Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3Dv8rL1_lmzXy6vOkbNyUSA5iZw.roa
File: 3Dv8rL1_lmzXy6vOkbNyUSA5iZw.roa (raw, json)
Hash identifier: 4Q8ITga3cQSce/JL32zGMA1z/XQbHjXWeNeIf+5viIs=
Subject key identifier: DC:3B:FC:AC:BD:7F:96:6C:D7:CB:AB:CE:91:B3:72:51:20:39:89:9C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018944ED07452C71E3EC02BFAF25270809B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3Dv8rL1_lmzXy6vOkbNyUSA5iZw.roa
Signing time: Tue 11 Jul 2023 12:28:51 +0000
ROA not before: Tue 11 Jul 2023 12:28:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.77.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:ed:07:45:2c:71:e3:ec:02:bf:af:25:27:08:09:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 11 12:28:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc3bfcacbd7f966cd7cbabce91b372512039899c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:5a:90:5d:7e:f6:ac:38:a6:fc:18:c2:4e:
13:69:fd:5a:c0:15:33:c1:f7:8d:1e:dd:dd:71:24:
fe:ca:ea:0b:3c:f5:c6:bc:2b:dd:c4:0b:fd:e2:42:
a5:56:b9:7c:e5:f0:61:e1:69:7d:cc:1d:bd:ba:7b:
81:1e:0e:b4:41:ac:67:aa:12:10:9f:64:4e:8c:32:
3d:4c:da:b1:8f:01:d1:a8:77:75:de:92:6b:cc:3a:
b2:c5:be:ed:c7:24:bc:63:ca:8e:8f:8a:e5:78:72:
99:fa:df:90:ad:d4:66:4b:5b:96:1c:95:24:83:78:
7d:81:f2:f6:77:77:68:05:20:4e:a0:ae:f3:5e:59:
de:59:4e:8f:df:b0:e3:5e:5e:de:2f:2d:4f:3e:da:
7f:5c:23:4e:ed:e8:5b:22:c7:97:b4:5a:89:ab:4a:
49:13:e5:9b:f1:c4:c4:b7:58:9f:3f:87:47:4f:6a:
b7:7b:5e:9f:dd:d9:d7:5b:ca:91:7b:b8:11:47:b6:
ee:2e:55:2a:a0:7a:88:91:e8:80:d2:89:f1:f0:50:
80:13:3f:95:63:b1:2c:81:26:8f:41:29:7b:e8:6f:
74:32:6c:69:fa:e9:d2:f9:10:4b:a6:da:98:b6:db:
7c:6b:04:0c:19:7b:93:4d:f4:c1:1d:16:72:ff:36:
bf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3B:FC:AC:BD:7F:96:6C:D7:CB:AB:CE:91:B3:72:51:20:39:89:9C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3Dv8rL1_lmzXy6vOkbNyUSA5iZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.77.0/24
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ee:94:52:8b:99:7a:dd:55:8a:47:e5:b4:28:70:40:59:d8:
20:96:29:68:26:9a:95:ed:49:a7:da:65:ef:36:b4:15:bc:97:
56:4f:f6:ae:e4:11:39:c4:ba:16:89:8f:a4:40:d5:4c:27:c5:
f6:06:fd:95:0a:c8:82:24:1e:11:11:5f:94:1e:b1:bb:4b:e4:
f1:07:08:f0:d2:3a:66:0d:50:91:7e:db:cf:fa:23:4c:87:60:
6d:a4:d0:53:1d:ae:49:0d:13:1d:04:6c:84:87:ff:a1:c2:86:
97:9f:13:00:94:9d:60:38:9b:33:e3:67:ec:5d:71:83:60:ea:
9b:c5:a0:23:73:40:a9:39:c4:49:e6:c2:20:ec:54:88:3c:fe:
7a:24:e1:fd:66:5d:5a:1c:40:d8:9d:d3:8c:79:ba:b3:e6:05:
2c:d3:fc:35:6c:a2:bb:a3:f4:70:f1:57:47:77:ec:01:31:ba:
74:04:8b:1e:d2:cf:28:57:2e:fe:68:c1:76:64:b8:d6:c6:5e:
28:57:96:f4:f1:35:74:64:c9:fe:35:ef:9e:6e:a0:a3:c7:af:
b9:57:81:fd:bf:e6:de:df:c7:1d:74:73:f0:97:6f:82:ad:f2:
d1:d9:a3:f5:08:d4:82:9f:38:93:de:fc:c9:bf:61:bf:eb:f3:
2a:ea:2a:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlE7QdFLHHj7AK/ryUnCAmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzExMTIyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNiZmNhY2JkN2Y5NjZjZDdjYmFiY2U5MWIzNzI1MTIwMzk4OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRpakF1+9qw4pvwYwk4Taf1awBUz
wfeNHt3dcST+yuoLPPXGvCvdxAv94kKlVrl85fBh4Wl9zB29unuBHg60QaxnqhIQ
n2ROjDI9TNqxjwHRqHd13pJrzDqyxb7txyS8Y8qOj4rleHKZ+t+QrdRmS1uWHJUk
g3h9gfL2d3doBSBOoK7zXlneWU6P37DjXl7eLy1PPtp/XCNO7ehbIseXtFqJq0pJ
E+Wb8cTEt1ifP4dHT2q3e16f3dnXW8qRe7gRR7buLlUqoHqIkeiA0onx8FCAEz+V
Y7EsgSaPQSl76G90Mmxp+unS+RBLptqYttt8awQMGXuTTfTBHRZy/za/MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNw7/Ky9f5Zs18urzpGzclEgOYmcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM0R2OHJMMV9sbXpYeTZ2T2tiTnlVU0E1aVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VNAwQA
w4VWMA0GCSqGSIb3DQEBCwUAA4IBAQBv7pRSi5l63VWKR+W0KHBAWdggliloJpqV
7Umn2mXvNrQVvJdWT/au5BE5xLoWiY+kQNVMJ8X2Bv2VCsiCJB4REV+UHrG7S+Tx
Bwjw0jpmDVCRftvP+iNMh2BtpNBTHa5JDRMdBGyEh/+hwoaXnxMAlJ1gOJsz42fs
XXGDYOqbxaAjc0CpOcRJ5sIg7FSIPP56JOH9Zl1aHEDYndOMebqz5gUs0/w1bKK7
o/Rw8VdHd+wBMbp0BIse0s8oVy7+aMF2ZLjWxl4oV5b08TV0ZMn+Ne+ebqCjx6+5
V4H9v+be38cddHPwl2+CrfLR2aP1CNSCnziT3vzJv2G/6/Mq6iry
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org