Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/eVg0nqrUofqYsymXAhzrmuR6syE.roa
File: eVg0nqrUofqYsymXAhzrmuR6syE.roa (raw, json)
Hash identifier: mI78+lGflrcMsM66nV4NG/Zxqzn5YZp7Sm9LAp1VXpM=
Subject key identifier: 79:58:34:9E:AA:D4:A1:FA:98:B3:29:97:02:1C:EB:9A:E4:7A:B3:21
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019108C6B0BF304BA9519FEEA834409D41BA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/eVg0nqrUofqYsymXAhzrmuR6syE.roa
Signing time: Wed 31 Jul 2024 12:32:04 +0000
ROA not before: Wed 31 Jul 2024 12:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 185.197.74.0/24 maxlen: 24
185.230.143.0/24 maxlen: 24
193.188.20.0/24 maxlen: 24
193.188.21.0/24 maxlen: 24
193.188.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 11:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:c6:b0:bf:30:4b:a9:51:9f:ee:a8:34:40:9d:41:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jul 31 12:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7958349eaad4a1fa98b32997021ceb9ae47ab321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3d:a7:89:b2:37:a2:f7:c2:5e:a7:ee:a8:d8:
74:b2:48:1c:6f:23:e8:80:42:e1:35:4e:80:6d:47:
61:b5:e8:5d:90:61:2d:c1:12:6f:59:d0:da:d3:2e:
8c:b5:11:5c:e0:7c:1b:ae:10:67:c5:2c:0a:55:a1:
2a:e7:a5:b2:16:17:0f:59:f8:81:90:80:ea:06:77:
62:7b:d4:b7:a0:9b:86:6a:ff:94:bf:e6:e6:e1:38:
cf:05:0d:71:d9:f0:4d:f9:2c:7e:95:c8:9a:95:9c:
9a:c1:3b:40:9c:91:77:ff:76:78:0a:0e:07:43:57:
89:7c:b8:1a:aa:5f:a4:ff:42:be:43:4a:c5:78:a1:
2b:77:9a:9e:db:ef:53:51:c5:0b:b0:fb:db:07:42:
a6:dc:f5:86:34:24:cf:9f:db:23:43:21:4a:69:c0:
65:86:06:bd:30:fc:2c:8a:fc:05:ea:d0:2c:9c:1d:
ad:98:88:d7:78:a9:cf:d5:65:31:85:7c:42:96:b9:
fd:cf:77:19:69:33:61:c3:57:b1:a3:a8:60:15:46:
02:6e:4e:b2:81:c5:ce:5a:ec:13:5c:83:ab:94:3e:
23:62:3c:6b:c0:5b:69:30:86:68:0f:9a:69:fe:2d:
72:28:3a:c5:ca:71:c5:57:8b:79:c7:67:43:a5:15:
5f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:58:34:9E:AA:D4:A1:FA:98:B3:29:97:02:1C:EB:9A:E4:7A:B3:21
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/eVg0nqrUofqYsymXAhzrmuR6syE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.74.0/24
185.230.143.0/24
193.188.20.0-193.188.22.255
Signature Algorithm: sha256WithRSAEncryption
81:1c:c3:9a:0e:ad:0c:17:e0:98:dd:c9:39:6a:61:40:c2:8c:
4a:00:72:47:e5:95:e0:eb:dc:64:2e:ad:93:24:66:68:01:17:
3e:c9:d3:5f:de:c9:1a:02:06:cf:29:10:a4:5d:25:19:c1:24:
b7:9c:0c:23:91:c1:47:de:ff:77:04:d4:81:65:4e:53:13:de:
a6:b4:1a:2a:d4:76:38:83:61:29:7f:3a:12:2b:47:ac:56:ea:
f1:6b:6c:eb:97:0b:48:95:3e:d7:69:90:64:77:db:74:f2:59:
96:7f:94:20:ae:c5:79:43:31:ce:bc:59:c9:23:03:bc:66:34:
6f:7d:36:9b:d2:43:e6:ec:18:b4:57:e6:02:68:c4:a3:cd:38:
23:d9:92:77:0c:74:e8:10:aa:c5:a6:3a:74:e5:79:46:08:19:
b4:2e:00:68:de:1f:42:33:4b:10:de:e9:18:80:f1:d9:fa:c2:
02:89:15:01:54:04:c9:9a:08:c5:21:be:17:83:56:9d:77:c5:
c6:6f:98:09:8e:41:06:05:38:8b:df:9a:a5:fc:24:c6:8a:e1:
ed:d0:40:97:24:27:f4:01:70:e8:28:57:2f:3f:62:f9:6a:a5:
58:56:53:db:ce:42:08:22:0f:aa:25:54:4b:86:7d:d9:93:c7:
65:71:02:3a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZEIxrC/MEupUZ/uqDRAnUG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNzMxMTIzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTU4MzQ5ZWFhZDRhMWZhOThiMzI5OTcwMjFjZWI5YWU0N2FiMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D2nibI3ovfCXqfuqNh0skgcbyPo
gELhNU6AbUdhtehdkGEtwRJvWdDa0y6MtRFc4HwbrhBnxSwKVaEq56WyFhcPWfiB
kIDqBndie9S3oJuGav+Uv+bm4TjPBQ1x2fBN+Sx+lcialZyawTtAnJF3/3Z4Cg4H
Q1eJfLgaql+k/0K+Q0rFeKErd5qe2+9TUcULsPvbB0Km3PWGNCTPn9sjQyFKacBl
hga9MPwsivwF6tAsnB2tmIjXeKnP1WUxhXxClrn9z3cZaTNhw1exo6hgFUYCbk6y
gcXOWuwTXIOrlD4jYjxrwFtpMIZoD5pp/i1yKDrFynHFV4t5x2dDpRVfEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHlYNJ6q1KH6mLMplwIc65rkerMhMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZVZnMG5xclVvZnFZc3ltWEFoenJtdVI2c3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAucVKAwQA
ueaPMAwDBALBvBQDBADBvBYwDQYJKoZIhvcNAQELBQADggEBAIEcw5oOrQwX4Jjd
yTlqYUDCjEoAckflleDr3GQurZMkZmgBFz7J01/eyRoCBs8pEKRdJRnBJLecDCOR
wUfe/3cE1IFlTlMT3qa0GirUdjiDYSl/OhIrR6xW6vFrbOuXC0iVPtdpkGR323Ty
WZZ/lCCuxXlDMc68WckjA7xmNG99NpvSQ+bsGLRX5gJoxKPNOCPZkncMdOgQqsWm
OnTleUYIGbQuAGjeH0IzSxDe6RiA8dn6wgKJFQFUBMmaCMUhvheDVp13xcZvmAmO
QQYFOIvfmqX8JMaK4e3QQJckJ/QBcOgoVy8/YvlqpVhWU9vOQggiD6olVEuGfdmT
x2VxAjo=
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:30:06 2024 by rpki-client on console-fra.rpki-client.org