Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zH3K4gUXAqGbgdgg6riLwegX55I.roa
File: zH3K4gUXAqGbgdgg6riLwegX55I.roa (raw, json)
Hash identifier: GyL5z866Qwb6QyV39p+Dfq9Iy0aFRT6o9NGM6pEp0XI=
Subject key identifier: CC:7D:CA:E2:05:17:02:A1:9B:81:D8:20:EA:B8:8B:C1:E8:17:E7:92
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01887D227EBD6AC69BE32954E0328B04A7B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zH3K4gUXAqGbgdgg6riLwegX55I.roa
Signing time: Fri 02 Jun 2023 17:23:12 +0000
ROA not before: Fri 02 Jun 2023 17:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41944
IP address blocks: 195.133.94.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 04:09:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7d:22:7e:bd:6a:c6:9b:e3:29:54:e0:32:8b:04:a7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 2 17:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7dcae2051702a19b81d820eab88bc1e817e792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:92:b2:51:6f:ac:9e:c1:b7:17:2d:cd:ff:fb:
0f:74:81:89:95:34:a1:64:97:ec:10:1b:35:51:a7:
9b:10:7b:fe:cd:34:e3:0a:e1:c6:4e:dc:7b:f6:da:
4a:c9:89:b3:b9:d0:02:65:57:fe:7a:90:c9:a0:94:
33:11:0d:93:8e:22:49:f5:08:2c:7a:7d:ce:3d:fa:
de:d2:44:d6:fb:62:c2:1e:0e:90:cc:84:0e:5d:3e:
3f:f1:20:d4:13:70:10:25:58:52:9f:73:11:e8:6d:
b1:10:f5:2c:43:07:d4:d7:40:eb:ca:c6:47:07:a5:
79:bc:d4:de:35:3a:17:62:9a:94:e5:45:31:f4:e3:
69:fc:83:1f:00:f1:e3:e6:3c:62:86:77:38:f6:51:
a9:11:a1:19:52:d3:0f:44:26:0d:8c:14:95:2d:c2:
2a:4d:15:e6:87:2a:bf:66:1a:bb:ef:7c:0f:3a:27:
a7:cd:c2:43:7b:3e:1b:49:de:25:c0:ea:0d:4d:1b:
a5:c5:89:4c:48:e6:ce:4a:e6:4d:ed:72:d7:dd:96:
c8:0d:58:f1:ee:58:06:f7:4f:d2:18:75:07:14:76:
3a:65:da:be:25:e0:e6:6a:4b:73:94:7c:35:05:b7:
62:92:3a:fa:0e:88:d0:08:06:80:11:50:34:a2:8d:
dd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7D:CA:E2:05:17:02:A1:9B:81:D8:20:EA:B8:8B:C1:E8:17:E7:92
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zH3K4gUXAqGbgdgg6riLwegX55I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.41.0/24
193.124.205.0/24
194.58.43.0/24
195.133.12.0/24
195.133.94.0/24
212.192.7.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
40:fb:ed:30:91:f6:82:ca:90:5b:33:fc:85:ea:c8:86:09:64:
07:69:5b:8c:80:cc:9d:6a:1d:5e:45:b3:94:12:12:8f:7b:81:
e5:79:f8:f5:9f:58:5b:7d:f8:72:07:db:88:73:f4:bf:14:70:
d6:76:01:90:4a:6c:a8:a0:dc:9d:b6:c6:08:2d:88:f8:e1:25:
d7:fb:56:64:a1:11:d9:f7:72:54:c2:e1:0f:6c:9a:80:8b:5b:
e3:73:e7:5d:86:41:c8:52:b0:03:84:9f:28:d8:ff:18:26:02:
4e:f0:f3:bf:0b:4a:44:a0:94:d3:09:7c:b8:bd:93:88:aa:68:
7b:44:e7:c4:58:a4:99:43:93:e4:65:75:da:f4:44:39:57:24:
29:dd:e0:6a:4c:3b:1f:d4:25:78:91:3d:a5:37:77:3c:8c:4e:
3e:e7:18:e8:93:d9:a0:99:5d:1d:bd:24:d6:37:ab:16:aa:87:
37:39:d3:bf:28:20:42:7d:d0:fe:5c:e9:c7:0b:d2:0a:9a:2d:
22:56:97:0b:ed:da:54:58:6a:da:87:78:29:13:6e:df:69:45:
2b:98:e7:8b:bb:ea:31:bf:6c:54:f9:55:ec:05:5d:ff:63:84:
37:11:b0:6a:ac:8b:37:bb:53:a9:d1:6c:1b:b3:9b:34:02:82:
19:e5:cb:27
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYh9In69asab4ylU4DKLBKexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjAyMTcyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdkY2FlMjA1MTcwMmExOWI4MWQ4MjBlYWI4OGJjMWU4MTdlNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJKyUW+snsG3Fy3N//sPdIGJlTSh
ZJfsEBs1UaebEHv+zTTjCuHGTtx79tpKyYmzudACZVf+epDJoJQzEQ2TjiJJ9Qgs
en3OPfre0kTW+2LCHg6QzIQOXT4/8SDUE3AQJVhSn3MR6G2xEPUsQwfU10DrysZH
B6V5vNTeNToXYpqU5UUx9ONp/IMfAPHj5jxihnc49lGpEaEZUtMPRCYNjBSVLcIq
TRXmhyq/Zhq773wPOienzcJDez4bSd4lwOoNTRulxYlMSObOSuZN7XLX3ZbIDVjx
7lgG90/SGHUHFHY6Zdq+JeDmaktzlHw1Bbdikjr6DojQCAaAEVA0oo3dWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMx9yuIFFwKhm4HYIOq4i8HoF+eSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvekgzSzRnVVhBcUdiZ2RnZzZyaUx3ZWdYNTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwpAwQA
wXzNAwQAwjorAwQAw4UMAwQAw4VeAwQA1MAHAwQA1MAeMA0GCSqGSIb3DQEBCwUA
A4IBAQBA++0wkfaCypBbM/yF6siGCWQHaVuMgMydah1eRbOUEhKPe4Hlefj1n1hb
ffhyB9uIc/S/FHDWdgGQSmyooNydtsYILYj44SXX+1ZkoRHZ93JUwuEPbJqAi1vj
c+ddhkHIUrADhJ8o2P8YJgJO8PO/C0pEoJTTCXy4vZOIqmh7ROfEWKSZQ5PkZXXa
9EQ5VyQp3eBqTDsf1CV4kT2lN3c8jE4+5xjok9mgmV0dvSTWN6sWqoc3OdO/KCBC
fdD+XOnHC9IKmi0iVpcL7dpUWGrah3gpE27faUUrmOeLu+oxv2xU+VXsBV3/Y4Q3
EbBqrIs3u1Op0Wwbs5s0AoIZ5csn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:31 2024 by rpki-client on console-fra.rpki-client.org