Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Id0-CTdQdTXBIwGxVcXJLo5v1q4.roa
File: Id0-CTdQdTXBIwGxVcXJLo5v1q4.roa (raw, json)
Hash identifier: +7G5CRvAQYgExN9uO7yTJTQsBJYEGH358nM25/M1iHs=
Subject key identifier: 21:DD:3E:09:37:50:75:35:C1:23:01:B1:55:C5:C9:2E:8E:6F:D6:AE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E40E09C1CC737690133ED739AD706CEA5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Id0-CTdQdTXBIwGxVcXJLo5v1q4.roa
Signing time: Fri 15 Mar 2024 06:50:45 +0000
ROA not before: Fri 15 Mar 2024 06:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 195.133.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 09:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:40:e0:9c:1c:c7:37:69:01:33:ed:73:9a:d7:06:ce:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 06:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21dd3e0937507535c12301b155c5c92e8e6fd6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:ef:80:3c:69:63:d2:28:67:f6:50:7a:2d:
70:cf:a8:c0:43:5b:c2:ec:a2:c1:21:01:87:b8:1c:
b1:1b:d7:d6:53:bc:8c:57:a2:89:29:9c:32:53:60:
0e:7a:f3:46:44:bc:b9:02:4e:1d:f8:87:fe:6c:7d:
09:13:1f:4d:1c:4b:a9:fd:47:41:ab:13:52:59:ff:
b8:02:c4:40:88:89:ee:5e:3d:ef:ac:1e:26:cf:c6:
5a:2a:19:ef:1a:32:dd:e8:71:b9:8a:5d:fd:48:2d:
6d:9b:12:48:56:74:9a:47:37:4c:c2:ba:a9:13:d7:
46:97:6d:45:87:5a:c5:09:3e:69:c3:27:cb:7b:38:
99:25:46:6c:04:d1:85:1e:9c:c7:81:25:4b:fb:94:
eb:85:da:27:f5:ff:21:da:49:47:39:dd:e5:06:20:
4c:25:28:48:12:39:e3:56:41:5d:98:01:92:35:0e:
4f:9b:08:f5:d1:33:56:30:63:19:4a:13:08:1b:42:
dd:91:4e:65:d3:09:4f:f8:9a:ae:b9:4a:d6:56:4d:
cf:e5:fa:8f:f1:66:4f:e4:95:dc:dc:16:f3:00:b6:
20:ab:a4:1a:9d:54:d2:b6:ed:c9:a7:14:19:5f:c0:
09:eb:32:f1:6e:d9:ea:78:74:0d:00:41:54:00:a9:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DD:3E:09:37:50:75:35:C1:23:01:B1:55:C5:C9:2E:8E:6F:D6:AE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Id0-CTdQdTXBIwGxVcXJLo5v1q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f8:15:2d:fb:b2:fc:34:bd:4d:a5:db:91:ef:81:e1:1e:1f:
ea:40:d4:89:73:e0:3b:a7:30:ec:12:e3:91:2a:84:da:12:db:
e3:3f:43:f5:cf:03:c8:18:cd:9b:dc:d3:eb:48:ef:51:eb:77:
77:bb:20:83:67:41:21:65:12:02:e1:d3:92:f5:f0:06:55:a3:
64:c0:88:0b:29:87:8b:0b:65:d9:ee:19:30:99:a5:04:e6:0f:
3e:06:1e:19:6b:2e:d2:22:e9:d2:33:8f:ce:fb:49:ea:50:88:
f0:65:f8:7e:50:fa:76:78:38:ea:06:ed:de:79:32:0b:db:0f:
f9:93:1f:fb:94:49:1c:ec:7d:25:0a:d7:c0:8f:a7:f6:7c:91:
8b:59:5f:25:f9:35:7a:6d:58:1b:01:15:d1:fd:70:50:1c:89:
33:71:25:f4:6f:69:a6:40:59:1f:43:1d:8f:ec:f8:01:15:f4:
61:1d:b8:c7:4d:c9:40:44:f8:2e:70:4d:7a:7a:d6:68:7d:a5:
4a:08:ac:12:99:cf:76:76:6f:ee:ec:3d:d2:96:c2:00:e0:a8:
d8:1f:c6:7a:59:ab:02:29:ec:11:85:72:5d:e5:2d:06:45:0c:
4a:e3:f6:39:62:b8:e4:c7:63:7d:d7:7d:3e:e1:40:76:cf:b5:
bf:7f:70:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5A4JwcxzdpATPtc5rXBs6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzE1MDY1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWRkM2UwOTM3NTA3NTM1YzEyMzAxYjE1NWM1YzkyZThlNmZkNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu73vgDxpY9IoZ/ZQei1wz6jAQ1vC
7KLBIQGHuByxG9fWU7yMV6KJKZwyU2AOevNGRLy5Ak4d+If+bH0JEx9NHEup/UdB
qxNSWf+4AsRAiInuXj3vrB4mz8ZaKhnvGjLd6HG5il39SC1tmxJIVnSaRzdMwrqp
E9dGl21Fh1rFCT5pwyfLeziZJUZsBNGFHpzHgSVL+5Trhdon9f8h2klHOd3lBiBM
JShIEjnjVkFdmAGSNQ5Pmwj10TNWMGMZShMIG0LdkU5l0wlP+JquuUrWVk3P5fqP
8WZP5JXc3BbzALYgq6QanVTStu3JpxQZX8AJ6zLxbtnqeHQNAEFUAKldiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHdPgk3UHU1wSMBsVXFyS6Ob9auMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSWQwLUNUZFFkVFhCSXdHeFZjWEpMbzV2MXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UCMA0G
CSqGSIb3DQEBCwUAA4IBAQBO+BUt+7L8NL1NpduR74HhHh/qQNSJc+A7pzDsEuOR
KoTaEtvjP0P1zwPIGM2b3NPrSO9R63d3uyCDZ0EhZRIC4dOS9fAGVaNkwIgLKYeL
C2XZ7hkwmaUE5g8+Bh4Zay7SIunSM4/O+0nqUIjwZfh+UPp2eDjqBu3eeTIL2w/5
kx/7lEkc7H0lCtfAj6f2fJGLWV8l+TV6bVgbARXR/XBQHIkzcSX0b2mmQFkfQx2P
7PgBFfRhHbjHTclARPgucE16etZofaVKCKwSmc92dm/u7D3SlsIA4KjYH8Z6WasC
KewRhXJd5S0GRQxK4/Y5Yrjkx2N9130+4UB2z7W/f3BK
-----END CERTIFICATE-----
Generated at Wed Apr 24 11:55:19 2024 by rpki-client on console-fra.rpki-client.org