Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I2W-3aVI17LdftS_5Abhz2v9EFs.roa
File: I2W-3aVI17LdftS_5Abhz2v9EFs.roa (raw, json)
Hash identifier: ohUGEgbC4o3fQ5ASNjNV4lsmcJJIS4y2rPV+sJ+g9mI=
Subject key identifier: 23:65:BE:DD:A5:48:D7:B2:DD:7E:D4:BF:E4:06:E1:CF:6B:FD:10:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01921E8423BE3C6519083B75131CA7E4F27B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I2W-3aVI17LdftS_5Abhz2v9EFs.roa
Signing time: Mon 23 Sep 2024 10:53:49 +0000
ROA not before: Mon 23 Sep 2024 10:53:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 10:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:84:23:be:3c:65:19:08:3b:75:13:1c:a7:e4:f2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 23 10:53:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2365bedda548d7b2dd7ed4bfe406e1cf6bfd105b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:3d:2b:b4:ee:1b:f9:0b:e1:e8:3f:3c:97:
21:71:34:c6:74:1c:91:11:26:3e:72:c5:4a:32:29:
ef:f0:db:92:64:e4:1d:c6:69:36:3e:71:d2:8f:b7:
ad:56:6a:ce:88:5f:6e:50:fa:a3:84:50:ec:28:63:
a9:7c:26:0d:4b:12:67:81:85:3d:ea:30:82:77:3e:
e3:39:02:df:2e:7a:3b:ca:f5:08:1b:68:bd:1c:92:
77:25:da:3f:1c:42:3a:bd:61:78:c5:51:72:38:50:
b4:86:99:2a:5d:34:da:3d:86:63:a6:94:dc:b9:31:
23:9a:87:af:e5:79:ac:15:6b:f4:f9:9b:48:e1:83:
4c:e1:c5:0e:bf:e6:3c:80:d9:7c:4b:cc:e6:ab:a4:
91:9c:a4:5a:fc:4e:3c:d5:75:df:e2:4e:2b:39:b2:
60:f1:3b:13:a2:c5:bc:1d:d8:ba:68:fe:ac:f2:a3:
65:81:50:b7:a6:35:c1:48:b6:ca:ef:b2:1f:29:d4:
52:06:02:e3:73:1b:44:9f:2e:78:be:7e:af:bd:c1:
a5:2d:5a:18:59:af:1b:bb:28:da:f7:36:77:a0:ff:
ae:e3:10:47:e5:1d:aa:50:f8:a4:2a:81:f7:82:c5:
15:04:15:00:1b:c6:48:55:31:85:5d:d1:5d:70:50:
21:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:65:BE:DD:A5:48:D7:B2:DD:7E:D4:BF:E4:06:E1:CF:6B:FD:10:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/I2W-3aVI17LdftS_5Abhz2v9EFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
06:bf:22:a6:af:d8:fc:cc:35:ba:a7:cb:55:7b:88:52:07:4b:
7b:b8:f6:22:20:13:0e:0b:4d:62:80:af:60:51:63:ae:b3:e5:
55:88:f3:c3:d2:d0:8b:68:37:f6:38:75:d7:42:4b:00:77:7e:
7b:6f:17:ad:e5:0a:d6:98:70:36:a6:98:c6:2d:1c:88:63:87:
4e:59:6b:1a:35:2e:3a:a4:51:84:47:ef:7d:c2:f2:19:18:b6:
d7:26:4d:17:55:8b:85:ed:0c:b1:b8:af:38:78:e3:65:fe:e1:
4c:02:e1:58:f4:f3:6b:74:b5:16:98:d8:00:83:79:46:4f:ab:
36:b2:34:a5:cc:0f:44:e4:c4:7f:3f:24:61:0e:f0:fb:0f:72:
c9:ff:39:8f:1f:4c:e2:e4:ee:35:23:07:33:fe:05:7f:f9:42:
5e:30:e2:d3:25:dc:7b:12:19:a2:e1:3d:71:0e:1e:76:9b:69:
46:9a:3e:54:dc:e9:47:6f:86:e0:c0:41:2a:c3:1a:89:a7:7f:
92:9c:ee:c4:84:96:b9:8d:1b:47:13:6c:7d:bc:0a:50:be:df:
c6:bd:9b:2d:4f:cd:f3:4e:31:5f:bf:a6:d1:1c:b4:15:dc:10:
ad:bb:3f:c9:53:70:61:09:64:30:44:1f:7f:af:4e:f1:3f:4c:
f2:42:59:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIehCO+PGUZCDt1Exyn5PJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTIzMTA1MzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY1YmVkZGE1NDhkN2IyZGQ3ZWQ0YmZlNDA2ZTFjZjZiZmQxMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUU9K7TuG/kL4eg/PJchcTTGdByR
ESY+csVKMinv8NuSZOQdxmk2PnHSj7etVmrOiF9uUPqjhFDsKGOpfCYNSxJngYU9
6jCCdz7jOQLfLno7yvUIG2i9HJJ3Jdo/HEI6vWF4xVFyOFC0hpkqXTTaPYZjppTc
uTEjmoev5XmsFWv0+ZtI4YNM4cUOv+Y8gNl8S8zmq6SRnKRa/E481XXf4k4rObJg
8TsTosW8Hdi6aP6s8qNlgVC3pjXBSLbK77IfKdRSBgLjcxtEny54vn6vvcGlLVoY
Wa8buyja9zZ3oP+u4xBH5R2qUPikKoH3gsUVBBUAG8ZIVTGFXdFdcFAhvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNlvt2lSNey3X7Uv+QG4c9r/RBbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSTJXLTNhVkkxN0xkZnRTXzVBYmh6MnY5RUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4VWMA0G
CSqGSIb3DQEBCwUAA4IBAQAGvyKmr9j8zDW6p8tVe4hSB0t7uPYiIBMOC01igK9g
UWOus+VViPPD0tCLaDf2OHXXQksAd357bxet5QrWmHA2ppjGLRyIY4dOWWsaNS46
pFGER+99wvIZGLbXJk0XVYuF7QyxuK84eONl/uFMAuFY9PNrdLUWmNgAg3lGT6s2
sjSlzA9E5MR/PyRhDvD7D3LJ/zmPH0zi5O41Iwcz/gV/+UJeMOLTJdx7Ehmi4T1x
Dh52m2lGmj5U3OlHb4bgwEEqwxqJp3+SnO7EhJa5jRtHE2x9vApQvt/GvZstT83z
TjFfv6bRHLQV3BCtuz/JU3BhCWQwRB9/r07xP0zyQlkg
-----END CERTIFICATE-----
Generated at Fri Oct 4 13:33:05 2024 by rpki-client on console-fra.rpki-client.org