Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/waxMczP5AaX8KOjHzQxwn0rKPu8.roa
File: waxMczP5AaX8KOjHzQxwn0rKPu8.roa (raw, json)
Hash identifier: f1tsduGOuV39JVtK36gsxr18wHzEE+m3kplPhLytup4=
Subject key identifier: C1:AC:4C:73:33:F9:01:A5:FC:28:E8:C7:CD:0C:70:9F:4A:CA:3E:EF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187570426015D457E1D2328FB926A6441A0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/waxMczP5AaX8KOjHzQxwn0rKPu8.roa
Signing time: Thu 06 Apr 2023 14:41:42 +0000
ROA not before: Thu 06 Apr 2023 14:41:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.133.23.0/24 maxlen: 24
195.58.48.0/23 maxlen: 23
194.87.196.0/23 maxlen: 23
194.87.106.0/24 maxlen: 24
195.133.5.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.70.0/24 maxlen: 24
194.87.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 06 Oct 2023 14:38:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:04:26:01:5d:45:7e:1d:23:28:fb:92:6a:64:41:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 14:41:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1ac4c7333f901a5fc28e8c7cd0c709f4aca3eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bd:cb:a7:85:4a:fb:5b:b2:83:39:8b:11:a7:
dd:cd:9d:85:a8:dd:9e:20:b1:f3:0f:7b:78:43:84:
55:74:84:38:81:43:d3:16:92:63:53:26:77:3c:fb:
84:c2:51:8c:d6:e4:60:4f:fe:ad:58:31:32:31:67:
09:c5:f8:20:59:26:99:32:dc:e9:46:f8:78:48:e8:
11:63:53:02:ee:03:c5:6c:23:63:a0:08:ee:68:7f:
94:57:c0:2a:49:9a:85:e4:99:6c:0b:3c:8d:9a:13:
76:20:41:66:e0:aa:22:21:c7:e1:92:b7:22:e6:01:
9e:a3:22:57:73:dc:44:95:35:a7:f1:ee:d7:e8:57:
58:37:10:15:bc:da:c6:50:95:ad:fb:51:db:94:53:
e5:8b:2a:d2:ee:34:d8:86:f2:b7:ff:11:e6:53:a8:
c0:16:d4:7f:5d:db:51:52:f5:dc:4d:14:cd:a2:da:
03:1a:bd:9b:f9:1f:ac:7f:88:a8:0b:0e:4c:66:fd:
d4:b8:57:1e:33:54:3a:f3:fa:4c:31:09:1c:e8:6f:
42:bb:c8:e8:29:0d:3a:6a:58:32:73:c6:9a:b4:92:
3b:06:4e:35:ac:3d:04:ab:9d:6c:9d:08:8a:ab:3d:
3f:af:45:0f:e1:ef:8b:14:06:0e:49:18:f6:67:68:
30:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:AC:4C:73:33:F9:01:A5:FC:28:E8:C7:CD:0C:70:9F:4A:CA:3E:EF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/waxMczP5AaX8KOjHzQxwn0rKPu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.48.0/23
194.87.68.0-194.87.70.255
194.87.106.0/24
194.87.196.0/23
194.87.215.0/24
194.135.38.0/24
195.58.37.0/24
195.58.48.0/23
195.133.5.0/24
195.133.8.0/23
195.133.23.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:cb:07:ba:f2:98:70:cb:33:06:f0:9d:0e:ec:18:7b:91:85:
b3:c5:c3:04:84:49:8e:02:e8:3c:11:c0:f4:0b:2c:7b:8e:08:
cd:7d:59:e4:7e:d5:68:a0:de:f9:f1:92:a9:9e:10:49:33:3d:
d7:2b:e7:06:e8:bd:12:a1:f8:57:b3:05:f9:81:57:e9:3e:f0:
32:39:40:ae:94:39:00:ed:5d:1a:10:70:29:f2:c0:63:88:33:
f8:41:ab:07:b2:70:3f:04:47:20:ca:21:59:fa:4c:2a:11:d9:
8e:bb:6d:ad:e4:2d:77:1a:c7:d2:7a:3c:d9:27:fb:eb:b1:0d:
d0:49:90:02:99:eb:86:f9:1a:19:2e:70:33:d4:24:c7:2d:f9:
38:82:e1:5d:95:14:41:81:1a:58:de:22:ad:e5:43:30:cb:5c:
52:f1:a8:0e:84:d9:13:6d:39:6a:1e:f1:94:f0:e4:11:33:80:
20:c1:e3:c9:06:78:30:fb:72:5a:0e:76:32:d9:e8:18:2e:92:
cb:b9:5b:fc:8f:49:2c:ad:81:b3:e9:96:ed:8b:a9:96:e3:b7:
42:f7:07:a1:4a:09:48:5f:39:9b:24:c0:a4:9e:02:94:2f:91:
ed:12:7c:3b:ff:07:f5:41:81:8c:21:3a:00:95:03:bb:8c:2e:
f4:25:f1:68
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYdXBCYBXUV+HSMo+5JqZEGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTQ0MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWFjNGM3MzMzZjkwMWE1ZmMyOGU4YzdjZDBjNzA5ZjRhY2EzZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL3Lp4VK+1uygzmLEafdzZ2FqN2e
ILHzD3t4Q4RVdIQ4gUPTFpJjUyZ3PPuEwlGM1uRgT/6tWDEyMWcJxfggWSaZMtzp
Rvh4SOgRY1MC7gPFbCNjoAjuaH+UV8AqSZqF5JlsCzyNmhN2IEFm4KoiIcfhkrci
5gGeoyJXc9xElTWn8e7X6FdYNxAVvNrGUJWt+1HblFPliyrS7jTYhvK3/xHmU6jA
FtR/XdtRUvXcTRTNotoDGr2b+R+sf4ioCw5MZv3UuFceM1Q68/pMMQkc6G9Cu8jo
KQ06algyc8aatJI7Bk41rD0Eq51snQiKqz0/r0UP4e+LFAYOSRj2Z2gwHQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMGsTHMz+QGl/Cjox80McJ9Kyj7vMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2F4TWN6UDVBYVg4S09qSHpReHduMHJLUHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAwXwHAwQB
wlcwMAwDBALCV0QDBADCV0YDBADCV2oDBAHCV8QDBADCV9cDBADChyYDBADDOiUD
BAHDOjADBADDhQUDBAHDhQgDBADDhRcwDQYJKoZIhvcNAQELBQADggEBAEvLB7ry
mHDLMwbwnQ7sGHuRhbPFwwSESY4C6DwRwPQLLHuOCM19WeR+1Wig3vnxkqmeEEkz
Pdcr5wbovRKh+FezBfmBV+k+8DI5QK6UOQDtXRoQcCnywGOIM/hBqweycD8ERyDK
IVn6TCoR2Y67ba3kLXcax9J6PNkn++uxDdBJkAKZ64b5GhkucDPUJMct+TiC4V2V
FEGBGljeIq3lQzDLXFLxqA6E2RNtOWoe8ZTw5BEzgCDB48kGeDD7cloOdjLZ6Bgu
ksu5W/yPSSytgbPplu2LqZbjt0L3B6FKCUhfOZskwKSeApQvke0SfDv/B/VBgYwh
OgCVA7uMLvQl8Wg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org