Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D4_nz4QbvbyWBfwzzoltGcC36c0.roa
File: D4_nz4QbvbyWBfwzzoltGcC36c0.roa (raw, json)
Hash identifier: ApfT0dFoQDVm24BoCcJY8kWC14S0p94oPhMNzq8N2Vk=
Subject key identifier: 0F:8F:E7:CF:84:1B:BD:BC:96:05:FC:33:CE:89:6D:19:C0:B7:E9:CD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191EAD146CD5D9E5D7B0F7D88FFE4A013CB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D4_nz4QbvbyWBfwzzoltGcC36c0.roa
Signing time: Fri 13 Sep 2024 09:57:49 +0000
ROA not before: Fri 13 Sep 2024 09:57:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 195.133.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:d1:46:cd:5d:9e:5d:7b:0f:7d:88:ff:e4:a0:13:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 13 09:57:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8fe7cf841bbdbc9605fc33ce896d19c0b7e9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:06:35:bb:d8:53:e9:fb:17:86:4d:a2:b9:f1:
07:a6:5a:91:3d:fe:05:d9:a9:ac:c5:19:79:95:af:
1c:55:01:bd:5a:46:d0:78:18:87:4d:34:f1:48:ee:
69:22:b9:b5:fc:65:c8:4d:51:45:07:73:b7:f9:50:
88:4b:ff:6d:49:52:7b:03:53:43:4c:d6:0d:dc:16:
67:59:60:de:a8:52:76:26:9f:2d:c5:69:77:70:48:
4e:b2:26:c3:62:d1:f4:b0:bb:ea:b1:a5:7a:d3:dc:
b3:84:da:ad:2d:92:cb:13:99:7e:ed:9f:af:64:6d:
65:89:cb:70:58:5a:54:4a:a7:cc:39:2e:c4:ff:49:
b3:d1:02:cf:43:d1:c6:01:a7:82:18:b6:5a:e7:18:
ce:f0:f8:4b:64:bc:73:38:a7:a5:96:f4:cb:ff:a8:
2d:ee:e9:db:0a:e5:79:af:6a:15:9e:80:57:20:77:
90:aa:ec:f6:d2:4a:b0:04:cb:06:a9:e3:97:2f:c0:
94:84:3c:90:0a:9e:c9:f0:12:4a:a3:57:c1:31:f0:
4b:c3:63:1f:17:97:9e:a3:2d:ac:56:f3:1b:da:b5:
32:c9:91:3f:f3:00:77:08:48:cc:31:86:7e:c4:f1:
17:77:a0:cc:43:d0:0d:30:85:6d:25:20:6f:38:0d:
48:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8F:E7:CF:84:1B:BD:BC:96:05:FC:33:CE:89:6D:19:C0:B7:E9:CD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D4_nz4QbvbyWBfwzzoltGcC36c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.40.0/23
Signature Algorithm: sha256WithRSAEncryption
60:29:4f:97:ca:99:31:33:fb:72:af:e4:48:38:8d:62:dd:f5:
2a:4c:22:5c:e8:43:bc:0f:53:af:8e:97:39:d3:67:e4:1a:a1:
3f:54:37:b0:cc:c7:78:32:c1:26:c9:7d:f7:c7:fb:7b:63:94:
fb:2a:01:7f:db:a3:77:b9:4a:d6:f4:fd:a8:a1:03:62:ff:b9:
0b:a3:db:18:22:c3:2e:0c:89:5b:6a:24:d5:f8:fa:bb:e1:5b:
f0:0e:62:8d:3e:56:f4:cb:e9:da:0e:ab:a6:fa:14:84:6d:2d:
2f:20:0e:d2:b3:f2:95:79:33:2b:0f:72:84:b3:35:f1:42:ac:
3c:58:32:81:b0:e0:9d:12:38:45:3a:f9:86:9e:d7:15:db:01:
f6:10:fa:f2:c7:09:bd:83:46:a8:a1:d6:4a:af:49:af:d6:72:
62:55:78:09:5e:6d:fb:d4:41:6a:56:4a:74:f2:a2:07:6b:bf:
2f:d2:d2:a8:51:7f:56:a8:93:00:eb:3c:d5:03:af:b8:cc:2c:
5d:0d:0d:a1:97:66:ec:05:2d:13:7d:2b:2a:19:e2:c5:57:02:
ad:36:d5:12:1c:ab:d1:30:ea:6f:00:ce:00:60:fc:a3:6a:9d:
ff:1c:2c:64:54:db:6d:35:b1:64:6c:c4:4b:e3:6b:82:ce:bf:
14:b6:fa:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHq0UbNXZ5dew99iP/koBPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTEzMDk1NzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhmZTdjZjg0MWJiZGJjOTYwNWZjMzNjZTg5NmQxOWMwYjdlOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgY1u9hT6fsXhk2iufEHplqRPf4F
2amsxRl5la8cVQG9WkbQeBiHTTTxSO5pIrm1/GXITVFFB3O3+VCIS/9tSVJ7A1ND
TNYN3BZnWWDeqFJ2Jp8txWl3cEhOsibDYtH0sLvqsaV609yzhNqtLZLLE5l+7Z+v
ZG1lictwWFpUSqfMOS7E/0mz0QLPQ9HGAaeCGLZa5xjO8PhLZLxzOKellvTL/6gt
7unbCuV5r2oVnoBXIHeQquz20kqwBMsGqeOXL8CUhDyQCp7J8BJKo1fBMfBLw2Mf
F5eeoy2sVvMb2rUyyZE/8wB3CEjMMYZ+xPEXd6DMQ9ANMIVtJSBvOA1IqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+P58+EG728lgX8M86JbRnAt+nNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRDRfbno0UWJ2YnlXQmZ3enpvbHRHY0MzNmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4UoMA0G
CSqGSIb3DQEBCwUAA4IBAQBgKU+XypkxM/tyr+RIOI1i3fUqTCJc6EO8D1Ovjpc5
02fkGqE/VDewzMd4MsEmyX33x/t7Y5T7KgF/26N3uUrW9P2ooQNi/7kLo9sYIsMu
DIlbaiTV+Pq74VvwDmKNPlb0y+naDqum+hSEbS0vIA7Ss/KVeTMrD3KEszXxQqw8
WDKBsOCdEjhFOvmGntcV2wH2EPryxwm9g0aoodZKr0mv1nJiVXgJXm371EFqVkp0
8qIHa78v0tKoUX9WqJMA6zzVA6+4zCxdDQ2hl2bsBS0TfSsqGeLFVwKtNtUSHKvR
MOpvAM4AYPyjap3/HCxkVNttNbFkbMRL42uCzr8Utvo9
-----END CERTIFICATE-----
Generated at Mon Sep 23 15:22:07 2024 by rpki-client on console-fra.rpki-client.org