Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AVObiAiswbCIw-1WMTiEaf4UQNs.roa
File: AVObiAiswbCIw-1WMTiEaf4UQNs.roa (raw, json)
Hash identifier: +aFdV6l3/Oy362he0txO3+sn4AOd0CGJ3Znf4bAv0o8=
Subject key identifier: 01:53:9B:88:08:AC:C1:B0:88:C3:ED:56:31:38:84:69:FE:14:40:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A03946D3B07F5951E5E8C50D76C054802
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AVObiAiswbCIw-1WMTiEaf4UQNs.roa
Signing time: Thu 17 Aug 2023 12:59:33 +0000
ROA not before: Thu 17 Aug 2023 12:59:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 195.133.194.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Aug 2023 13:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:94:6d:3b:07:f5:95:1e:5e:8c:50:d7:6c:05:48:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 17 12:59:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01539b8808acc1b088c3ed5631388469fe1440db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:17:51:b7:35:12:8b:40:da:7b:fd:53:81:35:
53:03:9e:1d:82:bc:ac:cb:f4:b5:13:68:93:c8:40:
3c:96:eb:91:92:0c:a0:60:ea:4c:e3:97:7c:e6:34:
f7:94:31:4c:2f:2c:8d:25:53:b3:37:6a:a2:14:30:
fc:26:30:35:39:ac:28:b6:74:23:0d:bc:b3:c8:dc:
f5:33:35:92:0a:3a:09:84:23:dd:a8:af:9a:51:8c:
3b:5c:4f:b5:a7:65:75:c0:83:b9:ae:09:02:63:bd:
76:b1:a9:aa:04:df:a3:87:3c:44:39:61:ac:ea:31:
51:28:02:f6:14:31:7b:f0:03:16:72:93:23:b2:a4:
02:80:9f:c0:b7:36:c4:40:d3:71:e5:07:d2:82:41:
58:6e:0a:85:4b:ee:bf:81:47:3e:d6:cd:ae:dc:c6:
5a:c0:69:59:4f:d0:dd:79:47:c0:10:8e:31:94:97:
fa:e6:eb:28:fb:0b:fd:02:7a:15:18:e8:59:cc:bf:
3f:f6:ce:63:83:84:cf:96:8c:7b:ad:4e:54:a1:f0:
34:c5:f7:14:97:ff:c7:34:9c:60:c0:f9:39:98:1a:
41:e4:88:34:e5:10:3b:58:a0:42:3d:a3:bc:86:5c:
3d:5e:67:be:db:8c:24:fc:fc:15:e2:39:7b:cc:40:
65:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:53:9B:88:08:AC:C1:B0:88:C3:ED:56:31:38:84:69:FE:14:40:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AVObiAiswbCIw-1WMTiEaf4UQNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.30.0/24
195.133.194.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d8:77:60:82:30:e9:47:53:c4:1c:04:32:d8:8e:92:d7:07:
b3:f5:bc:4d:24:b5:d5:46:00:3f:68:b2:a7:52:0c:92:a3:ab:
4c:41:46:fc:72:8a:98:f3:ae:b1:86:ce:38:e3:b0:4e:fb:fc:
c7:47:38:90:a9:97:d8:2d:dc:55:c4:8b:8e:53:e6:71:28:1e:
a6:a0:4a:89:91:a8:ab:e6:18:63:9d:d3:9d:09:9e:9f:23:b1:
8c:86:49:4d:14:cc:4c:5b:73:54:8d:c1:6c:1e:02:a9:92:7f:
f3:e5:48:8d:ad:2b:64:94:84:6a:59:d4:4e:7a:76:ce:f4:9b:
93:f7:3c:55:7d:cf:83:c7:45:48:92:cb:e4:93:1e:69:d1:a6:
8b:df:8d:61:56:21:9b:ec:04:d0:8b:ee:ba:42:7b:7b:b4:c1:
8b:b5:13:e8:4e:8b:d6:5b:54:aa:ea:53:19:b6:b3:31:0e:8d:
d2:c8:e0:3b:25:85:ad:1e:9e:51:9f:ad:24:65:e0:5f:ed:54:
d7:e5:4b:a1:e1:c6:93:c3:e8:c2:1e:93:cd:a0:6c:1e:77:3c:
85:5a:e2:5e:10:5e:eb:72:a7:c2:93:24:0b:8e:f1:de:46:1a:
39:bc:0f:b2:57:fe:f4:32:2c:a3:4b:ee:d1:49:82:23:7d:2d:
4a:63:5a:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoDlG07B/WVHl6MUNdsBUgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE3MTI1OTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTUzOWI4ODA4YWNjMWIwODhjM2VkNTYzMTM4ODQ2OWZlMTQ0MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBdRtzUSi0Dae/1TgTVTA54dgrys
y/S1E2iTyEA8luuRkgygYOpM45d85jT3lDFMLyyNJVOzN2qiFDD8JjA1OawotnQj
DbyzyNz1MzWSCjoJhCPdqK+aUYw7XE+1p2V1wIO5rgkCY712samqBN+jhzxEOWGs
6jFRKAL2FDF78AMWcpMjsqQCgJ/AtzbEQNNx5QfSgkFYbgqFS+6/gUc+1s2u3MZa
wGlZT9DdeUfAEI4xlJf65uso+wv9AnoVGOhZzL8/9s5jg4TPlox7rU5UofA0xfcU
l//HNJxgwPk5mBpB5Ig05RA7WKBCPaO8hlw9Xme+24wk/PwV4jl7zEBlwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAFTm4gIrMGwiMPtVjE4hGn+FEDbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQVZPYmlBaXN3YkNJdy0xV01UaUVhZjRVUU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwoceAwQA
w4XCAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQBq2HdggjDpR1PEHAQy2I6S1wez
9bxNJLXVRgA/aLKnUgySo6tMQUb8coqY866xhs4447BO+/zHRziQqZfYLdxVxIuO
U+ZxKB6moEqJkair5hhjndOdCZ6fI7GMhklNFMxMW3NUjcFsHgKpkn/z5UiNrStk
lIRqWdROenbO9JuT9zxVfc+Dx0VIksvkkx5p0aaL341hViGb7ATQi+66Qnt7tMGL
tRPoTovWW1Sq6lMZtrMxDo3SyOA7JYWtHp5Rn60kZeBf7VTX5Uuh4caTw+jCHpPN
oGwedzyFWuJeEF7rcqfCkyQLjvHeRho5vA+yV/70MiyjS+7RSYIjfS1KY1qf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org