Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/058aa5-6494-4595-819b-f08d71c4f3db/1/sRaDuzBEiybj6xwwE5dfdhsILMQ.roa
File: sRaDuzBEiybj6xwwE5dfdhsILMQ.roa (raw, json)
Hash identifier: gJZFaujYS2lCxCuznh1BA5QuBDyb4yijtCZ+vgbaxCE=
Subject key identifier: B1:16:83:BB:30:44:8B:26:E3:EB:1C:30:13:97:5F:76:1B:08:2C:C4
Certificate issuer: /CN=cd3087cc702c8d9353fe78f7932440b7e842fc6e
Certificate serial: 01856BCA51C68D08B25E938799F5B0275358
Authority key identifier: CD:30:87:CC:70:2C:8D:93:53:FE:78:F7:93:24:40:B7:E8:42:FC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTCHzHAsjZNT_nj3kyRAt-hC_G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/058aa5-6494-4595-819b-f08d71c4f3db/1/sRaDuzBEiybj6xwwE5dfdhsILMQ.roa
Signing time: Sun 01 Jan 2023 05:24:59 +0000
ROA not before: Sun 01 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12578
IP address blocks: 195.35.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:51:c6:8d:08:b2:5e:93:87:99:f5:b0:27:53:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3087cc702c8d9353fe78f7932440b7e842fc6e
Validity
Not Before: Jan 1 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b11683bb30448b26e3eb1c3013975f761b082cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:9f:5b:c9:3a:0b:1e:a1:7e:a4:67:25:7f:
76:33:27:92:3d:2d:a5:19:eb:24:a5:13:02:a4:a3:
55:23:89:b9:fd:e9:ed:ff:d3:1c:73:1f:59:5b:1f:
8a:51:17:7f:27:60:d1:26:41:e6:4b:c3:c0:b9:00:
3a:11:de:0b:4e:68:33:81:62:81:f4:9b:fd:50:45:
1d:73:a7:57:29:8c:70:0b:fe:46:29:18:f3:be:30:
44:93:44:e9:97:f8:d2:69:ab:cf:53:02:6f:c9:12:
f7:f7:94:81:9a:c3:39:41:ee:10:29:77:65:bd:c3:
b1:6e:b1:d2:8e:82:99:b2:8e:99:02:29:30:93:3f:
b3:fe:a0:16:05:19:96:6f:cc:ce:b9:62:5f:e8:fb:
6d:d4:1a:f3:90:50:75:f0:b4:49:b8:2d:50:54:bc:
b0:c3:12:42:d1:0f:b2:e5:4e:79:e5:7d:69:50:2b:
cc:bd:73:be:cf:c0:b3:89:45:b7:b9:d7:1c:52:cb:
8e:6c:43:d1:88:20:10:9e:22:17:0a:9d:d1:51:02:
9c:ce:89:a2:43:61:5a:67:9a:57:4b:89:92:c9:bd:
37:42:ae:e3:88:04:b7:17:d2:ca:f5:15:4f:7d:13:
0c:10:fb:9c:23:0e:b0:09:a4:11:95:dc:61:5f:6b:
cd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:16:83:BB:30:44:8B:26:E3:EB:1C:30:13:97:5F:76:1B:08:2C:C4
X509v3 Authority Key Identifier:
keyid:CD:30:87:CC:70:2C:8D:93:53:FE:78:F7:93:24:40:B7:E8:42:FC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTCHzHAsjZNT_nj3kyRAt-hC_G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/058aa5-6494-4595-819b-f08d71c4f3db/1/sRaDuzBEiybj6xwwE5dfdhsILMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/058aa5-6494-4595-819b-f08d71c4f3db/1/zTCHzHAsjZNT_nj3kyRAt-hC_G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:9f:ec:d9:88:d1:01:1b:70:ff:92:9d:85:2d:30:ae:a1:e9:
8e:61:f5:52:3b:fe:d7:9a:b1:21:28:30:a4:95:5b:10:1f:74:
71:c5:89:9f:51:53:5d:0b:8a:14:9f:6b:70:ea:78:07:b6:dc:
c2:7d:09:11:05:32:7c:5c:e1:66:7b:35:af:0d:1f:7f:ec:95:
bc:66:aa:db:2e:f8:f0:97:7c:a7:d5:e1:cc:f3:aa:32:26:0f:
a9:5e:f9:4c:83:f0:69:03:ca:41:a3:ed:b3:8f:65:dd:9a:82:
85:78:c8:81:b7:fe:65:5e:85:68:75:bd:0e:62:ff:a6:9b:ee:
b9:b0:94:1f:16:56:11:0b:e1:b6:35:cc:92:e5:31:f7:ec:4f:
a6:03:be:dc:ad:e1:2f:9f:6c:fc:79:cb:27:85:77:a8:04:70:
bb:22:8b:0b:49:19:b2:13:0c:78:79:5d:11:97:69:76:f3:ea:
87:42:02:ba:c7:4b:91:8a:fb:f1:05:dd:7a:c8:ab:1a:29:22:
37:54:b1:42:2c:45:63:5e:a0:91:53:2c:81:b4:6f:86:bb:d0:
2d:77:13:db:20:01:e9:c0:95:5d:77:95:f7:c6:f1:e3:cc:2b:
99:be:71:34:14:c6:d3:5b:e4:f1:62:7d:c9:43:8c:32:fc:f3:
bb:57:d6:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrylHGjQiyXpOHmfWwJ1NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzA4N2NjNzAyYzhkOTM1M2ZlNzhmNzkzMjQ0MGI3ZTg0
MmZjNmUwHhcNMjMwMTAxMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE2ODNiYjMwNDQ4YjI2ZTNlYjFjMzAxMzk3NWY3NjFiMDgyY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2yfW8k6Cx6hfqRnJX92MyeSPS2l
GeskpRMCpKNVI4m5/ent/9Mccx9ZWx+KURd/J2DRJkHmS8PAuQA6Ed4LTmgzgWKB
9Jv9UEUdc6dXKYxwC/5GKRjzvjBEk0Tpl/jSaavPUwJvyRL395SBmsM5Qe4QKXdl
vcOxbrHSjoKZso6ZAikwkz+z/qAWBRmWb8zOuWJf6Ptt1BrzkFB18LRJuC1QVLyw
wxJC0Q+y5U555X1pUCvMvXO+z8CziUW3udccUsuObEPRiCAQniIXCp3RUQKczomi
Q2FaZ5pXS4mSyb03Qq7jiAS3F9LK9RVPfRMMEPucIw6wCaQRldxhX2vNIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEWg7swRIsm4+scMBOXX3YbCCzEMB8GA1UdIwQY
MBaAFM0wh8xwLI2TU/5495MkQLfoQvxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRDSHpIQXNqWk5UX25qM2t5UkF0LWhDX0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wNThhYTUtNjQ5NC00NTk1LTgxOWIt
ZjA4ZDcxYzRmM2RiLzEvc1JhRHV6QkVpeWJqNnh3d0U1ZGZkaHNJTE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wNThhYTUtNjQ5NC00NTk1LTgxOWItZjA4ZDcxYzRmM2Ri
LzEvelRDSHpIQXNqWk5UX25qM2t5UkF0LWhDX0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyNrMA0G
CSqGSIb3DQEBCwUAA4IBAQANn+zZiNEBG3D/kp2FLTCuoemOYfVSO/7XmrEhKDCk
lVsQH3RxxYmfUVNdC4oUn2tw6ngHttzCfQkRBTJ8XOFmezWvDR9/7JW8ZqrbLvjw
l3yn1eHM86oyJg+pXvlMg/BpA8pBo+2zj2XdmoKFeMiBt/5lXoVodb0OYv+mm+65
sJQfFlYRC+G2NcyS5TH37E+mA77creEvn2z8ecsnhXeoBHC7IosLSRmyEwx4eV0R
l2l28+qHQgK6x0uRivvxBd16yKsaKSI3VLFCLEVjXqCRUyyBtG+Gu9AtdxPbIAHp
wJVdd5X3xvHjzCuZvnE0FMbTW+TxYn3JQ4wy/PO7V9a9
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:46 2024 by rpki-client on console-fra.rpki-client.org