Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JEXUYRSzqo7yOYX8YXui5BK2tIY.roa
File: JEXUYRSzqo7yOYX8YXui5BK2tIY.roa (raw, json)
Hash identifier: xlLp3efaPVzHsRoSLunbLUs98sqJlYTdn6+qDyAxrMI=
Subject key identifier: 24:45:D4:61:14:B3:AA:8E:F2:39:85:FC:61:7B:A2:E4:12:B6:B4:86
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01872353089540263C5AF779544611F97780
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JEXUYRSzqo7yOYX8YXui5BK2tIY.roa
Signing time: Mon 27 Mar 2023 13:47:36 +0000
ROA not before: Mon 27 Mar 2023 13:47:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 05:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:53:08:95:40:26:3c:5a:f7:79:54:46:11:f9:77:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 27 13:47:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2445d46114b3aa8ef23985fc617ba2e412b6b486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:dd:9c:3e:69:15:87:dc:9d:11:2f:4e:7e:
4b:d7:70:60:b0:13:55:c8:8c:1b:d8:1d:ef:80:fe:
a6:01:43:cf:eb:12:2c:a0:29:61:50:24:72:f2:8e:
0f:e7:17:00:83:16:92:c8:03:ca:be:84:9e:ce:e4:
62:6f:8f:13:da:19:05:0a:45:09:1c:aa:3e:07:e9:
b7:fc:ca:43:ba:da:d0:29:e2:b4:03:6c:f8:45:f5:
c2:15:ee:bc:e8:c2:30:ec:ba:96:81:b7:df:a0:d0:
54:1e:03:d2:f5:0c:1d:a6:5d:72:fc:e6:74:c5:d3:
b5:74:5c:d8:ba:b9:e0:15:af:b1:b5:e5:3b:b3:a1:
c1:08:5e:af:65:4b:d4:3c:c5:f4:96:26:42:8c:41:
72:9b:74:c0:c0:fd:38:94:1b:5c:8c:69:b5:16:53:
e1:d8:3e:2b:13:38:e9:9e:23:92:28:86:93:fe:09:
a6:f6:66:d4:13:3f:04:bd:35:a4:aa:24:e0:b7:5a:
de:30:a3:cb:54:51:ca:bf:81:0d:96:be:9a:46:25:
42:1d:2d:e4:c6:20:cd:69:05:d7:e5:fd:71:48:4d:
0b:de:66:38:d6:06:95:c0:24:bb:4f:1d:f2:2a:1b:
f2:bb:24:54:94:45:68:d2:46:ee:d8:92:49:87:6e:
40:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:45:D4:61:14:B3:AA:8E:F2:39:85:FC:61:7B:A2:E4:12:B6:B4:86
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JEXUYRSzqo7yOYX8YXui5BK2tIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.162.0/24
195.133.73.0/24
195.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a3:3e:d4:be:81:c6:55:5d:69:1e:a0:bb:ad:11:2a:6f:1b:
b5:6b:d8:67:5c:cf:30:e3:c8:ed:b0:4f:6f:af:b9:13:05:0c:
78:8c:2e:cd:80:bc:3c:74:c7:e0:33:46:26:9e:36:16:2a:e4:
a4:a3:03:1f:0d:c0:29:0f:12:fb:ad:49:ab:a0:71:21:8b:67:
f6:8f:13:ac:f5:b5:b5:03:b9:d2:b4:46:42:1b:c5:ab:3b:82:
1f:bc:00:1d:16:75:d7:08:ab:a4:37:0a:26:ce:22:ec:4f:0d:
f3:be:98:00:3a:00:dc:34:14:dd:56:be:98:72:0f:4a:42:e6:
e3:2a:70:cc:fe:cc:3b:f5:a9:76:a6:9c:41:a6:9b:57:f6:42:
7a:ee:61:41:db:39:64:99:24:79:6c:f7:da:d9:c7:fa:e1:4c:
7a:2d:fb:bb:d1:ea:9c:eb:7d:04:76:ba:07:67:96:b7:97:50:
54:b0:3a:c1:d1:72:a6:20:42:c8:0c:41:5a:fc:f5:bf:7b:ec:
2e:6f:f4:48:bd:a3:13:3a:75:ff:ed:09:fd:05:00:d4:8b:22:
81:8d:3a:22:94:4d:04:58:df:5e:50:79:54:30:56:85:5d:05:
d6:ed:ea:13:e6:18:aa:ba:e8:91:d1:2b:42:d1:ae:2b:b0:fe:
12:f8:89:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcjUwiVQCY8Wvd5VEYR+XeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI3MTM0NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ1ZDQ2MTE0YjNhYThlZjIzOTg1ZmM2MTdiYTJlNDEyYjZiNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh/dnD5pFYfcnREvTn5L13BgsBNV
yIwb2B3vgP6mAUPP6xIsoClhUCRy8o4P5xcAgxaSyAPKvoSezuRib48T2hkFCkUJ
HKo+B+m3/MpDutrQKeK0A2z4RfXCFe686MIw7LqWgbffoNBUHgPS9Qwdpl1y/OZ0
xdO1dFzYurngFa+xteU7s6HBCF6vZUvUPMX0liZCjEFym3TAwP04lBtcjGm1FlPh
2D4rEzjpniOSKIaT/gmm9mbUEz8EvTWkqiTgt1reMKPLVFHKv4ENlr6aRiVCHS3k
xiDNaQXX5f1xSE0L3mY41gaVwCS7Tx3yKhvyuyRUlEVo0kbu2JJJh25AkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCRF1GEUs6qO8jmF/GF7ouQStrSGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSkVYVVlSU3pxbzd5T1lYOFlYdWk1QksydElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwleiAwQA
w4VJAwQAw4VRMA0GCSqGSIb3DQEBCwUAA4IBAQB+oz7UvoHGVV1pHqC7rREqbxu1
a9hnXM8w48jtsE9vr7kTBQx4jC7NgLw8dMfgM0YmnjYWKuSkowMfDcApDxL7rUmr
oHEhi2f2jxOs9bW1A7nStEZCG8WrO4IfvAAdFnXXCKukNwomziLsTw3zvpgAOgDc
NBTdVr6Ycg9KQubjKnDM/sw79al2ppxBpptX9kJ67mFB2zlkmSR5bPfa2cf64Ux6
Lfu70eqc630EdroHZ5a3l1BUsDrB0XKmIELIDEFa/PW/e+wub/RIvaMTOnX/7Qn9
BQDUiyKBjToilE0EWN9eUHlUMFaFXQXW7eoT5hiquuiR0StC0a4rsP4S+Im9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org