Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4G_9y9Ge5vJcD7hDQHO_gKg8ZNQ.roa
File: 4G_9y9Ge5vJcD7hDQHO_gKg8ZNQ.roa (raw, json)
Hash identifier: frgYcBDUNcXineFVOLsUm+1jTZIx53S3LAMB7PB3GJE=
Subject key identifier: E0:6F:FD:CB:D1:9E:E6:F2:5C:0F:B8:43:40:73:BF:80:A8:3C:64:D4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01918EAE2433D3D41F5A687AD1725AEF72F0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4G_9y9Ge5vJcD7hDQHO_gKg8ZNQ.roa
Signing time: Mon 26 Aug 2024 12:34:22 +0000
ROA not before: Mon 26 Aug 2024 12:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 195.133.50.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:ae:24:33:d3:d4:1f:5a:68:7a:d1:72:5a:ef:72:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 12:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e06ffdcbd19ee6f25c0fb8434073bf80a83c64d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:89:bd:3a:a6:68:ec:8d:a3:0b:02:3f:f3:
68:e2:54:bc:d0:dc:b8:b9:0e:45:40:ec:2d:99:e5:
39:2a:4d:39:06:e4:ff:7f:36:aa:57:ea:fd:6b:c1:
5c:05:da:f7:de:99:86:4d:db:bf:a3:23:8c:82:95:
c5:44:7d:28:02:c0:e9:6b:e0:50:60:d9:14:c5:b9:
d8:8f:72:9e:e3:c1:01:eb:c3:1d:23:14:35:7a:5c:
eb:e0:d7:b8:3b:eb:49:bb:09:b6:fb:56:96:67:ba:
47:ee:4e:3a:88:40:99:2f:4e:1d:37:c2:c9:a7:98:
74:0d:85:f2:47:e2:a1:fe:16:28:1b:99:34:62:be:
8f:86:73:98:78:d2:77:70:03:88:3e:09:b4:f8:41:
fd:ec:7a:cb:53:1f:00:07:e2:83:94:19:d4:60:f3:
ff:6f:3d:fa:80:6f:7c:a3:c1:65:2e:18:ae:62:75:
f0:be:83:0a:63:8d:1f:65:3a:5b:fd:8d:2b:a5:ea:
bd:ba:85:19:4d:da:90:e5:3c:f1:a3:a6:49:39:81:
73:66:c8:21:c6:c0:e7:fc:ab:f9:be:45:ca:03:e1:
c9:c6:77:7b:11:1a:bf:90:5a:0d:98:14:25:d2:38:
53:5d:4c:14:08:c6:25:59:7d:1e:37:42:f9:20:11:
4d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:6F:FD:CB:D1:9E:E6:F2:5C:0F:B8:43:40:73:BF:80:A8:3C:64:D4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4G_9y9Ge5vJcD7hDQHO_gKg8ZNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.50.0/24
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d1:f0:d7:1a:25:67:f8:ac:2c:89:35:39:7c:e3:94:4e:d9:
30:e1:42:67:b8:40:68:d7:55:9b:9c:e9:5c:48:cb:fd:7c:39:
90:a8:28:20:fe:d3:27:64:bb:b0:32:35:8d:13:d5:5a:46:3c:
7e:52:5a:57:33:f5:b3:5e:e7:2e:d1:cc:c4:f8:5c:74:c3:bf:
e6:68:04:ad:ef:59:44:df:7c:4f:7f:0d:b3:aa:fe:27:c9:74:
3d:9b:eb:da:a0:b2:12:91:23:11:58:25:b1:9f:d6:a9:36:38:
7b:aa:30:f6:f5:6c:18:f8:2c:f6:54:db:6b:98:72:17:32:b3:
a7:ba:42:54:4f:6c:09:3c:83:37:96:58:45:7c:9e:ea:93:23:
e1:a1:0b:44:a1:04:21:e3:7e:79:60:1a:45:b7:1a:00:2d:00:
2e:cf:94:14:f9:46:28:ec:09:18:ab:80:b9:34:9a:6a:e0:0d:
b8:26:af:f0:07:99:66:93:57:1d:4d:b1:57:7e:e1:dc:6b:9e:
79:42:b5:cf:f8:0c:c7:ac:2b:06:7a:d2:6b:70:3b:79:b8:77:
2f:41:6c:c6:46:c0:cd:35:8b:54:96:05:67:1a:2f:b6:59:40:
9f:a8:fd:74:2a:f6:ed:66:c3:69:95:ac:59:87:2e:ba:b4:05:
78:c4:60:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGOriQz09QfWmh60XJa73LwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI2MTIzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDZmZmRjYmQxOWVlNmYyNWMwZmI4NDM0MDczYmY4MGE4M2M2NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR+JvTqmaOyNowsCP/No4lS80Ny4
uQ5FQOwtmeU5Kk05BuT/fzaqV+r9a8FcBdr33pmGTdu/oyOMgpXFRH0oAsDpa+BQ
YNkUxbnYj3Ke48EB68MdIxQ1elzr4Ne4O+tJuwm2+1aWZ7pH7k46iECZL04dN8LJ
p5h0DYXyR+Kh/hYoG5k0Yr6PhnOYeNJ3cAOIPgm0+EH97HrLUx8AB+KDlBnUYPP/
bz36gG98o8FlLhiuYnXwvoMKY40fZTpb/Y0rpeq9uoUZTdqQ5Tzxo6ZJOYFzZsgh
xsDn/Kv5vkXKA+HJxnd7ERq/kFoNmBQl0jhTXUwUCMYlWX0eN0L5IBFNmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOBv/cvRnubyXA+4Q0Bzv4CoPGTUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNEdfOXk5R2U1dkpjRDdoRFFIT19nS2c4Wk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4UyAwQA
w4VMMA0GCSqGSIb3DQEBCwUAA4IBAQBD0fDXGiVn+KwsiTU5fOOUTtkw4UJnuEBo
11WbnOlcSMv9fDmQqCgg/tMnZLuwMjWNE9VaRjx+UlpXM/WzXucu0czE+Fx0w7/m
aASt71lE33xPfw2zqv4nyXQ9m+vaoLISkSMRWCWxn9apNjh7qjD29WwY+Cz2VNtr
mHIXMrOnukJUT2wJPIM3llhFfJ7qkyPhoQtEoQQh4355YBpFtxoALQAuz5QU+UYo
7AkYq4C5NJpq4A24Jq/wB5lmk1cdTbFXfuHca555QrXP+AzHrCsGetJrcDt5uHcv
QWzGRsDNNYtUlgVnGi+2WUCfqP10KvbtZsNplaxZhy66tAV4xGDw
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:36:16 2025 by rpki-client