Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wMB1Qe525XUFslqDisZ5nmIK9lw.roa
File: wMB1Qe525XUFslqDisZ5nmIK9lw.roa (raw, json)
Hash identifier: pj37BvVyQMBzxvBs7Zmv/SODpeP+vmP4yiWmsHuhfBA=
Subject key identifier: C0:C0:75:41:EE:76:E5:75:05:B2:5A:83:8A:C6:79:9E:62:0A:F6:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F1BAFC3B65FCDFF80EF9611E939A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wMB1Qe525XUFslqDisZ5nmIK9lw.roa
Signing time: Sun 01 Jan 2023 22:14:55 +0000
ROA not before: Sun 01 Jan 2023 22:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 194.58.42.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 10:58:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f1:ba:fc:3b:65:fc:df:f8:0e:f9:61:1e:93:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0c07541ee76e57505b25a838ac6799e620af65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4d:7a:04:9e:57:d8:bc:2c:d9:38:bd:d1:bb:
35:4f:44:81:4e:dd:4b:9e:42:5c:2f:8d:51:65:14:
8c:e5:95:55:67:bd:a3:b7:c3:b4:ad:19:c7:6d:3c:
f1:5e:8b:12:ee:51:ef:ad:49:99:08:58:a9:57:12:
98:08:5b:da:e9:ca:df:d5:fe:05:8f:ea:18:f3:6b:
86:5c:cd:34:cd:e0:9e:ec:8a:40:ac:7e:fb:70:bb:
6f:c7:06:89:ad:4c:07:c3:78:fa:ad:4d:06:ab:8c:
29:4a:52:75:f3:c7:68:6c:e6:21:cd:f5:5d:e7:ca:
59:72:5d:b3:cb:2b:de:fa:bc:4e:e4:18:b7:6e:cb:
a3:b2:d1:e0:97:4d:06:37:99:a7:93:1e:8f:22:fc:
d2:94:31:70:78:26:b0:36:bb:c0:8e:ab:dc:52:61:
0e:a7:00:70:e9:80:69:8e:33:6c:20:b6:1b:71:84:
4c:cb:26:2f:bf:fc:6f:45:72:d7:e0:ca:e2:6a:98:
1a:16:be:ea:83:ad:62:ac:c2:67:f0:14:bc:f1:14:
ab:eb:37:fe:ae:e5:74:9c:31:d6:1e:98:db:8a:0a:
7b:4b:80:b4:dd:be:83:1a:c2:21:bb:f5:92:91:c5:
b3:d4:3e:ee:e6:d7:0e:cd:1c:1f:49:2e:e5:94:df:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C0:75:41:EE:76:E5:75:05:B2:5A:83:8A:C6:79:9E:62:0A:F6:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wMB1Qe525XUFslqDisZ5nmIK9lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.42.0/24
212.193.10.0/24
Signature Algorithm: sha256WithRSAEncryption
14:c8:29:9e:d2:1b:c6:c9:9c:85:9f:70:20:43:1a:86:a3:a6:
05:1d:e6:bd:b0:db:b8:12:99:40:09:be:ce:f5:7b:b4:04:ef:
83:92:41:8f:1e:47:0a:d9:09:35:75:d9:40:57:b2:43:06:43:
77:78:33:45:3c:cc:d8:14:1a:da:bd:68:7f:e2:60:59:b8:32:
f3:70:7a:d9:7d:be:1b:02:33:c4:c1:be:89:ba:5c:ac:55:a2:
db:ee:2d:0e:5b:8e:92:26:ae:dc:f9:89:85:a3:c4:86:aa:52:
31:3e:ca:8a:d5:f4:18:fd:67:32:7e:f1:15:9f:26:72:2b:e6:
b1:33:dd:04:46:e4:55:41:16:23:24:fd:48:23:de:da:44:c8:
2b:45:6d:01:38:b4:ba:93:c4:fc:6d:3a:32:24:ea:bf:db:15:
5c:b3:ae:96:a2:36:bd:f2:fd:ae:02:68:28:b9:38:ef:da:eb:
a3:95:b5:5d:fc:2e:5d:cd:63:99:36:3d:60:54:ee:b8:d3:4e:
0b:33:8c:c8:48:57:60:5f:d6:6e:c0:9d:9a:dd:37:26:5e:bb:
c1:b6:48:c6:45:af:1e:f5:3d:66:63:dd:f9:e2:97:c9:d2:d9:
13:95:f7:10:a3:7a:57:60:aa:dd:c7:bb:02:51:7f:a6:f5:f7:
6d:9f:8d:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvG6/Dtl/N/4DvlhHpOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMwNzU0MWVlNzZlNTc1MDViMjVhODM4YWM2Nzk5ZTYyMGFmNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk16BJ5X2Lws2Ti90bs1T0SBTt1L
nkJcL41RZRSM5ZVVZ72jt8O0rRnHbTzxXosS7lHvrUmZCFipVxKYCFva6crf1f4F
j+oY82uGXM00zeCe7IpArH77cLtvxwaJrUwHw3j6rU0Gq4wpSlJ188dobOYhzfVd
58pZcl2zyyve+rxO5Bi3bsujstHgl00GN5mnkx6PIvzSlDFweCawNrvAjqvcUmEO
pwBw6YBpjjNsILYbcYRMyyYvv/xvRXLX4MriapgaFr7qg61irMJn8BS88RSr6zf+
ruV0nDHWHpjbigp7S4C03b6DGsIhu/WSkcWz1D7u5tcOzRwfSS7llN84NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMDAdUHuduV1BbJag4rGeZ5iCvZcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd01CMVFlNTI1WFVGc2xxRGlzWjVubUlLOWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjoqAwQA
1MEKMA0GCSqGSIb3DQEBCwUAA4IBAQAUyCme0hvGyZyFn3AgQxqGo6YFHea9sNu4
EplACb7O9Xu0BO+DkkGPHkcK2Qk1ddlAV7JDBkN3eDNFPMzYFBravWh/4mBZuDLz
cHrZfb4bAjPEwb6JulysVaLb7i0OW46SJq7c+YmFo8SGqlIxPsqK1fQY/WcyfvEV
nyZyK+axM90ERuRVQRYjJP1II97aRMgrRW0BOLS6k8T8bToyJOq/2xVcs66Woja9
8v2uAmgouTjv2uujlbVd/C5dzWOZNj1gVO64004LM4zISFdgX9ZuwJ2a3TcmXrvB
tkjGRa8e9T1mY9354pfJ0tkTlfcQo3pXYKrdx7sCUX+m9fdtn41A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org