Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3hLio7PLrvJTjGf9LVcJnN_Pwt4.roa
File: 3hLio7PLrvJTjGf9LVcJnN_Pwt4.roa (raw, json)
Hash identifier: 15UmP25pDM4OY75kLP6psdUBg2fHxHuvRHAHQ9D2seE=
Subject key identifier: DE:12:E2:A3:B3:CB:AE:F2:53:8C:67:FD:2D:57:09:9C:DF:CF:C2:DE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BD3F8C486714DEF55EC5584DFC8B7E646
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3hLio7PLrvJTjGf9LVcJnN_Pwt4.roa
Signing time: Wed 15 Nov 2023 17:12:57 +0000
ROA not before: Wed 15 Nov 2023 17:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63018
IP address blocks: 195.133.29.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 14:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:f8:c4:86:71:4d:ef:55:ec:55:84:df:c8:b7:e6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 17:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de12e2a3b3cbaef2538c67fd2d57099cdfcfc2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:10:19:bc:46:e2:e0:a9:92:a6:ba:27:07:
54:cc:74:b5:d8:68:32:d6:01:40:21:67:18:e2:b0:
80:fb:82:17:3c:3b:6c:f2:d1:1d:db:1f:0b:f7:25:
81:e3:1a:d6:5b:16:e3:1b:77:30:9a:23:39:73:1a:
0b:af:08:6a:5f:1f:5e:a9:77:77:b9:b6:e6:23:0c:
66:3d:a1:76:eb:3c:81:00:ab:7c:82:9c:cc:3c:73:
79:64:f3:dd:00:99:59:50:e3:48:3b:ec:4f:77:b5:
a1:93:a1:14:a4:13:c5:21:89:10:c4:27:f7:ba:5b:
06:51:64:55:36:cb:bb:a8:55:18:63:2c:4d:15:0a:
bc:d1:4c:b2:c0:fb:38:b0:9e:94:ad:13:24:bb:24:
29:37:7f:74:56:75:52:55:a6:62:59:e1:f4:1f:3b:
97:20:fd:fa:98:67:c8:e9:a2:e0:78:b9:d9:27:b4:
39:9a:44:0c:7a:fa:95:9a:98:15:26:f3:67:a2:f4:
2b:92:8a:90:a0:c2:e5:8e:a4:8f:30:50:17:f4:e3:
72:fe:cf:91:04:56:ee:31:4b:60:10:9b:e3:48:29:
1b:75:98:0d:83:be:f0:9b:04:03:c6:af:cd:fb:cb:
b3:70:1e:89:a3:d2:ff:5c:e0:f5:04:32:53:31:9f:
6b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:E2:A3:B3:CB:AE:F2:53:8C:67:FD:2D:57:09:9C:DF:CF:C2:DE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3hLio7PLrvJTjGf9LVcJnN_Pwt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.29.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2f:53:f7:2e:c7:c2:42:bb:f6:b4:03:18:b4:4b:49:7e:05:
9c:22:70:7c:84:06:99:c9:28:42:1c:d8:14:ce:a0:9c:69:5e:
79:4d:93:db:cb:db:a7:9d:e3:3a:9f:db:e1:76:e1:fa:92:e8:
76:30:ea:18:b9:72:9b:4b:cf:15:83:cd:80:d2:a7:55:f3:d9:
18:ec:fc:e1:ce:55:ce:97:da:47:53:cf:86:0b:af:9e:4d:6b:
aa:c6:04:9d:7c:13:df:03:3b:2e:e3:d5:9e:4b:53:05:e1:15:
a8:48:f0:0a:1d:27:9d:13:fe:7f:9b:b6:6a:9a:a9:25:ab:35:
31:34:0e:fd:93:d5:cf:97:ac:5d:88:ac:f4:0a:82:66:cb:21:
75:b1:53:c7:c2:64:e1:d7:31:2e:e0:95:49:ef:1f:4a:12:36:
e5:88:af:cc:aa:c9:ad:3c:87:56:f3:b9:e6:47:91:13:a2:ee:
25:fb:bc:94:58:45:f7:5b:5e:6d:22:2b:1b:95:b3:fc:fe:e7:
c5:cd:b6:53:8b:82:42:2f:c4:72:9f:51:e8:90:b0:31:30:43:
61:5c:a4:13:45:58:7a:d9:da:ff:fb:bf:26:00:14:2f:52:da:
7b:f9:9a:9f:97:db:f3:dd:4a:a1:50:54:29:0c:00:b9:8f:34:
cb:df:f4:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvT+MSGcU3vVexVhN/It+ZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE1MTcxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyZTJhM2IzY2JhZWYyNTM4YzY3ZmQyZDU3MDk5Y2RmY2ZjMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA088QGbxG4uCpkqa6JwdUzHS12Ggy
1gFAIWcY4rCA+4IXPDts8tEd2x8L9yWB4xrWWxbjG3cwmiM5cxoLrwhqXx9eqXd3
ubbmIwxmPaF26zyBAKt8gpzMPHN5ZPPdAJlZUONIO+xPd7Whk6EUpBPFIYkQxCf3
ulsGUWRVNsu7qFUYYyxNFQq80UyywPs4sJ6UrRMkuyQpN390VnVSVaZiWeH0HzuX
IP36mGfI6aLgeLnZJ7Q5mkQMevqVmpgVJvNnovQrkoqQoMLljqSPMFAX9ONy/s+R
BFbuMUtgEJvjSCkbdZgNg77wmwQDxq/N+8uzcB6Jo9L/XOD1BDJTMZ9r3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4S4qOzy67yU4xn/S1XCZzfz8LeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM2hMaW83UExydkpUakdmOUxWY0puTl9Qd3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4UdAwQA
1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQB2L1P3LsfCQrv2tAMYtEtJfgWcInB8hAaZ
yShCHNgUzqCcaV55TZPby9unneM6n9vhduH6kuh2MOoYuXKbS88Vg82A0qdV89kY
7PzhzlXOl9pHU8+GC6+eTWuqxgSdfBPfAzsu49WeS1MF4RWoSPAKHSedE/5/m7Zq
mqklqzUxNA79k9XPl6xdiKz0CoJmyyF1sVPHwmTh1zEu4JVJ7x9KEjbliK/Mqsmt
PIdW87nmR5ETou4l+7yUWEX3W15tIisblbP8/ufFzbZTi4JCL8Ryn1HokLAxMENh
XKQTRVh62dr/+78mABQvUtp7+Zqfl9vz3UqhUFQpDAC5jzTL3/Rt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:05 2024 by rpki-client on console-fra.rpki-client.org