Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/33dwbj869V3xLk-rca6LnuL3bD0.roa
File: 33dwbj869V3xLk-rca6LnuL3bD0.roa (raw, json)
Hash identifier: cARm1pYj2rXzjIgvrmWIo0RA1a6rZG9Y+LDiJKT+ELU=
Subject key identifier: DF:77:70:6E:3F:3A:F5:5D:F1:2E:4F:AB:71:AE:8B:9E:E2:F7:6C:3D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A171016830321F138549511EEC2BF53D7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/33dwbj869V3xLk-rca6LnuL3bD0.roa
Signing time: Mon 21 Aug 2023 07:47:24 +0000
ROA not before: Mon 21 Aug 2023 07:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198802
IP address blocks: 195.133.12.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:10:16:83:03:21:f1:38:54:95:11:ee:c2:bf:53:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 21 07:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df77706e3f3af55df12e4fab71ae8b9ee2f76c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:56:c6:4a:bd:a3:92:62:3b:5c:8e:70:8b:ad:
b9:0f:3d:5f:13:fd:8b:c6:d1:12:4e:88:ec:78:33:
f4:65:12:5f:0e:6b:8c:a3:cc:c0:bf:d8:7f:44:94:
66:30:06:5e:17:80:dd:b2:06:14:5e:d9:e9:e7:73:
b0:77:e0:3d:1f:82:94:41:e1:91:83:2b:22:6c:40:
63:b3:bb:e2:69:8a:c4:8c:42:93:ee:80:0d:39:32:
be:25:e3:9a:13:63:ae:2a:ea:17:67:82:62:24:4a:
73:7a:24:9a:bd:ac:4d:ac:69:67:e8:15:69:2d:2e:
88:e6:5b:bb:f4:aa:14:e6:c7:ea:1e:bd:09:e6:03:
1c:39:72:34:3c:3b:b6:06:4f:10:0d:ea:7e:4e:48:
a0:4d:af:31:7c:ad:31:b9:47:76:a3:20:19:e0:3a:
24:c5:eb:27:d5:fe:21:05:35:d5:67:92:65:0b:3c:
19:94:9a:da:1c:dc:38:41:d5:e5:83:1b:03:28:75:
48:7b:f1:8b:a9:47:35:38:69:3b:96:dd:89:a7:e1:
b7:d8:33:6a:56:41:ee:60:95:ff:18:05:60:d4:40:
f8:e7:54:8a:9f:7b:7e:45:61:af:de:cf:dd:97:61:
e6:33:bf:77:21:e0:19:47:eb:b9:ae:69:30:e5:6b:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:77:70:6E:3F:3A:F5:5D:F1:2E:4F:AB:71:AE:8B:9E:E2:F7:6C:3D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/33dwbj869V3xLk-rca6LnuL3bD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.12.0/24
195.133.22.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8f:b8:70:b9:f7:3f:44:63:98:f1:4b:f9:aa:19:02:22:26:
2b:bb:c3:29:65:fb:00:47:45:f5:43:7e:dd:4c:5b:9e:f3:c3:
a9:ba:35:d2:7c:49:95:b0:43:ff:78:36:6a:7d:2e:74:45:93:
ce:d1:0a:b1:41:c7:f0:0c:3d:4e:c1:83:cf:89:03:42:c1:7f:
d7:01:1e:c0:82:99:ed:44:6f:56:86:ad:99:35:60:7d:17:ee:
f8:ce:a1:94:4c:bb:23:46:24:70:08:fa:eb:91:92:05:13:e4:
8d:3c:7e:f4:e5:16:84:7f:ee:e7:40:c9:6e:fc:f4:70:89:12:
92:db:77:57:6a:55:84:ac:3e:ef:0e:d6:db:cb:0a:b7:7c:b3:
c4:60:a9:ad:4c:32:42:af:96:27:ec:08:4b:f3:8e:21:67:1e:
cc:78:f2:58:3b:a2:68:bf:8c:54:0e:be:96:c8:63:1f:a2:44:
79:6b:f4:e9:29:7f:1b:fe:2e:8b:a2:06:27:bb:94:bd:23:21:
40:35:34:e5:5a:5e:48:85:c8:b8:96:02:cc:99:10:d1:0b:0b:
52:d0:45:2f:89:e6:5a:4a:61:7b:93:0f:cd:74:84:5a:3d:7f:
48:75:4e:de:70:f7:e3:dd:27:e3:83:99:2c:e9:cc:7d:63:96:
55:ef:f6:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoXEBaDAyHxOFSVEe7Cv1PXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODIxMDc0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc3NzA2ZTNmM2FmNTVkZjEyZTRmYWI3MWFlOGI5ZWUyZjc2YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlbGSr2jkmI7XI5wi625Dz1fE/2L
xtESTojseDP0ZRJfDmuMo8zAv9h/RJRmMAZeF4DdsgYUXtnp53Owd+A9H4KUQeGR
gysibEBjs7viaYrEjEKT7oANOTK+JeOaE2OuKuoXZ4JiJEpzeiSavaxNrGln6BVp
LS6I5lu79KoU5sfqHr0J5gMcOXI0PDu2Bk8QDep+TkigTa8xfK0xuUd2oyAZ4Dok
xesn1f4hBTXVZ5JlCzwZlJraHNw4QdXlgxsDKHVIe/GLqUc1OGk7lt2Jp+G32DNq
VkHuYJX/GAVg1ED451SKn3t+RWGv3s/dl2HmM793IeAZR+u5rmkw5WtKXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN93cG4/OvVd8S5Pq3Gui57i92w9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzNkd2JqODY5VjN4TGstcmNhNkxudUwzYkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4UMAwQA
w4UWMA0GCSqGSIb3DQEBCwUAA4IBAQCBj7hwufc/RGOY8Uv5qhkCIiYru8MpZfsA
R0X1Q37dTFue88OpujXSfEmVsEP/eDZqfS50RZPO0QqxQcfwDD1OwYPPiQNCwX/X
AR7AgpntRG9Whq2ZNWB9F+74zqGUTLsjRiRwCPrrkZIFE+SNPH705RaEf+7nQMlu
/PRwiRKS23dXalWErD7vDtbbywq3fLPEYKmtTDJCr5Yn7AhL844hZx7MePJYO6Jo
v4xUDr6WyGMfokR5a/TpKX8b/i6LogYnu5S9IyFANTTlWl5Ihci4lgLMmRDRCwtS
0EUvieZaSmF7kw/NdIRaPX9IdU7ecPfj3Sfjg5ks6cx9Y5ZV7/YS
-----END CERTIFICATE-----
Generated at Tue Aug 22 10:26:40 2023 by rpki-client on console-fra.rpki-client.org