Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8nJo17w6SL6m2e8TQVvyM924ofU.roa
File: 8nJo17w6SL6m2e8TQVvyM924ofU.roa (raw, json)
Hash identifier: nkGuTym/AZjWordeNIvUUhCNXPc0GN+dm13MKSUAIHo=
Subject key identifier: F2:72:68:D7:BC:3A:48:BE:A6:D9:EF:13:41:5B:F2:33:DD:B8:A1:F5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BFC28EAAEC2E8B90AF02E5F12639DB3A5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8nJo17w6SL6m2e8TQVvyM924ofU.roa
Signing time: Thu 23 Nov 2023 12:30:21 +0000
ROA not before: Thu 23 Nov 2023 12:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 195.58.35.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Nov 2023 11:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:28:ea:ae:c2:e8:b9:0a:f0:2e:5f:12:63:9d:b3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 23 12:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f27268d7bc3a48bea6d9ef13415bf233ddb8a1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d2:a5:6d:cd:dd:e7:f2:3b:ad:9c:0c:83:11:
5f:a2:8b:34:d6:3b:d7:1f:7a:e0:69:6c:9d:a6:cc:
1f:0d:82:c3:c2:82:ce:43:cc:62:22:de:ef:e3:65:
09:04:23:dd:66:c7:67:45:51:b9:8b:41:fa:3e:36:
03:c5:62:4c:3b:3c:d0:86:57:5c:6e:e6:4d:2e:59:
eb:92:4e:a8:e3:67:52:1a:cc:82:f6:bb:72:27:bf:
71:6d:a3:9d:9d:b3:21:6b:e7:04:3f:76:b6:ca:1c:
64:ae:65:9d:04:e8:87:37:e8:83:3b:ba:61:f7:d0:
cf:6a:b5:4c:a4:dd:e2:9a:ec:7d:4d:26:f8:44:04:
42:e5:ad:0c:57:73:12:22:d2:93:4a:d7:4f:dd:65:
f3:8c:61:57:47:2b:17:9e:bb:87:e2:c1:42:53:96:
7d:a7:4b:42:3a:3f:4d:94:5a:d9:71:e9:be:a6:23:
d8:8f:bf:ac:e9:d5:79:68:4e:e3:e4:b1:92:3a:61:
2a:38:24:66:97:6d:c4:db:9b:f3:48:74:47:5a:0d:
08:f3:80:7c:68:47:af:93:d0:6a:93:93:17:15:d6:
62:81:05:38:24:8f:ae:0d:83:fa:48:7a:67:19:00:
0d:ce:1c:73:98:62:9b:c3:17:cf:d1:2a:c1:13:df:
2d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:72:68:D7:BC:3A:48:BE:A6:D9:EF:13:41:5B:F2:33:DD:B8:A1:F5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8nJo17w6SL6m2e8TQVvyM924ofU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.35.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
08:bc:5c:e1:b5:69:a5:78:e1:83:f2:18:5e:77:d8:25:34:79:
01:88:35:99:fb:f6:ed:f9:d0:40:b7:b1:6e:8f:ea:d3:7f:fa:
f1:4e:d2:b5:b5:13:8a:29:90:30:4c:ea:4b:bc:ce:b7:d2:91:
e6:4e:5a:6d:f4:2b:9a:df:98:ea:1d:15:b0:5e:b4:41:0c:1e:
ab:a1:f9:a5:7f:c8:53:5b:c6:1b:94:57:5b:1b:4c:6b:2c:ea:
38:6b:14:3c:a2:a6:9b:20:da:ad:b6:b9:c7:0c:06:c2:5a:bf:
ed:f2:b9:84:51:89:d8:5c:a9:64:30:98:76:7b:3f:58:eb:d7:
61:94:01:ce:24:2a:65:1f:0f:6d:a4:15:dd:18:d8:8e:61:4f:
f9:45:d8:12:8c:fa:00:4f:31:1d:ae:15:1c:2c:0b:ea:65:b9:
f8:f9:15:17:02:34:2c:33:8d:9e:98:69:3f:2c:72:5a:32:10:
79:3c:fc:db:e9:63:d4:7f:8b:f1:a3:43:26:1e:16:ba:ff:53:
34:d6:4c:21:26:27:6d:4f:31:fb:9e:07:3c:9d:5c:e4:1a:55:
bd:ee:3f:15:29:69:bf:ad:cc:fe:b6:98:11:de:3e:07:90:d3:
97:e4:8f:c7:d5:e6:ee:48:b3:8d:3f:e0:c0:11:70:cd:4c:e2:
83:f7:38:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv8KOquwui5CvAuXxJjnbOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIzMTIzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjcyNjhkN2JjM2E0OGJlYTZkOWVmMTM0MTViZjIzM2RkYjhhMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Klbc3d5/I7rZwMgxFfoos01jvX
H3rgaWydpswfDYLDwoLOQ8xiIt7v42UJBCPdZsdnRVG5i0H6PjYDxWJMOzzQhldc
buZNLlnrkk6o42dSGsyC9rtyJ79xbaOdnbMha+cEP3a2yhxkrmWdBOiHN+iDO7ph
99DParVMpN3imux9TSb4RARC5a0MV3MSItKTStdP3WXzjGFXRysXnruH4sFCU5Z9
p0tCOj9NlFrZcem+piPYj7+s6dV5aE7j5LGSOmEqOCRml23E25vzSHRHWg0I84B8
aEevk9Bqk5MXFdZigQU4JI+uDYP6SHpnGQANzhxzmGKbwxfP0SrBE98tFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJyaNe8Oki+ptnvE0Fb8jPduKH1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOG5KbzE3dzZTTDZtMmU4VFFWdnlNOTI0b2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzojAwQA
1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQAIvFzhtWmleOGD8hhed9glNHkBiDWZ+/bt
+dBAt7Fuj+rTf/rxTtK1tROKKZAwTOpLvM630pHmTlpt9Cua35jqHRWwXrRBDB6r
ofmlf8hTW8YblFdbG0xrLOo4axQ8oqabINqttrnHDAbCWr/t8rmEUYnYXKlkMJh2
ez9Y69dhlAHOJCplHw9tpBXdGNiOYU/5RdgSjPoATzEdrhUcLAvqZbn4+RUXAjQs
M42emGk/LHJaMhB5PPzb6WPUf4vxo0MmHha6/1M01kwhJidtTzH7ngc8nVzkGlW9
7j8VKWm/rcz+tpgR3j4HkNOX5I/H1ebuSLONP+DAEXDNTOKD9ziN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org