Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xep02wiV-Itm-FTpczDGMMS9eW8.roa
File: xep02wiV-Itm-FTpczDGMMS9eW8.roa (raw, json)
Hash identifier: 2GPTjeGGAUePIYvnWYS9CTyxXNgnPL31V+7q7VNL4WQ=
Subject key identifier: C5:EA:74:DB:08:95:F8:8B:66:F8:54:E9:73:30:C6:30:C4:BD:79:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01889B3094D55BA59DE41AF5CE14CE0BBFFB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xep02wiV-Itm-FTpczDGMMS9eW8.roa
Signing time: Thu 08 Jun 2023 13:27:12 +0000
ROA not before: Thu 08 Jun 2023 13:27:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43072
IP address blocks: 194.135.18.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 15:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:30:94:d5:5b:a5:9d:e4:1a:f5:ce:14:ce:0b:bf:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 8 13:27:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5ea74db0895f88b66f854e97330c630c4bd796f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:57:6a:4d:4a:86:cc:8b:83:39:a3:80:94:
9d:b3:1d:f1:55:d4:28:69:f6:3b:aa:b7:7d:6c:7d:
e9:a1:b6:6c:a1:92:45:fb:4a:44:1e:d4:e6:2b:23:
c4:97:9c:cb:58:1d:54:ca:76:00:1f:6e:7a:a8:51:
7b:6b:b3:27:df:7c:3a:46:a9:8a:ea:7d:6a:6c:7f:
07:15:59:03:58:5d:94:f6:78:0a:dc:de:f9:4c:ed:
83:e0:f6:19:22:70:6e:6d:cd:f2:f4:32:7b:48:94:
ec:2e:9c:fd:92:5c:3a:c1:98:d2:f9:92:01:00:7e:
a0:d8:7d:7e:84:43:e8:2e:e7:15:fe:3b:9a:76:cc:
83:ea:5c:ea:0b:6b:d6:69:10:ea:a8:12:99:92:66:
c8:6d:50:50:9c:81:6c:a0:12:57:ae:7c:e6:55:b3:
54:60:56:6c:a4:bd:5b:f6:f8:62:99:bb:dc:14:ab:
fb:d2:6a:fe:53:e1:11:d2:08:f5:f8:2e:0a:4d:26:
13:0b:2f:6e:c1:16:90:8b:e5:85:3d:12:7b:e6:f7:
aa:8a:10:62:1b:db:7a:2d:84:44:ea:19:0f:07:c3:
3b:d5:c3:58:a2:11:a0:a2:a0:d7:ce:5a:34:72:e5:
41:6d:99:cd:40:29:a3:59:85:4d:59:20:3d:68:0d:
f8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:EA:74:DB:08:95:F8:8B:66:F8:54:E9:73:30:C6:30:C4:BD:79:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xep02wiV-Itm-FTpczDGMMS9eW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.180.0/24
194.135.18.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:70:f6:d8:67:d4:72:6a:90:d2:7c:8c:d5:f6:3c:4d:00:cb:
93:c2:f3:4c:b4:0b:f8:fc:c4:c1:54:6b:4c:43:bc:1a:b6:a5:
96:cd:5f:a1:5d:23:c0:d8:00:b8:18:5c:f7:69:39:41:6f:0c:
68:d1:71:d9:9f:aa:3c:57:1f:a0:8b:4b:81:92:25:88:0f:01:
bf:ac:00:05:87:ee:70:e3:2d:e2:18:c4:8c:1d:67:62:85:9e:
09:63:be:e2:5f:40:21:b3:77:a3:68:a3:55:fd:b3:27:1d:58:
0f:70:4d:ba:b3:13:18:fc:51:be:f8:9e:ec:e9:75:52:32:79:
9b:26:5b:65:a7:e5:dd:7b:93:d5:54:51:9c:7a:4b:f4:2d:09:
a5:77:09:d0:f3:20:45:ca:dd:40:a7:a7:4e:a0:33:9f:12:9a:
ea:eb:88:02:26:8d:5a:cd:92:53:5d:f6:8c:12:41:9b:b5:b7:
8b:70:c6:5d:13:38:4f:ae:3d:7d:55:1f:c0:1a:4f:a7:1e:6c:
af:b5:60:ff:c2:31:a7:38:2b:3e:b6:cc:e0:6c:e0:ce:c0:cf:
ea:e4:da:52:bb:dc:97:8c:85:58:f2:94:5b:e2:0a:2f:09:fe:
6c:a3:a2:64:ca:15:15:69:59:bd:47:b0:b9:1f:24:b9:b6:6e:
9a:8a:12:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYibMJTVW6Wd5Br1zhTOC7/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA4MTMyNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWVhNzRkYjA4OTVmODhiNjZmODU0ZTk3MzMwYzYzMGM0YmQ3OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHZXak1KhsyLgzmjgJSdsx3xVdQo
afY7qrd9bH3pobZsoZJF+0pEHtTmKyPEl5zLWB1UynYAH256qFF7a7Mn33w6RqmK
6n1qbH8HFVkDWF2U9ngK3N75TO2D4PYZInBubc3y9DJ7SJTsLpz9klw6wZjS+ZIB
AH6g2H1+hEPoLucV/juadsyD6lzqC2vWaRDqqBKZkmbIbVBQnIFsoBJXrnzmVbNU
YFZspL1b9vhimbvcFKv70mr+U+ER0gj1+C4KTSYTCy9uwRaQi+WFPRJ75veqihBi
G9t6LYRE6hkPB8M71cNYohGgoqDXzlo0cuVBbZnNQCmjWYVNWSA9aA34IQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMXqdNsIlfiLZvhU6XMwxjDEvXlvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGVwMDJ3aVYtSXRtLUZUcGN6REdNTVM5ZVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwsAwQA
wle0AwQAwocSMA0GCSqGSIb3DQEBCwUAA4IBAQANcPbYZ9RyapDSfIzV9jxNAMuT
wvNMtAv4/MTBVGtMQ7watqWWzV+hXSPA2AC4GFz3aTlBbwxo0XHZn6o8Vx+gi0uB
kiWIDwG/rAAFh+5w4y3iGMSMHWdihZ4JY77iX0Ahs3ejaKNV/bMnHVgPcE26sxMY
/FG++J7s6XVSMnmbJltlp+Xde5PVVFGcekv0LQmldwnQ8yBFyt1Ap6dOoDOfEprq
64gCJo1azZJTXfaMEkGbtbeLcMZdEzhPrj19VR/AGk+nHmyvtWD/wjGnOCs+tszg
bODOwM/q5NpSu9yXjIVY8pRb4govCf5so6JkyhUVaVm9R7C5HyS5tm6aihJ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org