Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IbbPmYQuDnSuuisN1AxJEQGNQ7E.roa
File: IbbPmYQuDnSuuisN1AxJEQGNQ7E.roa (raw, json)
Hash identifier: oAfOVF8QAsk6kA+LEZCqlVsshg4G1mnrtdQu2jba1bg=
Subject key identifier: 21:B6:CF:99:84:2E:0E:74:AE:BA:2B:0D:D4:0C:49:11:01:8D:43:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E792DBFC0743FF2DC2179F9C3459D4D59
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IbbPmYQuDnSuuisN1AxJEQGNQ7E.roa
Signing time: Tue 26 Mar 2024 05:13:45 +0000
ROA not before: Tue 26 Mar 2024 05:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.77.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:2d:bf:c0:74:3f:f2:dc:21:79:f9:c3:45:9d:4d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 26 05:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21b6cf99842e0e74aeba2b0dd40c4911018d43b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2b:c3:e1:c9:09:fc:dc:1b:19:0b:2e:31:ad:
b9:30:ed:c6:c7:08:f1:10:cc:1c:28:90:ed:e1:21:
73:47:a2:8d:13:b6:ba:18:92:35:07:1c:46:ba:a0:
7c:10:b6:33:19:aa:90:c8:9c:1b:ad:e5:76:5f:b4:
29:57:43:24:86:ad:26:a1:66:e9:0e:52:69:b9:61:
83:96:57:c2:f1:b0:92:43:2f:2d:44:e2:54:64:06:
4a:ed:0a:64:40:0d:29:1f:c3:ea:dc:5f:1a:ca:03:
ef:40:3a:93:b0:f6:49:51:13:8e:69:ea:ba:7c:17:
64:83:81:e3:ae:7d:2d:6f:0a:15:d7:0f:b6:ca:7a:
1f:2e:69:07:94:31:12:83:f7:2a:58:28:35:91:f2:
09:a3:20:a2:c3:64:1e:4b:d5:9b:72:3e:35:f1:c8:
60:1e:2f:46:f6:ca:fb:ab:77:d5:7b:fd:40:8e:c7:
de:53:17:95:be:81:2b:2b:7c:ad:bb:2f:26:47:33:
84:fd:f8:fb:34:ac:1c:93:58:d0:c7:66:09:f3:94:
08:bf:08:61:f8:3b:05:71:15:cd:6d:c5:e5:91:3d:
d5:78:3b:fe:ee:0e:60:f8:f4:28:b1:38:2b:54:3e:
fa:b2:16:84:c2:f0:56:85:30:f9:1b:cc:f2:18:60:
41:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B6:CF:99:84:2E:0E:74:AE:BA:2B:0D:D4:0C:49:11:01:8D:43:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IbbPmYQuDnSuuisN1AxJEQGNQ7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.77.0/24
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
03:8f:1a:26:70:23:cc:7f:91:58:51:29:46:9f:2b:e1:30:32:
ec:1b:62:51:ac:70:b4:02:bd:84:ec:ce:79:8d:96:95:a3:48:
ac:f7:59:44:90:64:33:e5:08:30:9e:13:45:ed:1a:8f:50:b8:
a9:77:0b:62:44:25:5a:a8:23:08:6b:40:25:fe:01:c9:17:79:
a9:62:69:ff:23:d7:00:f2:b4:08:c5:cf:56:bc:51:8f:48:3e:
af:47:0d:27:87:6b:33:dd:55:9e:25:3d:25:5b:dd:e7:db:bc:
07:3c:47:de:33:49:61:7e:c2:a5:30:17:88:07:16:d4:5e:f9:
26:15:12:a7:0a:1e:2e:c1:95:9b:3b:ef:c7:3c:c5:63:f2:b4:
14:67:05:30:a7:a1:00:15:c9:b0:f2:56:4a:a7:0a:fb:16:a6:
2a:db:ea:8a:a8:86:31:99:7c:3c:44:0b:fb:18:97:78:9d:c1:
89:06:79:88:93:35:66:e0:a2:02:37:fd:58:26:8d:c0:28:96:
3c:1c:d5:ab:54:89:aa:c1:81:99:53:47:15:35:db:d7:84:e8:
e9:64:1a:62:73:ce:3a:55:97:9a:44:db:81:08:29:67:27:a1:
77:1e:1a:3a:b1:43:76:79:08:e0:52:a2:bb:08:ce:0a:36:3d:
33:83:5e:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY55Lb/AdD/y3CF5+cNFnU1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzI2MDUxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI2Y2Y5OTg0MmUwZTc0YWViYTJiMGRkNDBjNDkxMTAxOGQ0M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApivD4ckJ/NwbGQsuMa25MO3Gxwjx
EMwcKJDt4SFzR6KNE7a6GJI1BxxGuqB8ELYzGaqQyJwbreV2X7QpV0Mkhq0moWbp
DlJpuWGDllfC8bCSQy8tROJUZAZK7QpkQA0pH8Pq3F8aygPvQDqTsPZJUROOaeq6
fBdkg4Hjrn0tbwoV1w+2ynofLmkHlDESg/cqWCg1kfIJoyCiw2QeS9Wbcj418chg
Hi9G9sr7q3fVe/1AjsfeUxeVvoErK3ytuy8mRzOE/fj7NKwck1jQx2YJ85QIvwhh
+DsFcRXNbcXlkT3VeDv+7g5g+PQosTgrVD76shaEwvBWhTD5G8zyGGBBNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCG2z5mELg50rrorDdQMSREBjUOxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSWJiUG1ZUXVEblN1dWlzTjFBeEpFUUdOUTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VNAwQA
w4VWMA0GCSqGSIb3DQEBCwUAA4IBAQADjxomcCPMf5FYUSlGnyvhMDLsG2JRrHC0
Ar2E7M55jZaVo0is91lEkGQz5QgwnhNF7RqPULipdwtiRCVaqCMIa0Al/gHJF3mp
Ymn/I9cA8rQIxc9WvFGPSD6vRw0nh2sz3VWeJT0lW93n27wHPEfeM0lhfsKlMBeI
BxbUXvkmFRKnCh4uwZWbO+/HPMVj8rQUZwUwp6EAFcmw8lZKpwr7FqYq2+qKqIYx
mXw8RAv7GJd4ncGJBnmIkzVm4KICN/1YJo3AKJY8HNWrVImqwYGZU0cVNdvXhOjp
ZBpic846VZeaRNuBCClnJ6F3Hho6sUN2eQjgUqK7CM4KNj0zg16C
-----END CERTIFICATE-----
Generated at Mon Sep 23 15:22:07 2024 by rpki-client on console-fra.rpki-client.org