Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DKXvI4nnsGnG1tDIIou9qKr9TMw.roa
File: DKXvI4nnsGnG1tDIIou9qKr9TMw.roa (raw, json)
Hash identifier: cNWfyUHbgIXu66MZiIkGK/a7qOSlONSlscfUV54YkVc=
Subject key identifier: 0C:A5:EF:23:89:E7:B0:69:C6:D6:D0:C8:22:8B:BD:A8:AA:FD:4C:CC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A840652C653D7B9260110D86634D8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DKXvI4nnsGnG1tDIIou9qKr9TMw.roa
Signing time: Tue 02 Jan 2024 12:33:53 +0000
ROA not before: Tue 02 Jan 2024 12:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 195.133.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 17 Oct 2024 06:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:84:06:52:c6:53:d7:b9:26:01:10:d8:66:34:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ca5ef2389e7b069c6d6d0c8228bbda8aafd4ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:72:17:9a:03:19:ef:28:4d:fe:cc:ac:19:ff:
84:1a:23:05:53:fc:b0:dc:03:5e:1d:ec:46:ee:f4:
df:76:66:67:fd:b8:08:30:83:46:80:65:32:34:16:
5f:c0:2e:b7:3c:6c:f5:ad:fd:4c:f3:88:29:8d:b0:
dc:b1:68:d6:2d:d0:91:17:e1:4a:c4:03:14:6a:d6:
7f:79:2b:38:b1:6d:66:c2:43:17:3d:31:20:09:ac:
1d:0a:e7:55:e1:62:90:5e:7b:f6:06:2e:d3:e7:8a:
d5:b7:1d:65:fc:38:b4:7a:75:f1:30:c8:37:88:d1:
f9:83:8f:12:6d:6e:e8:16:d9:d3:9f:74:a6:dd:24:
bd:2c:5d:3a:86:d1:46:05:65:5b:af:6d:25:b6:3c:
65:3e:aa:93:c1:93:39:f4:25:96:a9:45:23:a3:e8:
01:93:78:21:ea:82:a1:fa:c7:6e:97:4b:93:0c:b6:
c8:d6:5e:8f:23:21:23:36:0b:1b:b9:88:f0:51:d1:
8b:68:96:15:15:78:4f:b9:a8:b8:61:e5:43:da:6b:
3a:cc:80:fe:7c:7f:69:46:cd:7d:40:10:71:ba:a6:
96:e0:7b:cc:42:56:fc:44:6b:ab:34:ed:31:db:b2:
d1:f2:af:c1:c4:e0:17:02:c4:02:c3:76:e0:d3:71:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A5:EF:23:89:E7:B0:69:C6:D6:D0:C8:22:8B:BD:A8:AA:FD:4C:CC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DKXvI4nnsGnG1tDIIou9qKr9TMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.60.0/22
Signature Algorithm: sha256WithRSAEncryption
36:08:fa:39:a9:8a:c5:1a:55:ca:ba:e6:48:6e:8a:77:af:8b:
bc:f4:eb:b3:be:d4:4f:b5:dc:c4:8c:b7:df:1f:c0:11:ee:9c:
d3:ba:bd:87:f2:c1:b5:8a:5f:70:12:c5:66:9e:2e:14:83:0b:
a7:79:09:1c:dc:3d:42:fa:ba:c0:9b:e3:bd:c4:a7:56:b6:63:
d2:23:c0:bb:65:36:28:b6:19:7b:67:f8:41:3f:3d:87:7f:0a:
3e:00:98:a9:1b:8f:44:53:e1:5a:e2:a2:27:49:18:32:89:87:
b7:25:4a:e6:93:6e:14:ed:bd:1b:dd:53:ac:c1:15:5e:fd:93:
ff:6e:76:16:6e:ff:ec:a9:cc:0c:b1:6f:0e:79:be:8c:04:6c:
fb:8f:c5:00:98:8e:f7:b3:84:34:6d:db:88:c6:10:67:1a:33:
47:33:cb:22:6f:87:28:f4:35:99:f2:3e:5d:9f:91:bb:6e:7a:
df:e4:ee:13:93:08:48:42:82:c2:d0:d5:29:34:1d:da:18:81:
53:10:f7:5c:94:12:cc:61:a9:61:ba:8b:f6:cf:2f:d7:a2:14:
6f:56:d9:12:d6:36:c3:23:ef:c3:b7:43:44:a8:c2:c0:d9:6b:
d6:0e:20:c9:69:f1:08:85:71:2e:a8:9c:da:e0:a7:c0:45:b6:
6a:3d:d4:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKoQGUsZT17kmARDYZjTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E1ZWYyMzg5ZTdiMDY5YzZkNmQwYzgyMjhiYmRhOGFhZmQ0Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXIXmgMZ7yhN/sysGf+EGiMFU/yw
3ANeHexG7vTfdmZn/bgIMINGgGUyNBZfwC63PGz1rf1M84gpjbDcsWjWLdCRF+FK
xAMUatZ/eSs4sW1mwkMXPTEgCawdCudV4WKQXnv2Bi7T54rVtx1l/Di0enXxMMg3
iNH5g48SbW7oFtnTn3Sm3SS9LF06htFGBWVbr20ltjxlPqqTwZM59CWWqUUjo+gB
k3gh6oKh+sdul0uTDLbI1l6PIyEjNgsbuYjwUdGLaJYVFXhPuai4YeVD2ms6zID+
fH9pRs19QBBxuqaW4HvMQlb8RGurNO0x27LR8q/BxOAXAsQCw3bg03Hj4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyl7yOJ57BpxtbQyCKLvaiq/UzMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvREtYdkk0bm5zR25HMXRESUlvdTlxS3I5VE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4U8MA0G
CSqGSIb3DQEBCwUAA4IBAQA2CPo5qYrFGlXKuuZIbop3r4u89OuzvtRPtdzEjLff
H8AR7pzTur2H8sG1il9wEsVmni4UgwuneQkc3D1C+rrAm+O9xKdWtmPSI8C7ZTYo
thl7Z/hBPz2Hfwo+AJipG49EU+Fa4qInSRgyiYe3JUrmk24U7b0b3VOswRVe/ZP/
bnYWbv/sqcwMsW8Oeb6MBGz7j8UAmI73s4Q0bduIxhBnGjNHM8sib4co9DWZ8j5d
n5G7bnrf5O4TkwhIQoLC0NUpNB3aGIFTEPdclBLMYalhuov2zy/XohRvVtkS1jbD
I+/Dt0NEqMLA2WvWDiDJafEIhXEuqJza4KfARbZqPdRl
-----END CERTIFICATE-----
Generated at Thu Oct 17 08:44:51 2024 by rpki-client on console-ams.rpki-client.org