Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wdJrOlU5kghr-OQ8EVp6soI9mrg.roa
File: wdJrOlU5kghr-OQ8EVp6soI9mrg.roa (raw, json)
Hash identifier: g10BjocsAQejs/GB6c0Gu7xmeqOfk1SqT6/zlTZ1g4w=
Subject key identifier: C1:D2:6B:3A:55:39:92:08:6B:F8:E4:3C:11:5A:7A:B2:82:3D:9A:B8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BD2A1704A165B58533F5884425F92E5CC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wdJrOlU5kghr-OQ8EVp6soI9mrg.roa
Signing time: Wed 15 Nov 2023 10:57:57 +0000
ROA not before: Wed 15 Nov 2023 10:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399045
IP address blocks: 194.87.201.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 10:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:a1:70:4a:16:5b:58:53:3f:58:84:42:5f:92:e5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 10:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1d26b3a553992086bf8e43c115a7ab2823d9ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1a:11:cc:94:19:6d:e4:5a:0b:e6:e1:33:f4:
13:b7:a0:23:23:ba:a7:d2:ed:34:e0:99:6e:6d:34:
91:72:6e:9d:8d:07:fc:7c:d1:8a:7b:fc:bd:58:a8:
2b:3e:d6:f0:2f:8f:80:75:1a:44:9f:04:12:dd:d9:
a2:95:de:57:82:30:5f:f8:99:e0:d4:30:c6:9b:0d:
08:9d:e0:a6:2e:d9:f1:a5:5a:38:96:bb:ab:47:25:
d5:d0:87:b6:3c:7f:b3:91:5b:57:f0:fe:22:2a:65:
ef:57:31:ff:ac:b4:ca:5e:a5:ea:c1:52:24:54:5e:
36:88:be:fd:e5:9f:50:be:b5:7c:19:d3:60:6a:bd:
95:a0:27:df:8a:67:28:f5:00:96:71:d6:ea:f6:52:
84:89:4c:4b:42:64:6e:6d:a9:43:18:db:83:0a:9e:
e5:51:21:32:67:79:e6:ed:c9:65:43:40:55:10:af:
75:15:83:63:cf:b0:6a:31:05:2c:38:9e:e3:83:14:
c1:b2:98:be:75:7f:76:70:32:02:40:99:40:76:78:
ab:49:9f:27:6d:ae:e3:03:d7:31:10:9c:a9:b4:91:
fc:82:7a:76:13:ad:47:bb:52:6b:ef:89:b0:ff:a8:
eb:47:a7:d9:ec:49:f3:84:8c:4a:50:8f:83:da:a4:
cd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D2:6B:3A:55:39:92:08:6B:F8:E4:3C:11:5A:7A:B2:82:3D:9A:B8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wdJrOlU5kghr-OQ8EVp6soI9mrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.88.0/23
194.87.128.0/24
194.87.150.0/23
194.87.185.0/24
194.87.201.0/24
194.87.245.0/24
195.58.60.0/24
195.133.24.0/24
195.133.72.0/24
195.133.192.0/24
Signature Algorithm: sha256WithRSAEncryption
11:82:34:02:8a:e3:00:b2:59:8e:01:70:82:31:60:e7:0c:77:
20:9e:0f:c4:57:06:2c:c9:64:00:92:d2:0e:92:19:8b:ac:be:
fc:a2:fe:ca:f5:e3:17:2f:ce:ee:f4:58:2d:f2:3a:b6:ee:79:
2d:04:7b:73:b7:7f:73:00:41:81:21:ff:65:63:23:aa:ee:eb:
93:d8:1b:6d:c9:ed:78:c2:e7:cf:f1:bf:2f:ab:6c:ea:ab:ab:
ff:3d:c4:5d:26:68:38:57:cc:47:bd:e3:a6:c2:bd:26:cb:df:
80:c8:8d:43:0c:35:37:08:7f:b4:8f:6f:70:bc:1f:af:31:29:
f1:37:d1:08:03:ed:58:3e:e6:4d:2d:11:99:82:0a:6c:02:6c:
85:d5:e4:07:a4:0f:a5:eb:62:83:b5:83:03:07:41:4c:28:55:
7d:3f:ed:cf:b5:bf:c5:9c:22:74:85:10:a3:18:18:fd:de:06:
52:5c:9e:25:63:42:37:ab:d8:be:a4:56:71:7c:2f:70:79:ed:
56:1b:a8:2f:58:b5:6c:93:f2:d5:6c:6e:20:92:85:10:94:b4:
9e:d1:a7:b5:6c:c3:00:e1:14:08:81:9e:e9:a5:5b:c1:27:fd:
32:5a:22:3d:7b:3b:62:1c:66:31:ff:02:89:24:3c:1e:8f:ee:
94:62:10:4b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvSoXBKFltYUz9YhEJfkuXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE1MTA1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQyNmIzYTU1Mzk5MjA4NmJmOGU0M2MxMTVhN2FiMjgyM2Q5YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhoRzJQZbeRaC+bhM/QTt6AjI7qn
0u004JlubTSRcm6djQf8fNGKe/y9WKgrPtbwL4+AdRpEnwQS3dmild5XgjBf+Jng
1DDGmw0IneCmLtnxpVo4lrurRyXV0Ie2PH+zkVtX8P4iKmXvVzH/rLTKXqXqwVIk
VF42iL795Z9QvrV8GdNgar2VoCffimco9QCWcdbq9lKEiUxLQmRubalDGNuDCp7l
USEyZ3nm7cllQ0BVEK91FYNjz7BqMQUsOJ7jgxTBspi+dX92cDICQJlAdnirSZ8n
ba7jA9cxEJyptJH8gnp2E61Hu1Jr74mw/6jrR6fZ7EnzhIxKUI+D2qTNYQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMHSazpVOZIIa/jkPBFaerKCPZq4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2RKck9sVTVrZ2hyLU9ROEVWcDZzb0k5bXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwXxfAwQB
wldYAwQAwleAAwQBwleWAwQAwle5AwQAwlfJAwQAwlf1AwQAwzo8AwQAw4UYAwQA
w4VIAwQAw4XAMA0GCSqGSIb3DQEBCwUAA4IBAQARgjQCiuMAslmOAXCCMWDnDHcg
ng/EVwYsyWQAktIOkhmLrL78ov7K9eMXL87u9Fgt8jq27nktBHtzt39zAEGBIf9l
YyOq7uuT2Bttye14wufP8b8vq2zqq6v/PcRdJmg4V8xHveOmwr0my9+AyI1DDDU3
CH+0j29wvB+vMSnxN9EIA+1YPuZNLRGZggpsAmyF1eQHpA+l62KDtYMDB0FMKFV9
P+3Ptb/FnCJ0hRCjGBj93gZSXJ4lY0I3q9i+pFZxfC9wee1WG6gvWLVsk/LVbG4g
koUQlLSe0ae1bMMA4RQIgZ7ppVvBJ/0yWiI9eztiHGYx/wKJJDwej+6UYhBL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org