Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOSnUNQGBq12hciTBq-K7eA-S2A.roa
File: AOSnUNQGBq12hciTBq-K7eA-S2A.roa (raw, json)
Hash identifier: hFpDo0O3wgHmpQr5yNraTY4ZydS3s4LXrcOKetNedgE=
Subject key identifier: 00:E4:A7:50:D4:06:06:AD:76:85:C8:93:06:AF:8A:ED:E0:3E:4B:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018716C11D8D2B81A079BE4560FF34CE3759
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOSnUNQGBq12hciTBq-K7eA-S2A.roa
Signing time: Sat 25 Mar 2023 03:12:47 +0000
ROA not before: Sat 25 Mar 2023 03:12:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.77.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 08:28:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:16:c1:1d:8d:2b:81:a0:79:be:45:60:ff:34:ce:37:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 25 03:12:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00e4a750d40606ad7685c89306af8aede03e4b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:50:2b:01:87:ba:c0:a9:94:81:de:1d:16:70:
21:ac:d5:60:6b:fc:19:79:ea:dd:02:77:e7:9a:55:
4f:f7:b1:d2:d6:71:14:db:c5:0b:25:35:43:71:a7:
64:7d:24:46:5b:d1:da:37:ac:33:f1:d9:56:0f:ef:
76:1a:5b:40:3d:7d:c3:d3:00:0f:8e:1c:ca:ba:3a:
8f:de:de:56:eb:94:08:eb:f9:b3:d5:e3:9b:98:5d:
af:1d:49:ef:f8:6a:15:d7:b0:84:5d:b5:d6:57:e7:
f8:fb:96:fa:84:62:d3:52:1e:4a:72:ff:33:64:e3:
dc:e1:bc:9c:50:f8:92:ed:56:dd:01:e4:57:1f:e2:
8b:e5:67:c5:2f:27:57:35:d1:e6:19:ae:45:a8:9c:
84:c2:6a:c5:49:6a:40:56:79:43:9e:8a:b2:04:2d:
bf:97:32:4d:c6:b5:d8:a5:65:0d:eb:0a:a6:a1:88:
8e:39:ef:b5:cb:24:e2:30:27:d5:b4:ad:b0:c3:42:
28:2d:3f:06:bf:42:10:58:dc:86:f1:28:4e:f0:94:
b8:33:5d:8a:fb:4c:fd:90:fc:a3:81:c8:13:d9:86:
61:fc:72:ff:4b:60:df:56:3b:4b:8c:aa:a4:75:aa:
d9:a5:96:a5:2d:77:bd:42:54:c5:12:16:11:7e:ac:
a5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E4:A7:50:D4:06:06:AD:76:85:C8:93:06:AF:8A:ED:E0:3E:4B:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AOSnUNQGBq12hciTBq-K7eA-S2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.77.0/24
195.133.85.0-195.133.86.255
Signature Algorithm: sha256WithRSAEncryption
76:1d:d2:4d:a4:5f:84:40:03:37:64:53:94:b0:43:3b:2f:b5:
1d:9c:74:77:ab:5e:25:44:20:60:4f:13:28:09:90:03:2d:33:
c9:dd:23:39:b1:76:2f:8a:91:1d:69:77:bc:3b:6e:81:08:3d:
69:f4:0f:8e:67:fa:1d:79:43:2e:6b:22:11:78:23:ae:54:a2:
a6:1e:32:c8:27:dd:61:7b:87:54:5b:24:17:4e:5c:8a:b1:1b:
e3:9f:e9:a7:72:58:b7:d7:22:22:c4:2c:bf:8c:ec:de:79:ad:
86:4e:cc:24:a3:ce:2e:7c:c9:0c:27:94:d3:ae:47:b7:6f:6a:
36:1a:49:0e:a0:9e:4b:b6:4a:17:0c:a0:e7:20:d7:df:e8:99:
c3:26:a5:f9:b2:16:6a:2b:ee:51:ed:50:d8:1c:10:80:c5:66:
c3:76:7f:1d:51:4c:d6:f4:d1:ae:24:08:da:f7:d6:ba:5a:a1:
0f:96:72:6f:e2:5f:8b:f1:05:26:3f:a5:ad:69:fe:06:7e:13:
88:39:37:d7:b2:a9:23:0f:aa:37:f5:4b:27:f4:9d:e0:51:f5:
a3:2a:73:96:cb:f1:a3:42:11:f6:bd:b8:04:34:93:d4:18:4c:
cd:cb:bb:30:82:5d:a0:fc:71:fa:48:84:ed:d5:2c:4d:a1:1e:
58:4e:03:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYcWwR2NK4Ggeb5FYP80zjdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI1MDMxMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU0YTc1MGQ0MDYwNmFkNzY4NWM4OTMwNmFmOGFlZGUwM2U0YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVArAYe6wKmUgd4dFnAhrNVga/wZ
eerdAnfnmlVP97HS1nEU28ULJTVDcadkfSRGW9HaN6wz8dlWD+92GltAPX3D0wAP
jhzKujqP3t5W65QI6/mz1eObmF2vHUnv+GoV17CEXbXWV+f4+5b6hGLTUh5Kcv8z
ZOPc4bycUPiS7VbdAeRXH+KL5WfFLydXNdHmGa5FqJyEwmrFSWpAVnlDnoqyBC2/
lzJNxrXYpWUN6wqmoYiOOe+1yyTiMCfVtK2ww0IoLT8Gv0IQWNyG8ShO8JS4M12K
+0z9kPyjgcgT2YZh/HL/S2DfVjtLjKqkdarZpZalLXe9QlTFEhYRfqylbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFADkp1DUBgatdoXIkwaviu3gPktgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQU9TblVOUUdCcTEyaGNpVEJxLUs3ZUEtUzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAw4VNMAwD
BADDhVUDBADDhVYwDQYJKoZIhvcNAQELBQADggEBAHYd0k2kX4RAAzdkU5SwQzsv
tR2cdHerXiVEIGBPEygJkAMtM8ndIzmxdi+KkR1pd7w7boEIPWn0D45n+h15Qy5r
IhF4I65UoqYeMsgn3WF7h1RbJBdOXIqxG+Of6adyWLfXIiLELL+M7N55rYZOzCSj
zi58yQwnlNOuR7dvajYaSQ6gnku2ShcMoOcg19/omcMmpfmyFmor7lHtUNgcEIDF
ZsN2fx1RTNb00a4kCNr31rpaoQ+Wcm/iX4vxBSY/pa1p/gZ+E4g5N9eyqSMPqjf1
Syf0neBR9aMqc5bL8aNCEfa9uAQ0k9QYTM3LuzCCXaD8cfpIhO3VLE2hHlhOA/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org