Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/frHegXUrvmrHElLSSVJIWf_5NFI.roa
File: frHegXUrvmrHElLSSVJIWf_5NFI.roa (raw, json)
Hash identifier: v4FsB9Rfo2dk18Sl5SqHgLDQAvzpBK8tR0tiRbHzFXY=
Subject key identifier: 7E:B1:DE:81:75:2B:BE:6A:C7:12:52:D2:49:52:48:59:FF:F9:34:52
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE603A1B65216F58C1862FCF8F9570B25
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/frHegXUrvmrHElLSSVJIWf_5NFI.roa
Signing time: Tue 16 Apr 2024 08:26:21 +0000
ROA not before: Tue 16 Apr 2024 08:26:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35125
IP address blocks: 95.158.192.0/18 maxlen: 18
212.3.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 06:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:03:a1:b6:52:16:f5:8c:18:62:fc:f8:f9:57:0b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 08:26:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7eb1de81752bbe6ac71252d249524859fff93452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:b3:32:6b:23:a3:10:5c:37:2b:ad:1b:05:
6e:31:5c:e9:d4:3c:be:87:4c:28:3b:f9:28:6a:78:
ad:0e:c8:ef:ad:da:41:b6:ac:e9:1e:51:d6:3a:3e:
06:59:c0:dc:11:48:46:f1:3d:d8:9a:e1:6b:5c:6a:
72:3a:0d:de:8e:5a:f8:18:5d:4e:0a:2e:ac:2e:a1:
09:20:30:97:31:ff:32:10:86:38:a9:b5:20:d5:7d:
35:78:d6:06:e3:fa:50:54:9a:a1:0e:b1:2b:ce:ee:
1b:ec:2c:93:37:3e:64:2e:c9:0e:7b:f6:14:6a:78:
f9:01:7c:8f:a4:1b:aa:81:09:df:bb:0f:0a:cf:7c:
d9:d6:e9:31:a4:29:1e:cc:49:f7:47:af:63:34:10:
a6:d0:a2:05:bb:02:bc:7e:01:1a:92:c9:00:1d:fd:
09:3a:7c:91:fc:2a:0a:04:96:a6:d0:fc:38:4e:bc:
8f:35:07:6d:e1:af:bf:ed:5b:04:70:60:b4:a1:b7:
a6:c0:04:8f:85:f8:8a:e4:46:53:42:35:44:1c:4c:
25:fb:5e:56:0d:15:8a:df:f0:50:36:53:e2:e4:7b:
c4:ed:ad:24:11:4c:50:c7:c7:33:ec:d3:2f:3f:2f:
cc:74:73:94:da:63:62:0c:5c:83:08:4b:c3:4a:ae:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B1:DE:81:75:2B:BE:6A:C7:12:52:D2:49:52:48:59:FF:F9:34:52
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/frHegXUrvmrHElLSSVJIWf_5NFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.158.192.0/18
212.3.133.0/24
Signature Algorithm: sha256WithRSAEncryption
34:1b:be:63:db:5b:0b:52:4e:5d:a5:f4:ed:05:dc:55:16:2f:
a0:d0:37:9c:f7:5e:38:2c:c3:c7:6a:26:3f:e4:d2:6d:4a:ca:
9a:a4:55:f1:26:c4:c4:57:47:1b:4b:61:82:fe:d9:d8:fd:91:
9b:bc:b8:6e:5d:34:5b:e2:c2:db:94:24:a9:bb:b3:ec:7f:d0:
b2:f6:56:10:0e:1e:65:b9:02:ec:9f:26:c8:4f:7b:51:eb:ba:
a9:f7:0c:cd:c4:5a:be:92:bf:fc:d3:fd:f9:6a:9e:59:30:2f:
04:ec:42:45:d1:66:e6:e5:33:68:04:c7:bd:0a:74:4e:7a:ce:
6f:5d:f6:2c:99:6e:1e:57:ea:cc:c8:8d:49:ad:ab:61:77:05:
7e:7c:79:f2:77:46:8a:af:38:b2:e3:35:82:16:4a:c9:f0:73:
bc:f6:a8:4c:ef:71:f8:55:b1:e2:ab:98:36:66:5f:11:4d:ac:
63:f5:32:1b:a4:7e:08:5f:d4:cb:1a:36:af:9e:65:c1:7a:f0:
32:58:d5:36:37:fc:0f:23:96:af:bc:5a:54:b8:9e:a4:9a:f9:
e1:6c:57:55:f0:3d:bd:0c:18:32:c9:2b:f2:52:b0:d6:b8:85:
cb:16:d3:c4:7e:10:23:6b:f4:73:38:b8:7c:06:90:b0:a3:ce:
06:93:bf:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7mA6G2Uhb1jBhi/Pj5VwslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MDgyNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWIxZGU4MTc1MmJiZTZhYzcxMjUyZDI0OTUyNDg1OWZmZjkzNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM2zMmsjoxBcNyutGwVuMVzp1Dy+
h0woO/koanitDsjvrdpBtqzpHlHWOj4GWcDcEUhG8T3YmuFrXGpyOg3ejlr4GF1O
Ci6sLqEJIDCXMf8yEIY4qbUg1X01eNYG4/pQVJqhDrErzu4b7CyTNz5kLskOe/YU
anj5AXyPpBuqgQnfuw8Kz3zZ1ukxpCkezEn3R69jNBCm0KIFuwK8fgEakskAHf0J
OnyR/CoKBJam0Pw4TryPNQdt4a+/7VsEcGC0obemwASPhfiK5EZTQjVEHEwl+15W
DRWK3/BQNlPi5HvE7a0kEUxQx8cz7NMvPy/MdHOU2mNiDFyDCEvDSq6M7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH6x3oF1K75qxxJS0klSSFn/+TRSMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZnJIZWdYVXJ2bXJIRWxMU1NWSklXZl81TkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGX57AAwQA
1AOFMA0GCSqGSIb3DQEBCwUAA4IBAQA0G75j21sLUk5dpfTtBdxVFi+g0Dec9144
LMPHaiY/5NJtSsqapFXxJsTEV0cbS2GC/tnY/ZGbvLhuXTRb4sLblCSpu7Psf9Cy
9lYQDh5luQLsnybIT3tR67qp9wzNxFq+kr/80/35ap5ZMC8E7EJF0Wbm5TNoBMe9
CnROes5vXfYsmW4eV+rMyI1JrathdwV+fHnyd0aKrziy4zWCFkrJ8HO89qhM73H4
VbHiq5g2Zl8RTaxj9TIbpH4IX9TLGjavnmXBevAyWNU2N/wPI5avvFpUuJ6kmvnh
bFdV8D29DBgyySvyUrDWuIXLFtPEfhAja/RzOLh8BpCwo84Gk7+f
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org