Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5W4lJ9oUTB1pKpkdN36VMofT3qI.roa
File: 5W4lJ9oUTB1pKpkdN36VMofT3qI.roa (raw, json)
Hash identifier: 0rZ+r/0r8jWEXoOe8gOgUbDoYeQJ3gpey6qosvqxzYU=
Subject key identifier: E5:6E:25:27:DA:14:4C:1D:69:2A:99:1D:37:7E:95:32:87:D3:DE:A2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8655BCCCB4BC10A1F1C2BDFBA531
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5W4lJ9oUTB1pKpkdN36VMofT3qI.roa
Signing time: Tue 02 Jan 2024 12:33:53 +0000
ROA not before: Tue 02 Jan 2024 12:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.77.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 08:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:86:55:bc:cc:b4:bc:10:a1:f1:c2:bd:fb:a5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e56e2527da144c1d692a991d377e953287d3dea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d4:1c:82:37:d8:88:e4:49:f3:6d:10:fd:95:
42:ea:63:81:5a:ef:34:86:7a:6f:af:7c:77:a5:4e:
d4:c7:cc:2b:00:7f:86:c8:73:43:6a:31:d6:39:95:
c5:4d:dc:b2:1f:58:8e:3a:85:88:64:1a:aa:92:b0:
78:6d:fc:3b:83:ff:1e:41:c0:c8:80:69:52:0c:94:
9c:17:80:11:52:2f:6c:86:34:b1:f6:74:57:ba:31:
2c:81:a5:9f:3f:18:8c:5a:bc:60:13:eb:1a:3d:2a:
bf:8d:94:b0:ef:ce:e1:b4:0c:8c:e4:df:be:65:d6:
9b:12:a0:67:ab:9d:c5:54:95:fb:71:30:35:37:2b:
46:83:a6:0b:26:22:f1:b6:08:f4:ad:4f:1a:51:79:
cf:36:27:b4:f3:f0:45:c5:ad:98:78:a8:1a:62:07:
3f:be:6b:ca:a1:d4:ad:05:3c:52:fc:2c:64:46:99:
d0:59:74:2e:fc:90:25:6c:6f:30:3b:21:ec:85:da:
ba:5d:18:f2:23:46:62:dd:91:b5:07:8b:fd:35:70:
af:8f:39:53:c6:b7:db:4a:ab:e3:a8:0f:56:dd:12:
11:fa:8e:28:1f:c8:34:60:17:ea:0f:8f:e1:20:8f:
4b:23:f4:81:18:7a:12:ca:4f:bc:cc:60:82:d5:c3:
8c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6E:25:27:DA:14:4C:1D:69:2A:99:1D:37:7E:95:32:87:D3:DE:A2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5W4lJ9oUTB1pKpkdN36VMofT3qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.77.0/24
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:72:a0:c2:8a:76:d3:35:e2:7b:b5:cf:fe:84:07:6d:34:f0:
32:36:01:5e:a3:4b:2b:03:e3:04:52:25:31:5a:e9:32:7b:19:
4c:ac:98:61:64:9e:77:c8:bf:d9:c6:23:f9:c6:c6:50:8b:9b:
24:8d:c9:75:cc:af:36:f6:6b:a3:16:61:61:4d:66:e6:23:d0:
2e:0e:f7:7a:da:24:cd:6d:d8:cb:56:f2:57:32:8b:2b:f7:35:
0a:19:f9:21:c0:1f:3b:24:9e:2d:46:a8:40:0a:c0:8e:ed:42:
fb:e6:19:b8:6e:54:e9:b9:2a:31:12:52:4b:0a:a2:39:2e:5d:
43:52:6c:9c:0f:37:14:e1:ef:eb:5d:3c:dd:b2:b6:46:53:f6:
1a:f8:27:7b:7c:4b:e3:b2:06:cd:ed:13:57:a4:f1:ae:3d:88:
3e:87:71:1c:c6:84:fa:e0:34:01:37:37:94:65:33:d2:3e:5f:
2b:f5:ae:ca:b4:be:51:e1:fe:03:39:2d:e5:79:d0:88:2f:67:
e8:13:a2:80:fb:26:02:4d:c1:f5:d7:68:9e:26:25:eb:04:69:
bd:49:a3:9e:d3:37:4a:04:da:95:9c:be:f5:09:f0:33:18:ed:
35:fb:2c:3d:52:ba:e2:3c:33:35:1d:db:92:2b:31:5e:80:27:
57:9f:07:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKoZVvMy0vBCh8cK9+6UxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZlMjUyN2RhMTQ0YzFkNjkyYTk5MWQzNzdlOTUzMjg3ZDNkZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtQcgjfYiORJ820Q/ZVC6mOBWu80
hnpvr3x3pU7Ux8wrAH+GyHNDajHWOZXFTdyyH1iOOoWIZBqqkrB4bfw7g/8eQcDI
gGlSDJScF4ARUi9shjSx9nRXujEsgaWfPxiMWrxgE+saPSq/jZSw787htAyM5N++
ZdabEqBnq53FVJX7cTA1NytGg6YLJiLxtgj0rU8aUXnPNie08/BFxa2YeKgaYgc/
vmvKodStBTxS/CxkRpnQWXQu/JAlbG8wOyHshdq6XRjyI0Zi3ZG1B4v9NXCvjzlT
xrfbSqvjqA9W3RIR+o4oH8g0YBfqD4/hII9LI/SBGHoSyk+8zGCC1cOMTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOVuJSfaFEwdaSqZHTd+lTKH096iMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNVc0bEo5b1VUQjFwS3BrZE4zNlZNb2ZUM3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VNAwQA
w4VWMA0GCSqGSIb3DQEBCwUAA4IBAQAucqDCinbTNeJ7tc/+hAdtNPAyNgFeo0sr
A+MEUiUxWukyexlMrJhhZJ53yL/ZxiP5xsZQi5skjcl1zK829mujFmFhTWbmI9Au
Dvd62iTNbdjLVvJXMosr9zUKGfkhwB87JJ4tRqhACsCO7UL75hm4blTpuSoxElJL
CqI5Ll1DUmycDzcU4e/rXTzdsrZGU/Ya+Cd7fEvjsgbN7RNXpPGuPYg+h3EcxoT6
4DQBNzeUZTPSPl8r9a7KtL5R4f4DOS3ledCIL2foE6KA+yYCTcH112ieJiXrBGm9
SaOe0zdKBNqVnL71CfAzGO01+yw9UrriPDM1HduSKzFegCdXnwcf
-----END CERTIFICATE-----
Generated at Mon Mar 25 12:45:36 2024 by rpki-client on console-ams.rpki-client.org