Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12FbP1IFLl_ozWdAivYb7PKH15o.roa
File: 12FbP1IFLl_ozWdAivYb7PKH15o.roa (raw, json)
Hash identifier: 4Z4Uoh8IJoHJqiJYaACoOSiY1MAr3vw7fNBr5pPldGc=
Subject key identifier: D7:61:5B:3F:52:05:2E:5F:E8:CD:67:40:8A:F6:1B:EC:F2:87:D7:9A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A690DD2B2F61FC726E7F448824CE5C9E9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12FbP1IFLl_ozWdAivYb7PKH15o.roa
Signing time: Wed 06 Sep 2023 05:53:48 +0000
ROA not before: Wed 06 Sep 2023 05:53:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 195.133.81.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:0d:d2:b2:f6:1f:c7:26:e7:f4:48:82:4c:e5:c9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 05:53:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7615b3f52052e5fe8cd67408af61becf287d79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e5:69:80:da:31:72:a6:6b:f1:39:86:48:be:
53:fb:a2:80:8b:e8:b5:66:9c:2d:94:63:da:26:58:
16:5d:7e:07:3a:ec:df:ea:73:d9:2d:f0:d1:88:a2:
7b:b1:74:6d:99:bb:b4:b4:c8:6f:75:98:d6:8a:6d:
f9:e9:b7:cd:8a:39:12:59:cc:6c:09:97:dc:98:de:
6b:49:0c:e9:d0:58:a5:67:da:bd:69:ff:6d:8a:d0:
9c:ef:3f:b6:9d:cd:a3:05:b3:ea:a7:47:bb:42:9b:
bf:07:7c:a0:53:b1:f9:7c:a6:c5:94:8c:4c:20:74:
10:4e:cc:e0:3c:27:a0:12:6a:01:9b:32:55:c7:67:
73:2d:ef:68:63:c7:ce:65:5f:99:97:08:da:32:5d:
0d:6b:90:29:02:fd:14:f6:62:77:77:39:a4:11:fe:
fe:20:e5:b0:0e:de:d2:62:49:e9:d2:ed:4a:ce:1e:
a0:af:f0:a0:fc:2b:7f:67:eb:0a:2f:ba:e2:ba:47:
f5:e3:ed:b3:ab:d6:43:87:53:fc:c8:14:43:b9:87:
f0:5a:fa:bb:00:bd:3d:e1:90:bc:5c:81:34:3d:67:
5a:c3:1c:a4:9b:49:d0:4c:bb:83:ba:11:b2:eb:06:
6f:d5:4d:db:f9:7e:e8:78:74:c5:c3:fe:44:6f:ef:
6e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:61:5B:3F:52:05:2E:5F:E8:CD:67:40:8A:F6:1B:EC:F2:87:D7:9A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/12FbP1IFLl_ozWdAivYb7PKH15o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.41.0/24
194.87.228.0/24
194.135.30.0/24
195.133.81.0/24
195.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ac:cd:fd:62:25:28:e4:5f:be:db:4d:ce:9f:6d:14:27:c2:
4f:07:69:b6:51:b2:a2:b5:b8:17:ce:bf:b5:c8:17:ad:a5:6f:
8c:01:bd:3d:62:d5:84:c6:d7:49:c7:fd:0f:f7:b5:17:7e:b3:
d1:de:45:3a:c7:d1:50:4e:22:3f:88:42:3f:b9:ec:07:b1:a9:
9f:1a:71:e4:47:9f:50:1a:76:d3:85:1d:e5:60:bc:95:3a:ea:
e6:47:85:8a:e2:19:2d:e8:ec:eb:e7:60:ea:6e:15:3d:cb:15:
e7:72:dc:2d:9a:24:a4:b8:57:b6:52:e1:1e:33:2b:9d:7e:61:
7a:c4:6b:2a:ce:ba:b2:15:4e:02:a5:4b:10:cc:f3:f6:b5:18:
dd:2c:cb:b4:6c:88:3f:09:a4:e9:25:d1:e7:03:b0:19:16:1d:
6f:8e:1f:85:6d:da:f8:14:4f:44:04:1e:18:9e:9d:04:4a:c0:
e9:23:68:d9:15:65:12:09:2e:3e:60:8f:96:0e:b9:74:00:19:
61:ce:32:9d:f4:b8:07:67:96:82:10:22:ba:e1:a2:3d:9b:0e:
d0:48:da:d2:84:e1:88:c5:ff:c7:a6:b8:80:d7:53:9f:b8:23:
67:b8:6d:a1:49:84:92:aa:d7:f8:78:aa:95:7c:eb:04:56:90:
d6:e4:e4:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYppDdKy9h/HJuf0SIJM5cnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MDU1MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYxNWIzZjUyMDUyZTVmZThjZDY3NDA4YWY2MWJlY2YyODdkNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOVpgNoxcqZr8TmGSL5T+6KAi+i1
ZpwtlGPaJlgWXX4HOuzf6nPZLfDRiKJ7sXRtmbu0tMhvdZjWim356bfNijkSWcxs
CZfcmN5rSQzp0FilZ9q9af9titCc7z+2nc2jBbPqp0e7Qpu/B3ygU7H5fKbFlIxM
IHQQTszgPCegEmoBmzJVx2dzLe9oY8fOZV+ZlwjaMl0Na5ApAv0U9mJ3dzmkEf7+
IOWwDt7SYknp0u1Kzh6gr/Cg/Ct/Z+sKL7riukf14+2zq9ZDh1P8yBRDuYfwWvq7
AL094ZC8XIE0PWdawxykm0nQTLuDuhGy6wZv1U3b+X7oeHTFw/5Eb+9uGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNdhWz9SBS5f6M1nQIr2G+zyh9eaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTJGYlAxSUZMbF9veldkQWl2WWI3UEtIMTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwjopAwQA
wlfkAwQAwoceAwQAw4VRAwQAw4XCMA0GCSqGSIb3DQEBCwUAA4IBAQByrM39YiUo
5F++203On20UJ8JPB2m2UbKitbgXzr+1yBetpW+MAb09YtWExtdJx/0P97UXfrPR
3kU6x9FQTiI/iEI/uewHsamfGnHkR59QGnbThR3lYLyVOurmR4WK4hkt6Ozr52Dq
bhU9yxXnctwtmiSkuFe2UuEeMyudfmF6xGsqzrqyFU4CpUsQzPP2tRjdLMu0bIg/
CaTpJdHnA7AZFh1vjh+Fbdr4FE9EBB4Ynp0ESsDpI2jZFWUSCS4+YI+WDrl0ABlh
zjKd9LgHZ5aCECK64aI9mw7QSNrShOGIxf/HpriA11OfuCNnuG2hSYSSqtf4eKqV
fOsEVpDW5OQY
-----END CERTIFICATE-----
Generated at Wed Sep 6 18:27:25 2023 by rpki-client on console-fra.rpki-client.org