Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/cZeqlKQ1VeBoGPDZaA4Oj6iSxLk.roa
File: cZeqlKQ1VeBoGPDZaA4Oj6iSxLk.roa (raw, json)
Hash identifier: 19Wt9lGgWfCYTH1JAKrssOS2bCYf28JXLZQaLNEVnDk=
Subject key identifier: 71:97:AA:94:A4:35:55:E0:68:18:F0:D9:68:0E:0E:8F:A8:92:C4:B9
Certificate issuer: /CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Certificate serial: 018EEB283AA00A4EBCD8244C571E08CF7580
Authority key identifier: FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/cZeqlKQ1VeBoGPDZaA4Oj6iSxLk.roa
Signing time: Wed 17 Apr 2024 08:24:25 +0000
ROA not before: Wed 17 Apr 2024 08:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6694
IP address blocks: 194.247.128.0/19 maxlen: 19
194.247.132.0/24 maxlen: 24
194.247.142.0/24 maxlen: 24
194.247.143.0/24 maxlen: 24
194.247.144.0/24 maxlen: 24
194.247.152.0/24 maxlen: 24
212.5.224.0/19 maxlen: 19
212.5.226.0/24 maxlen: 24
212.5.227.0/24 maxlen: 24
2a04:8240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 May 2024 09:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:28:3a:a0:0a:4e:bc:d8:24:4c:57:1e:08:cf:75:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Validity
Not Before: Apr 17 08:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7197aa94a43555e06818f0d9680e0e8fa892c4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:bc:b6:cc:bd:bc:53:7d:dc:89:ea:c7:39:05:
9b:4a:a3:06:89:06:f9:4c:69:ac:ed:7c:73:72:67:
5f:49:aa:64:a9:3d:9f:94:d0:32:a4:4c:be:39:dd:
42:53:de:0c:38:79:c0:75:97:5f:28:75:1c:fe:a1:
fc:ba:87:a8:23:f4:9f:59:2f:28:96:e7:82:63:8b:
b6:7a:8d:4e:21:26:85:3f:bc:be:cf:2f:c5:b8:b3:
96:0c:0e:2b:e3:1b:d7:7e:02:cf:ce:9a:6d:b8:05:
fd:69:30:8f:85:db:dc:fb:67:7a:2e:81:fa:26:76:
ea:fa:35:a7:f3:e1:3d:88:ea:7e:b2:a0:8c:0f:5a:
ce:36:0d:f2:e2:2e:c3:66:43:76:7c:e9:ca:ba:c5:
0c:dd:0a:1e:08:18:68:79:7b:90:0a:f1:88:12:c3:
81:d2:63:ed:cd:26:ae:4b:f0:7e:e4:3a:83:01:4b:
51:81:f5:55:52:c6:ba:ce:1c:43:68:48:62:96:14:
31:15:25:38:7d:e1:65:ab:93:bb:5e:6a:ea:f7:ff:
31:e8:27:34:b2:04:3e:ac:b8:b9:0f:b2:e4:44:80:
14:db:d6:33:dc:2c:66:4e:93:be:a0:95:b4:08:0c:
dd:5c:75:fd:84:cd:dc:5a:a9:61:80:bb:c6:98:0a:
08:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:97:AA:94:A4:35:55:E0:68:18:F0:D9:68:0E:0E:8F:A8:92:C4:B9
X509v3 Authority Key Identifier:
keyid:FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/cZeqlKQ1VeBoGPDZaA4Oj6iSxLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/_ieWxamFRTLp7WONHDmlQcLYlSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.247.128.0/19
212.5.224.0/19
IPv6:
2a04:8240::/29
Signature Algorithm: sha256WithRSAEncryption
6a:ee:e5:cc:63:e8:53:ce:4b:ce:e5:28:4c:81:b1:f8:e7:b8:
02:6e:35:75:a8:e3:d8:00:e1:ad:a5:1d:93:54:bb:da:1d:67:
6d:98:4e:6a:2a:df:5d:ee:16:ff:7a:31:b2:05:9b:d7:49:e4:
b9:8e:cc:91:d4:e1:e1:08:5c:a5:26:e0:36:40:23:b1:79:77:
9e:ef:89:b3:9d:53:be:ad:7f:a1:f7:b8:24:05:07:b8:d3:e5:
22:8a:5c:a9:27:65:3f:61:f3:d1:3e:93:49:2b:ea:c7:67:d0:
b1:ae:8a:9c:18:09:e5:c5:78:0d:76:eb:00:94:5c:8f:be:0b:
c6:8a:41:ff:38:10:1d:82:68:69:ee:d1:44:91:2f:68:dc:bc:
ef:48:02:98:d6:93:18:e4:21:7a:01:be:20:e1:1e:4f:07:e7:
60:1b:c4:eb:f8:13:b2:ea:4d:f6:41:c1:bb:b6:c2:eb:17:c3:
23:2a:d9:bd:81:c5:c8:b6:c2:50:8a:5c:69:20:c8:a5:eb:f8:
99:2a:26:56:b9:28:5b:17:b0:4c:80:2e:dd:bb:6c:d9:9f:16:
1d:09:de:66:5e:ce:9c:4c:6b:4a:82:6f:46:d4:08:91:d9:34:
2f:13:6c:87:18:89:4f:b5:a1:ab:68:13:8f:04:c6:b5:7d:ed:
c3:79:c5:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7rKDqgCk682CRMVx4Iz3WAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMjc5NmM1YTk4NTQ1MzJlOWVkNjM4ZDFjMzlhNTQxYzJk
ODk1MmMwHhcNMjQwNDE3MDgyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk3YWE5NGE0MzU1NWUwNjgxOGYwZDk2ODBlMGU4ZmE4OTJjNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ly2zL28U33cierHOQWbSqMGiQb5
TGms7XxzcmdfSapkqT2flNAypEy+Od1CU94MOHnAdZdfKHUc/qH8uoeoI/SfWS8o
lueCY4u2eo1OISaFP7y+zy/FuLOWDA4r4xvXfgLPzpptuAX9aTCPhdvc+2d6LoH6
Jnbq+jWn8+E9iOp+sqCMD1rONg3y4i7DZkN2fOnKusUM3QoeCBhoeXuQCvGIEsOB
0mPtzSauS/B+5DqDAUtRgfVVUsa6zhxDaEhilhQxFSU4feFlq5O7Xmrq9/8x6Cc0
sgQ+rLi5D7LkRIAU29Yz3CxmTpO+oJW0CAzdXHX9hM3cWqlhgLvGmAoIlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHGXqpSkNVXgaBjw2WgODo+oksS5MB8GA1UdIwQY
MBaAFP4nlsWphUUy6e1jjRw5pUHC2JUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5Mzgt
MGU0YWIyNjM3YmVkLzEvY1plcWxLUTFWZUJvR1BEWmFBNE9qNmlTeExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5MzgtMGU0YWIyNjM3YmVk
LzEvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFwveAAwQF
1AXgMA0EAgACMAcDBQMqBIJAMA0GCSqGSIb3DQEBCwUAA4IBAQBq7uXMY+hTzkvO
5ShMgbH457gCbjV1qOPYAOGtpR2TVLvaHWdtmE5qKt9d7hb/ejGyBZvXSeS5jsyR
1OHhCFylJuA2QCOxeXee74mznVO+rX+h97gkBQe40+UiilypJ2U/YfPRPpNJK+rH
Z9CxroqcGAnlxXgNdusAlFyPvgvGikH/OBAdgmhp7tFEkS9o3LzvSAKY1pMY5CF6
Ab4g4R5PB+dgG8Tr+BOy6k32QcG7tsLrF8MjKtm9gcXItsJQilxpIMil6/iZKiZW
uShbF7BMgC7du2zZnxYdCd5mXs6cTGtKgm9G1AiR2TQvE2yHGIlPtaGraBOPBMa1
fe3DecUV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:19 2024 by rpki-client on console-fra.rpki-client.org