Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/NefPjy9YthFCrqVZsc8F30LD0Gk.roa
File: NefPjy9YthFCrqVZsc8F30LD0Gk.roa (raw, json)
Hash identifier: FiGIbCPvjsZqrI45oQwvozRjLsuELFs6Wjo6Zd6AfEU=
Subject key identifier: 35:E7:CF:8F:2F:58:B6:11:42:AE:A5:59:B1:CF:05:DF:42:C3:D0:69
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 01887123CEC111E4F1BD5F401EDC19A0193F
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/NefPjy9YthFCrqVZsc8F30LD0Gk.roa
Signing time: Wed 31 May 2023 09:29:12 +0000
ROA not before: Wed 31 May 2023 09:29:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.8.196.0/22 maxlen: 24
83.136.104.0/21 maxlen: 24
95.141.36.0/23 maxlen: 24
95.141.32.0/20 maxlen: 24
94.198.101.0/24 maxlen: 24
158.58.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 10:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:23:ce:c1:11:e4:f1:bd:5f:40:1e:dc:19:a0:19:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: May 31 09:29:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35e7cf8f2f58b61142aea559b1cf05df42c3d069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6c:6a:97:37:09:2d:b7:be:08:fb:2d:bc:56:
b3:1e:42:3f:1b:75:dc:fd:ea:35:c5:79:d1:db:aa:
dc:c5:34:ac:84:17:02:e0:ce:f2:37:7e:d9:a6:6e:
27:32:b9:1b:1c:52:1b:b9:48:b7:19:63:9b:4a:d1:
6c:fc:c1:98:7c:e6:dc:a1:e5:28:ac:b2:be:13:67:
60:7b:56:70:20:cf:c2:48:b0:60:1c:11:fa:17:69:
52:7f:2d:14:51:9a:a7:a5:83:25:2c:98:49:57:e9:
ae:7b:1c:a4:5d:5b:1f:f2:65:99:0e:82:fd:75:a5:
f7:0b:21:27:6d:a1:98:e5:86:3e:07:fb:49:c3:32:
a0:93:df:a5:c6:71:ff:c1:4a:e5:b9:a2:40:8a:d4:
9b:41:ae:9c:2e:2e:fb:85:a6:99:ab:e5:49:29:cc:
ba:7f:84:8a:8f:f7:b6:d0:5f:7d:ac:b5:0b:9f:2e:
53:2a:2f:ab:de:0b:d7:78:19:71:75:64:8b:80:fa:
71:fe:38:41:9d:40:a1:54:f5:fb:94:08:f7:7c:b5:
57:06:ed:2f:c9:a5:1e:78:16:79:d3:01:9d:e3:4a:
7c:15:79:6c:57:ab:bd:f1:fb:d7:f1:f3:84:df:e9:
1e:06:39:52:ab:5c:e2:69:ac:cd:26:69:6a:98:e9:
b6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E7:CF:8F:2F:58:B6:11:42:AE:A5:59:B1:CF:05:DF:42:C3:D0:69
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/NefPjy9YthFCrqVZsc8F30LD0Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.101.0/24
95.141.32.0/20
158.58.172.0/23
185.8.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:58:a8:13:a4:49:c5:91:12:6c:3d:65:75:4d:83:78:de:e3:
b0:77:e2:15:08:82:ab:59:1f:38:4e:92:2c:a3:0c:6f:f8:6b:
2a:69:eb:27:db:2e:78:69:59:c3:02:e5:8c:57:4e:a0:2d:4a:
fc:08:f1:77:fe:5e:07:3a:9b:dc:58:4a:75:31:49:be:5e:cb:
b2:e4:6a:f0:80:50:e1:42:73:c1:dc:cd:a4:a8:57:0e:f3:08:
37:13:1f:bd:60:c7:c0:8d:51:be:5d:7a:81:9f:d8:79:28:ae:
85:4b:c1:c5:25:4e:9a:1b:83:a3:32:d3:df:e2:43:33:c5:13:
e0:6a:73:ff:c7:66:78:16:c6:82:af:83:c1:96:14:f1:e9:f4:
c2:f5:8a:c7:61:e4:83:3a:06:10:1e:0f:ee:59:63:2b:50:b0:
f8:d5:d4:25:ec:01:38:09:24:c0:64:6c:b5:72:4c:7b:70:1a:
9a:58:19:e8:ab:e2:c0:71:3c:89:67:27:c7:7d:18:57:2c:e5:
42:d4:d4:29:74:24:69:84:f3:c3:ca:a0:0e:f7:3b:3c:38:3d:
b1:c6:59:ad:59:f0:e2:80:d2:b6:8d:ad:61:4c:bb:f3:63:c8:
28:6b:7f:14:84:af:0d:85:92:9f:44:5f:c9:b1:99:6a:c5:c6:
bc:d0:cf:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhxI87BEeTxvV9AHtwZoBk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMwNTMxMDkyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU3Y2Y4ZjJmNThiNjExNDJhZWE1NTliMWNmMDVkZjQyYzNkMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGxqlzcJLbe+CPstvFazHkI/G3Xc
/eo1xXnR26rcxTSshBcC4M7yN37Zpm4nMrkbHFIbuUi3GWObStFs/MGYfObcoeUo
rLK+E2dge1ZwIM/CSLBgHBH6F2lSfy0UUZqnpYMlLJhJV+muexykXVsf8mWZDoL9
daX3CyEnbaGY5YY+B/tJwzKgk9+lxnH/wUrluaJAitSbQa6cLi77haaZq+VJKcy6
f4SKj/e20F99rLULny5TKi+r3gvXeBlxdWSLgPpx/jhBnUChVPX7lAj3fLVXBu0v
yaUeeBZ50wGd40p8FXlsV6u98fvX8fOE3+keBjlSq1ziaazNJmlqmOm2/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDXnz48vWLYRQq6lWbHPBd9Cw9BpMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvTmVmUGp5OVl0aEZDcnFWWnNjOEYzMExEMEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDU4hoAwQA
XsZlAwQEX40gAwQBnjqsAwQCuQjEMA0GCSqGSIb3DQEBCwUAA4IBAQCxWKgTpEnF
kRJsPWV1TYN43uOwd+IVCIKrWR84TpIsowxv+Gsqaesn2y54aVnDAuWMV06gLUr8
CPF3/l4HOpvcWEp1MUm+Xsuy5GrwgFDhQnPB3M2kqFcO8wg3Ex+9YMfAjVG+XXqB
n9h5KK6FS8HFJU6aG4OjMtPf4kMzxRPganP/x2Z4FsaCr4PBlhTx6fTC9YrHYeSD
OgYQHg/uWWMrULD41dQl7AE4CSTAZGy1ckx7cBqaWBnoq+LAcTyJZyfHfRhXLOVC
1NQpdCRphPPDyqAO9zs8OD2xxlmtWfDigNK2ja1hTLvzY8goa38UhK8NhZKfRF/J
sZlqxca80M9u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:56 2024 by rpki-client on console-fra.rpki-client.org