Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J2u2W3xLfiiQqjp02fEXH4rElVY.roa
File: J2u2W3xLfiiQqjp02fEXH4rElVY.roa (raw, json)
Hash identifier: Wvx57mueK/o7S+nfQMdY2HngHS0Fy9oSgCwoUqp1a1c=
Subject key identifier: 27:6B:B6:5B:7C:4B:7E:28:90:AA:3A:74:D9:F1:17:1F:8A:C4:95:56
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C08CF222425C81C365DC37C8AF524D09F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J2u2W3xLfiiQqjp02fEXH4rElVY.roa
Signing time: Sat 25 Nov 2023 23:27:21 +0000
ROA not before: Sat 25 Nov 2023 23:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 193.124.36.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:08:cf:22:24:25:c8:1c:36:5d:c3:7c:8a:f5:24:d0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 25 23:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=276bb65b7c4b7e2890aa3a74d9f1171f8ac49556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:62:af:03:73:83:9d:96:51:1b:5a:f1:9b:
6e:2d:e1:1f:4e:83:62:e9:f8:27:18:13:5c:1f:9e:
83:40:c9:81:18:d4:63:55:6a:62:a1:4a:e0:4a:43:
da:f4:f5:b5:91:83:2c:99:f3:e3:48:30:b0:00:61:
b0:29:d7:2b:6f:d1:35:a0:44:5f:78:d3:9a:05:86:
73:ce:c9:09:03:71:19:84:52:ed:76:03:e3:c5:0d:
1e:06:73:4d:b7:34:ac:5b:ee:cb:a8:8c:12:7d:40:
3c:2e:78:3a:60:68:7a:08:25:50:fd:2f:84:cb:1f:
cc:2f:45:26:2b:53:35:b3:e0:72:5c:d6:f3:53:9f:
b8:70:42:a9:ab:6a:4e:50:80:0d:e4:e0:df:50:e4:
0c:5c:f6:ce:a3:59:a0:a3:ac:92:0b:bc:95:9d:e0:
d6:cb:d1:11:88:db:4d:42:71:46:a8:e5:eb:52:3a:
f2:c7:85:e9:ef:65:05:80:8d:9b:46:e0:1e:b6:1d:
7b:7d:25:5b:3d:cb:c3:c1:eb:4e:ec:08:11:c0:f4:
6b:d7:72:14:2e:5f:e7:a3:04:1a:9c:b0:39:af:21:
85:55:48:19:85:07:0e:df:8d:50:dd:d7:9c:08:13:
0f:23:90:b0:8b:db:2c:f2:0e:01:23:0b:ae:41:a1:
20:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6B:B6:5B:7C:4B:7E:28:90:AA:3A:74:D9:F1:17:1F:8A:C4:95:56
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J2u2W3xLfiiQqjp02fEXH4rElVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.36.0/24
194.87.73.0/24
194.87.133.0/24
195.58.36.0/24
195.133.2.0/24
195.133.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:25:09:23:3f:0d:10:46:bb:45:68:d2:30:ad:51:22:f8:bc:
23:33:dc:71:b6:22:2c:d5:2d:71:20:4b:dd:5c:31:37:dd:bb:
01:38:32:c3:8a:c0:75:58:98:71:7c:d4:75:48:70:c4:7f:d5:
fb:5f:2d:8f:ad:91:c4:d0:31:fc:cc:ba:b5:87:da:0d:88:0d:
d0:e5:d8:ef:42:4a:25:a6:73:74:1d:87:1d:23:31:28:0f:1d:
c8:0a:f8:f2:e4:99:ee:65:e7:0c:29:29:10:72:3b:c4:ee:68:
be:ab:42:6e:94:21:43:fc:de:2c:73:46:96:59:a3:78:f4:ea:
1a:48:b6:33:9e:41:d0:1e:85:5e:83:bc:2d:f0:df:a2:aa:9c:
57:76:b3:11:69:0a:22:88:1a:c9:2c:9d:d9:48:a9:3f:eb:d7:
e8:32:36:a1:37:90:e5:56:6c:9a:49:a0:45:f5:e8:07:60:1d:
ba:dc:c3:66:9b:e3:c6:a9:53:e9:fc:04:62:08:37:7a:ba:65:
85:3b:df:be:5d:65:56:26:ff:db:36:38:6b:cc:58:33:12:61:
e1:de:75:a7:41:ae:7d:ed:6b:64:c4:fe:8b:65:8d:2d:cd:9b:
18:2e:e8:f5:0b:a6:cc:8a:38:3b:2a:31:97:fa:ea:2b:8b:b7:
2f:f6:a6:c5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwIzyIkJcgcNl3DfIr1JNCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI1MjMyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZiYjY1YjdjNGI3ZTI4OTBhYTNhNzRkOWYxMTcxZjhhYzQ5NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAlirwNzg52WURta8ZtuLeEfToNi
6fgnGBNcH56DQMmBGNRjVWpioUrgSkPa9PW1kYMsmfPjSDCwAGGwKdcrb9E1oERf
eNOaBYZzzskJA3EZhFLtdgPjxQ0eBnNNtzSsW+7LqIwSfUA8Lng6YGh6CCVQ/S+E
yx/ML0UmK1M1s+ByXNbzU5+4cEKpq2pOUIAN5ODfUOQMXPbOo1mgo6ySC7yVneDW
y9ERiNtNQnFGqOXrUjryx4Xp72UFgI2bRuAeth17fSVbPcvDwetO7AgRwPRr13IU
Ll/nowQanLA5ryGFVUgZhQcO341Q3decCBMPI5Cwi9ss8g4BIwuuQaEg0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCdrtlt8S34okKo6dNnxFx+KxJVWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSjJ1MlczeExmaWlRcWpwMDJmRVhINHJFbFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwkAwQA
wldJAwQAwleFAwQAwzokAwQAw4UCAwQAw4UfMA0GCSqGSIb3DQEBCwUAA4IBAQBc
JQkjPw0QRrtFaNIwrVEi+LwjM9xxtiIs1S1xIEvdXDE33bsBODLDisB1WJhxfNR1
SHDEf9X7Xy2PrZHE0DH8zLq1h9oNiA3Q5djvQkolpnN0HYcdIzEoDx3ICvjy5Jnu
ZecMKSkQcjvE7mi+q0JulCFD/N4sc0aWWaN49OoaSLYznkHQHoVeg7wt8N+iqpxX
drMRaQoiiBrJLJ3ZSKk/69foMjahN5DlVmyaSaBF9egHYB263MNmm+PGqVPp/ARi
CDd6umWFO9++XWVWJv/bNjhrzFgzEmHh3nWnQa597WtkxP6LZY0tzZsYLuj1C6bM
ijg7KjGX+uori7cv9qbF
-----END CERTIFICATE-----
Generated at Mon Nov 27 10:20:58 2023 by rpki-client on console-ams.rpki-client.org