Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x7JPmr09U7pFIkOLRhQ1JNcV9Ng.roa
File: x7JPmr09U7pFIkOLRhQ1JNcV9Ng.roa (raw, json)
Hash identifier: 6klU04oV+YdCUHvzRdCKy5K3yYQ6TNIbuHhheYsZndA=
Subject key identifier: C7:B2:4F:9A:BD:3D:53:BA:45:22:43:8B:46:14:35:24:D7:15:F4:D8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C349A46E518983FF481CC9E43FC8116A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x7JPmr09U7pFIkOLRhQ1JNcV9Ng.roa
Signing time: Mon 04 Dec 2023 11:32:55 +0000
ROA not before: Mon 04 Dec 2023 11:32:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 195.58.35.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.66.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:9a:46:e5:18:98:3f:f4:81:cc:9e:43:fc:81:16:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 4 11:32:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7b24f9abd3d53ba4522438b46143524d715f4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8f:25:fa:f8:02:81:cd:be:0d:6d:22:03:d7:
36:cc:c7:3c:31:3f:88:e6:2f:4b:fa:62:8a:5f:f0:
b7:50:cf:95:b9:30:6f:88:51:31:3b:b8:0c:70:6b:
66:00:88:b5:0c:fb:01:59:a9:99:a7:96:f7:4f:e6:
a4:e5:b6:75:9d:ea:e0:16:e7:70:6d:7a:2d:7c:aa:
57:03:9d:3d:1a:d7:b6:4d:2d:bc:45:81:0f:0b:02:
e5:36:28:26:46:d0:4b:52:ef:c1:00:84:ec:fd:26:
41:6f:ea:ef:c7:0b:cd:cb:bd:74:2a:67:48:de:9c:
3a:27:f8:a2:96:12:c7:71:54:1f:9f:df:7b:b4:63:
86:22:d3:20:78:09:45:6e:27:8d:c4:5b:16:2f:85:
f0:cb:de:f3:44:08:b0:47:5f:24:ac:e1:24:b6:ff:
3b:46:75:ac:26:d7:d7:c8:47:f1:0a:f1:a4:0f:78:
e1:27:7d:7e:60:52:5a:85:67:a0:ec:ff:3b:65:84:
2d:b5:c8:aa:54:f3:7a:6e:36:0e:31:82:3b:24:11:
88:62:cf:5b:b2:a1:fa:0b:79:8e:98:b4:4c:e0:08:
d2:08:f6:da:fa:26:7f:e8:15:f8:fe:70:1e:b9:bd:
73:c5:56:ff:a1:75:28:6b:df:59:e1:e8:be:54:74:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B2:4F:9A:BD:3D:53:BA:45:22:43:8B:46:14:35:24:D7:15:F4:D8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/x7JPmr09U7pFIkOLRhQ1JNcV9Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.66.0/24
194.87.66.0/24
195.58.35.0/24
195.58.38.0/24
195.133.25.0/24
195.133.27.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
48:5f:e1:c0:b2:50:d3:c5:75:dd:9d:be:66:71:40:19:03:2c:
de:26:8f:b0:e5:62:87:41:be:c8:d8:76:0d:38:c4:0b:41:a3:
11:d0:13:ff:47:63:a6:71:e5:f3:6e:7f:6c:a9:1c:08:3f:2d:
8d:60:32:2a:63:5b:6d:4a:11:88:38:22:27:a8:02:08:53:d4:
b0:ca:4e:0b:bb:b4:1f:e0:c4:10:4c:cd:07:25:1f:3c:28:cd:
05:72:ec:56:ff:6c:3f:55:03:b1:9b:2c:a0:8f:ec:b9:63:ea:
3d:d0:47:12:06:6d:e1:7c:3f:bf:fc:49:ce:a7:4d:89:cd:0c:
2c:83:26:4e:73:25:01:3b:f5:db:0b:93:56:8e:89:5f:a6:bc:
74:f4:04:d6:14:d6:f4:cf:6e:82:86:ba:29:d3:d3:39:3f:16:
ce:eb:34:bb:69:ad:82:a2:0f:61:37:a0:c3:3b:19:85:ac:26:
8d:e8:d6:75:ef:bc:ab:03:e9:47:df:a8:c2:9e:73:d6:42:be:
43:56:93:f5:c1:98:02:ee:e3:0f:b6:43:02:f3:f3:e4:eb:9a:
5a:ac:da:f1:ea:88:6b:bd:9f:a9:47:fd:04:ed:c3:95:bd:6f:
85:56:45:9b:a0:d1:5e:bd:c2:f6:67:02:df:80:8f:99:3f:5a:
0d:95:b9:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYw0mkblGJg/9IHMnkP8gRapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA0MTEzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2IyNGY5YWJkM2Q1M2JhNDUyMjQzOGI0NjE0MzUyNGQ3MTVmNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY8l+vgCgc2+DW0iA9c2zMc8MT+I
5i9L+mKKX/C3UM+VuTBviFExO7gMcGtmAIi1DPsBWamZp5b3T+ak5bZ1nergFudw
bXotfKpXA509Gte2TS28RYEPCwLlNigmRtBLUu/BAITs/SZBb+rvxwvNy710KmdI
3pw6J/iilhLHcVQfn997tGOGItMgeAlFbieNxFsWL4Xwy97zRAiwR18krOEktv87
RnWsJtfXyEfxCvGkD3jhJ31+YFJahWeg7P87ZYQttciqVPN6bjYOMYI7JBGIYs9b
sqH6C3mOmLRM4AjSCPba+iZ/6BX4/nAeub1zxVb/oXUoa99Z4ei+VHTs+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMeyT5q9PVO6RSJDi0YUNSTXFfTYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveDdKUG1yMDlVN3BGSWtPTFJoUTFKTmNWOU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwjpCAwQA
wldCAwQAwzojAwQAwzomAwQAw4UZAwQAw4UbAwQA1MD+MA0GCSqGSIb3DQEBCwUA
A4IBAQBIX+HAslDTxXXdnb5mcUAZAyzeJo+w5WKHQb7I2HYNOMQLQaMR0BP/R2Om
ceXzbn9sqRwIPy2NYDIqY1ttShGIOCInqAIIU9Swyk4Lu7Qf4MQQTM0HJR88KM0F
cuxW/2w/VQOxmyygj+y5Y+o90EcSBm3hfD+//EnOp02JzQwsgyZOcyUBO/XbC5NW
jolfprx09ATWFNb0z26Chrop09M5PxbO6zS7aa2Cog9hN6DDOxmFrCaN6NZ177yr
A+lH36jCnnPWQr5DVpP1wZgC7uMPtkMC8/Pk65parNrx6ohrvZ+pR/0E7cOVvW+F
VkWboNFevcL2ZwLfgI+ZP1oNlbm5
-----END CERTIFICATE-----
Generated at Mon Dec 18 11:49:10 2023 by rpki-client on console-fra.rpki-client.org