Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpCNwpk4yGhmZvIcFZ2rGtW3W3c.roa
File: zpCNwpk4yGhmZvIcFZ2rGtW3W3c.roa (raw, json)
Hash identifier: KSVakqxxNdHEoH1QPhCk+AkYINAqs38KAJjykSyZa/E=
Subject key identifier: CE:90:8D:C2:99:38:C8:68:66:66:F2:1C:15:9D:AB:1A:D5:B7:5B:77
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CEE40EB5212D01378C5F5F7F1AC1CB497
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpCNwpk4yGhmZvIcFZ2rGtW3W3c.roa
Signing time: Tue 09 Jan 2024 12:44:41 +0000
ROA not before: Tue 09 Jan 2024 12:44:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 08:42:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:40:eb:52:12:d0:13:78:c5:f5:f7:f1:ac:1c:b4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 9 12:44:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce908dc29938c8686666f21c159dab1ad5b75b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b7:34:67:d3:b6:e0:73:8c:a8:66:1b:83:1f:
ce:5a:63:c2:eb:ec:d5:7b:2a:e9:c2:a7:34:87:3b:
1f:7c:5c:8b:71:86:c2:0c:0e:2c:21:2f:45:63:e5:
fd:9a:6f:7c:6c:b7:8e:e4:b1:56:3a:2b:a0:55:e5:
3f:09:bd:3d:0f:d4:e9:56:01:41:44:60:49:33:ab:
17:d0:f2:3f:f1:56:f4:75:28:af:97:65:0b:88:a0:
d9:22:71:c8:97:f9:aa:eb:75:ac:2c:68:e3:ae:83:
2f:b4:ee:29:d2:57:ed:79:52:40:5e:f6:1d:1f:09:
13:03:a2:a5:60:ba:fb:64:08:14:09:d9:6f:08:9a:
9a:2f:2b:af:4a:b0:b1:dc:be:3c:01:eb:bf:7a:f8:
44:0e:d9:ec:5b:4a:22:6c:85:e2:5e:2d:18:5f:28:
dd:55:06:c7:d7:10:20:f7:94:4c:49:7e:d1:fd:0f:
0e:6f:e4:e4:03:31:10:a3:a5:b4:3b:26:5f:16:69:
02:50:de:75:d7:03:94:95:60:05:0e:6e:9b:da:e1:
5b:57:fd:b1:e1:40:f3:4d:8b:91:c6:cc:ba:2c:c1:
84:b5:a0:20:89:ef:13:df:6e:ab:0d:7a:e7:ab:b3:
77:66:05:c7:b2:61:a0:f8:be:83:ba:5e:e7:05:b6:
ad:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:90:8D:C2:99:38:C8:68:66:66:F2:1C:15:9D:AB:1A:D5:B7:5B:77
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpCNwpk4yGhmZvIcFZ2rGtW3W3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.90.0/24
193.124.200.0/24
194.58.154.0/24
194.87.190.0/24
194.87.215.0/24
195.58.34.0/24
195.133.6.0/24
195.133.85.0/24
Signature Algorithm: sha256WithRSAEncryption
79:fb:91:be:02:fb:00:93:b8:63:59:01:50:70:d2:2c:3d:2c:
f4:52:80:48:38:76:0b:de:83:cd:08:07:b7:c3:2a:47:02:8e:
d6:5f:67:cf:65:ad:89:3b:f4:dd:a3:e8:55:95:00:22:14:ba:
f1:49:5f:75:22:df:b4:d7:c7:b7:04:fa:22:e9:18:80:52:1a:
3d:0e:da:6b:4b:de:cc:e7:e9:2c:72:25:2e:f6:7f:04:fb:02:
cb:ea:82:6f:b3:8f:96:99:69:98:a7:12:5c:ec:f6:7c:e4:c6:
7c:c2:b3:7d:70:6e:59:17:a7:e1:9f:37:bd:b2:92:ba:80:80:
6f:a5:f2:81:29:0a:c2:ad:7f:12:32:2a:62:f2:af:cd:54:fd:
40:2d:ae:94:30:5d:6b:9a:bc:d1:01:c5:c0:c9:af:d6:78:79:
24:f6:63:82:e4:45:e2:4a:60:54:0d:c2:25:7b:ee:dc:33:01:
d6:78:46:06:44:88:2c:93:82:a4:85:85:81:01:a2:ae:7b:1d:
54:e6:4d:f1:9c:ca:24:06:93:38:64:07:54:60:a7:57:ac:d2:
ab:18:cb:44:8f:e0:46:46:38:15:a7:12:26:85:c1:76:50:f7:
5d:6c:d7:77:64:0f:10:54:99:12:e7:be:8b:73:96:4a:f2:e5:
42:40:60:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzuQOtSEtATeMX19/GsHLSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA5MTI0NDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTkwOGRjMjk5MzhjODY4NjY2NmYyMWMxNTlkYWIxYWQ1Yjc1Yjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7c0Z9O24HOMqGYbgx/OWmPC6+zV
eyrpwqc0hzsffFyLcYbCDA4sIS9FY+X9mm98bLeO5LFWOiugVeU/Cb09D9TpVgFB
RGBJM6sX0PI/8Vb0dSivl2ULiKDZInHIl/mq63WsLGjjroMvtO4p0lfteVJAXvYd
HwkTA6KlYLr7ZAgUCdlvCJqaLyuvSrCx3L48Aeu/evhEDtnsW0oibIXiXi0YXyjd
VQbH1xAg95RMSX7R/Q8Ob+TkAzEQo6W0OyZfFmkCUN511wOUlWAFDm6b2uFbV/2x
4UDzTYuRxsy6LMGEtaAgie8T326rDXrnq7N3ZgXHsmGg+L6Dul7nBbat5wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFM6QjcKZOMhoZmbyHBWdqxrVt1t3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvenBDTndwazR5R2htWnZJY0ZaMnJHdFczVzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwHAwQA
wXxaAwQAwXzIAwQAwjqaAwQAwle+AwQAwlfXAwQAwzoiAwQAw4UGAwQAw4VVMA0G
CSqGSIb3DQEBCwUAA4IBAQB5+5G+AvsAk7hjWQFQcNIsPSz0UoBIOHYL3oPNCAe3
wypHAo7WX2fPZa2JO/Tdo+hVlQAiFLrxSV91It+018e3BPoi6RiAUho9DtprS97M
5+ksciUu9n8E+wLL6oJvs4+WmWmYpxJc7PZ85MZ8wrN9cG5ZF6fhnze9spK6gIBv
pfKBKQrCrX8SMipi8q/NVP1ALa6UMF1rmrzRAcXAya/WeHkk9mOC5EXiSmBUDcIl
e+7cMwHWeEYGRIgsk4KkhYWBAaKuex1U5k3xnMokBpM4ZAdUYKdXrNKrGMtEj+BG
RjgVpxImhcF2UPddbNd3ZA8QVJkS576Lc5ZK8uVCQGCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:31 2024 by rpki-client on console-fra.rpki-client.org