Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ySN6F1EMvOwBegJmDkCe20yT_6c.roa
File: ySN6F1EMvOwBegJmDkCe20yT_6c.roa (raw, json)
Hash identifier: /YrN4MOzaIHxcvx49eRBdB0wXXdopb4L9XrIae4sEmU=
Subject key identifier: C9:23:7A:17:51:0C:BC:EC:01:7A:02:66:0E:40:9E:DB:4C:93:FF:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C7DDB31DC743169C85CB44B1539EE6A2E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ySN6F1EMvOwBegJmDkCe20yT_6c.roa
Signing time: Mon 18 Dec 2023 16:56:06 +0000
ROA not before: Mon 18 Dec 2023 16:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 10:03:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:db:31:dc:74:31:69:c8:5c:b4:4b:15:39:ee:6a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 18 16:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9237a17510cbcec017a02660e409edb4c93ffa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d8:e8:c1:1f:17:bc:49:f6:2e:5a:09:54:8e:
6a:de:8a:7d:81:c8:7d:9e:f7:93:19:99:e3:45:46:
40:2d:7e:1c:df:75:c3:bc:9b:0b:1c:a2:f7:23:c7:
b6:46:17:cc:91:b0:c2:f0:93:76:ba:ce:c2:ac:34:
c3:40:43:93:61:1c:03:c8:a8:a7:77:68:21:0c:5c:
3d:af:30:64:ff:96:f3:0a:70:f4:25:82:e4:65:ea:
e0:29:4f:89:f9:6c:f7:06:6f:c0:a5:dd:3b:eb:3f:
07:cf:43:cf:f0:60:f1:46:cf:84:f2:97:c2:3e:16:
03:25:d8:85:d5:63:e0:24:be:4c:8a:2e:a0:a1:d8:
44:e1:95:84:cf:69:80:38:3a:b5:e5:d5:2d:96:fd:
71:81:8b:ac:45:d2:1c:84:b8:9e:19:36:4b:42:5b:
27:ee:7b:f5:5f:a7:34:8c:05:5b:e4:a6:0e:61:b7:
e0:d9:73:a8:a8:54:93:2e:16:79:a5:40:b8:3b:44:
5a:86:3a:90:9d:da:09:d9:66:2b:09:fd:77:2a:f3:
df:68:34:9a:bc:a8:b4:aa:a6:81:84:0a:1e:70:eb:
7e:66:93:0a:8d:76:3b:8f:fd:75:c6:74:f6:ee:a2:
41:ca:2e:f6:bd:88:57:fe:02:b9:46:2a:5b:53:b2:
12:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:23:7A:17:51:0C:BC:EC:01:7A:02:66:0E:40:9E:DB:4C:93:FF:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ySN6F1EMvOwBegJmDkCe20yT_6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.90.0/24
193.124.200.0/24
194.58.154.0/24
194.87.190.0/24
194.87.215.0/24
195.133.6.0/24
212.192.217.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d5:c4:76:2f:c6:5e:4b:72:52:21:e0:04:17:6e:4e:13:89:
25:3f:00:60:cf:1f:05:3b:e7:db:ce:0a:85:a4:e6:70:57:e1:
a8:3f:44:61:48:63:24:2c:1b:3f:08:7c:d8:82:7b:83:73:04:
c0:58:64:6b:29:41:48:5d:3d:c8:53:8d:bc:98:1f:7c:13:9e:
a2:2a:61:29:7b:4a:45:f2:77:8b:6b:3b:0d:e6:b2:80:10:d0:
ea:ff:ce:32:9e:c4:58:43:bb:3b:30:87:f8:50:3f:6a:6a:d3:
9e:d5:08:e7:f4:d2:d7:b1:12:bf:21:b5:11:3b:19:df:09:76:
9d:09:c0:83:c0:4d:f2:d1:68:cd:2e:6f:5e:1d:27:6e:5c:45:
d2:dc:19:77:0d:e0:52:bb:cb:35:ea:a4:59:a6:f2:f5:c3:e0:
a1:aa:10:75:e5:b6:f1:e1:a7:27:50:10:21:a2:d9:4a:6d:e3:
c8:cb:bd:2d:9e:fb:47:7a:25:39:c0:ae:87:47:69:61:c2:5a:
8f:d0:a6:f8:ce:5f:ee:b7:b6:57:1b:d3:fd:a6:2d:e3:2f:8e:
5a:cb:e5:0f:3d:2b:be:59:b5:7d:20:38:d9:0d:42:de:2c:b1:
67:a7:f6:64:f5:f9:48:37:50:99:28:15:4f:65:75:bd:ac:16:
01:34:b0:b4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYx92zHcdDFpyFy0SxU57mouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjE4MTY1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTIzN2ExNzUxMGNiY2VjMDE3YTAyNjYwZTQwOWVkYjRjOTNmZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0djowR8XvEn2LloJVI5q3op9gch9
nveTGZnjRUZALX4c33XDvJsLHKL3I8e2RhfMkbDC8JN2us7CrDTDQEOTYRwDyKin
d2ghDFw9rzBk/5bzCnD0JYLkZergKU+J+Wz3Bm/Apd076z8Hz0PP8GDxRs+E8pfC
PhYDJdiF1WPgJL5Mii6godhE4ZWEz2mAODq15dUtlv1xgYusRdIchLieGTZLQlsn
7nv1X6c0jAVb5KYOYbfg2XOoqFSTLhZ5pUC4O0RahjqQndoJ2WYrCf13KvPfaDSa
vKi0qqaBhAoecOt+ZpMKjXY7j/11xnT27qJByi72vYhX/gK5RipbU7ISlQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMkjehdRDLzsAXoCZg5AnttMk/+nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveVNONkYxRU12T3dCZWdKbURrQ2UyMHlUXzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwHAwQA
wXxaAwQAwXzIAwQAwjqaAwQAwle+AwQAwlfXAwQAw4UGAwQA1MDZMA0GCSqGSIb3
DQEBCwUAA4IBAQAo1cR2L8ZeS3JSIeAEF25OE4klPwBgzx8FO+fbzgqFpOZwV+Go
P0RhSGMkLBs/CHzYgnuDcwTAWGRrKUFIXT3IU428mB98E56iKmEpe0pF8neLazsN
5rKAENDq/84ynsRYQ7s7MIf4UD9qatOe1Qjn9NLXsRK/IbUROxnfCXadCcCDwE3y
0WjNLm9eHSduXEXS3Bl3DeBSu8s16qRZpvL1w+ChqhB15bbx4acnUBAhotlKbePI
y70tnvtHeiU5wK6HR2lhwlqP0Kb4zl/ut7ZXG9P9pi3jL45ay+UPPSu+WbV9IDjZ
DULeLLFnp/Zk9flIN1CZKBVPZXW9rBYBNLC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org