Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3552lpwr6R-3SDduBfzQ1uK8BA.roa
File: y3552lpwr6R-3SDduBfzQ1uK8BA.roa (raw, json)
Hash identifier: CZ0lGbS4dPHR9/iYqu+fwfQCiiqwkOFglgROsMHupbw=
Subject key identifier: CB:7E:79:DA:5A:70:AF:A4:7E:DD:20:DD:B8:17:F3:43:5B:8A:F0:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D72904F29790B4D489F8FBA5AB666271B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3552lpwr6R-3SDduBfzQ1uK8BA.roa
Signing time: Sun 04 Feb 2024 05:21:16 +0000
ROA not before: Sun 04 Feb 2024 05:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.114.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.179.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 16:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:90:4f:29:79:0b:4d:48:9f:8f:ba:5a:b6:66:27:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 4 05:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb7e79da5a70afa47edd20ddb817f3435b8af010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6a:95:7b:78:cc:96:20:92:04:fd:cc:7d:a1:
e1:16:71:6d:9d:db:30:22:a7:66:ed:04:30:ef:d1:
ef:21:d7:4d:45:14:81:57:72:73:c5:0a:17:ff:ed:
17:95:38:18:c8:b4:b8:b4:0e:e7:51:df:42:0b:55:
81:4e:94:86:50:80:3b:7c:a3:10:11:57:38:5d:d9:
01:3e:14:23:6c:76:b1:84:06:30:f2:82:1e:1b:55:
8a:ba:41:02:bc:b9:62:ab:b5:46:f8:6a:90:a6:4c:
9a:bf:5f:9f:06:08:f4:26:0e:90:1a:82:34:7c:61:
48:6d:5a:f9:b2:f3:49:4e:72:92:98:56:89:af:01:
c1:05:75:15:7f:a9:ed:8f:80:f1:84:eb:21:14:85:
d2:26:1c:e4:7a:b5:f9:d3:7f:2b:13:6a:0d:68:4b:
e1:01:e0:50:d7:aa:43:e6:85:df:83:58:30:c6:7d:
ef:d8:62:e5:f1:7c:ee:13:56:3c:c2:28:cb:6f:55:
e7:86:4c:42:55:5b:c2:f6:51:9d:40:37:7d:ed:53:
19:d2:04:5e:d0:f0:33:46:59:73:ca:35:06:2c:db:
db:b9:08:b5:76:dd:60:42:39:81:56:a6:b8:e5:e9:
11:16:37:b2:8d:ec:81:84:dc:9f:13:a6:a6:f1:8b:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:79:DA:5A:70:AF:A4:7E:DD:20:DD:B8:17:F3:43:5B:8A:F0:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y3552lpwr6R-3SDduBfzQ1uK8BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.84.0/23
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:20:37:fd:76:0a:06:75:24:29:77:5f:1b:29:a8:49:11:c2:
cb:a7:ae:59:3c:b6:a7:f6:3c:9a:54:19:34:ae:f1:1e:c5:4d:
a2:90:b2:39:70:3d:42:ba:38:77:5c:d7:0e:6b:40:2e:39:dc:
01:2e:3a:8c:77:c9:3d:56:47:5b:65:4a:3a:1a:7a:ca:f5:fd:
d5:d7:82:91:3e:c9:89:c3:3a:cc:09:e9:be:d8:40:63:01:3b:
fc:4e:80:8f:dc:a3:91:c5:6b:c7:22:54:ad:7c:39:bb:91:e5:
55:4e:a8:a6:d0:36:42:69:d3:f3:b0:df:d1:77:8d:b4:c7:39:
c0:de:ce:4e:bd:b1:22:ef:f2:f1:c0:69:9f:88:38:22:34:37:
d7:84:46:80:64:f7:95:d5:4e:f7:bc:fa:8c:cf:fc:9e:1a:bc:
3f:cd:0d:5b:cd:66:3a:d3:eb:74:87:b4:fe:ee:ff:17:92:2d:
e5:d8:cc:e5:61:0b:f0:3c:f8:fd:e9:0b:21:5f:54:74:b6:81:
c3:8c:70:0d:e6:49:cd:94:83:a3:0a:23:4b:e6:d5:61:9e:22:
2b:7f:50:7a:3b:70:64:2a:6b:a4:87:31:3d:7b:9a:74:5f:40:
a7:d7:fb:d3:10:0b:69:3d:46:5e:b0:f7:6e:a0:35:20:de:5e:
50:0c:15:f3
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY1ykE8peQtNSJ+Pulq2ZicbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA0MDUyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdlNzlkYTVhNzBhZmE0N2VkZDIwZGRiODE3ZjM0MzViOGFmMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWqVe3jMliCSBP3MfaHhFnFtndsw
Iqdm7QQw79HvIddNRRSBV3JzxQoX/+0XlTgYyLS4tA7nUd9CC1WBTpSGUIA7fKMQ
EVc4XdkBPhQjbHaxhAYw8oIeG1WKukECvLliq7VG+GqQpkyav1+fBgj0Jg6QGoI0
fGFIbVr5svNJTnKSmFaJrwHBBXUVf6ntj4DxhOshFIXSJhzkerX5038rE2oNaEvh
AeBQ16pD5oXfg1gwxn3v2GLl8XzuE1Y8wijLb1XnhkxCVVvC9lGdQDd97VMZ0gRe
0PAzRllzyjUGLNvbuQi1dt1gQjmBVqa45ekRFjeyjeyBhNyfE6am8YsUCQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFMt+edpacK+kft0g3bgX80NbivAQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveTM1NTJscHdyNlItM1NEZHVCZnpRMXVLOEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXbAMEAcJXcgMEAMJXegME
AMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAME
AcOFVAMEANTA3jANBgkqhkiG9w0BAQsFAAOCAQEAjCA3/XYKBnUkKXdfGymoSRHC
y6euWTy2p/Y8mlQZNK7xHsVNopCyOXA9Qro4d1zXDmtALjncAS46jHfJPVZHW2VK
Ohp6yvX91deCkT7JicM6zAnpvthAYwE7/E6Aj9yjkcVrxyJUrXw5u5HlVU6optA2
QmnT87Df0XeNtMc5wN7OTr2xIu/y8cBpn4g4IjQ314RGgGT3ldVO97z6jM/8nhq8
P80NW81mOtPrdIe0/u7/F5It5djM5WEL8Dz4/ekLIV9UdLaBw4xwDeZJzZSDowoj
S+bVYZ4iK39QejtwZCprpIcxPXuadF9Ap9f70xALaT1GXrD3bqA1IN5eUAwV8w==
-----END CERTIFICATE-----
Generated at Wed Feb 7 20:26:36 2024 by rpki-client on console-fra.rpki-client.org