a4:90:ad:2a:eb:bd:4a:70:
25:b9:e7:3c:75:e1:94:20:ce:eb:c2:5d:7b:fd:28:
0f:57:be:08:e9:3a:8c:5b:58:fd:a3:aa:4a:69:bc:
ca:61:71:f5:73:fa:d9:d0:ca:b9:28:be:56:5e:37:
fa:9a:a8:c0:20:f2:5e:80:6a:20:49:06:d0:e7:44:
80:85:7e:88:39:6c:2a:d2:8b:a2:db:07:8a:d5:8c:
52:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:91:57:BB:BC:16:7D:B4:96:6A:CA:45:F9:26:2B:8F:BC:FE:4A:E8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wJFXu7wWfbSWaspF-SYrj7z-Sug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.58.154.0/24
194.87.180.0/24
194.87.255.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7b:d9:51:f4:3c:b0:f3:eb:c4:fb:95:6f:95:e1:25:de:e9:
8b:97:c7:69:fc:6e:1e:b4:0d:26:ae:f4:47:d5:df:b7:5e:5e:
70:45:0e:8e:2d:b5:92:85:0c:ce:4e:87:cd:a5:74:35:2a:bf:
ae:01:93:b6:37:5e:67:e0:7d:1a:3a:f3:58:f8:02:e8:a9:53:
69:e7:71:f3:64:f0:63:74:0c:6a:fc:4a:9a:1b:bf:d6:5c:5d:
6b:02:bb:2b:4d:32:55:d6:b0:13:2d:c7:0c:9f:ee:5d:43:68:
ce:e9:ea:3e:cf:5c:d3:9c:1b:9f:58:4c:d0:40:fb:6d:30:59:
82:53:49:7f:8a:41:5b:14:13:6d:12:d4:d3:83:cc:a2:2c:8f:
11:0b:a6:a7:df:35:17:13:a3:3c:7f:83:e7:47:b0:90:ff:26:
8e:94:57:d0:44:cb:67:91:73:0e:9c:05:7d:8b:67:90:6d:30:
41:54:cd:d2:3d:91:69:97:72:c4:f1:c5:00:6c:27:a1:ab:19:
e2:9a:83:ef:b0:92:af:a3:38:c8:30:1e:c9:67:77:94:b6:dd:
2e:b2:73:ba:e2:6d:4a:3f:25:b5:f3:e4:54:85:68:21:82:ef:
9a:1c:70:53:86:eb:c7:85:66:3e:b2:f5:60:3a:6a:39:70:f9:
1c:ab:69:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYarF16cTpL1dHow6Eb5tHzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA0MDUyODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDkxNTdiYmJjMTY3ZGI0OTY2YWNhNDVmOTI2MmI4ZmJjZmU0YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoukWrCa91euK8t1uJbhfG/ythvL
0cve3M2O+4mpnBGsVk3sU0GSqT139T+l0QBwApbRc0QmVM1A3SmHgNxbwowcP+m9
mv1YAdFTwNbkpcg/leA1Af94Yly3eOuchXKDkY28lXSy6io6UzIOXJ+YoeO0gJgt
E4ArCKvJJoOF1WL3jiEedTb135tJYGbL31khQ1vc5h2BzgmyP5O+8DAsZUC0Y/hW
GaD6eBbepJCtKuu9SnAluec8deGUIM7rwl17/SgPV74I6TqMW1j9o6pKabzKYXH1
c/rZ0Mq5KL5WXjf6mqjAIPJegGogSQbQ50SAhX6IOWwq0oui2weK1YxSdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMCRV7u8Fn20lmrKRfkmK4+8/kroMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd0pGWHU3d1dmYlNXYXNwRi1TWXJqN3otU3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwjo9AwQA
wjqaAwQAwle0AwQAwlf/AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQAke9lR9Dyw
8+vE+5VvleEl3umLl8dp/G4etA0mrvRH1d+3Xl5wRQ6OLbWShQzOTofNpXQ1Kr+u
AZO2N15n4H0aOvNY+ALoqVNp53HzZPBjdAxq/EqaG7/WXF1rArsrTTJV1rATLccM
n+5dQ2jO6eo+z1zTnBufWEzQQPttMFmCU0l/ikFbFBNtEtTTg8yiLI8RC6an3zUX
E6M8f4PnR7CQ/yaOlFfQRMtnkXMOnAV9i2eQbTBBVM3SPZFpl3LE8cUAbCehqxni
moPvsJKvozjIMB7JZ3eUtt0usnO64m1KPyW18+RUhWghgu+aHHBThuvHhWY+svVg
Omo5cPkcq2mj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org