Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K2AYFj0bstYpoiVT1HmQCxk0-1w.roa
File: K2AYFj0bstYpoiVT1HmQCxk0-1w.roa (raw, json)
Hash identifier: xvLsq7crnU+z7BbNXyRt8HhQlS19ScWNsPiFMT2XOW0=
Subject key identifier: 2B:60:18:16:3D:1B:B2:D6:29:A2:25:53:D4:79:90:0B:19:34:FB:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D3F7819A137B119157CC4A17EAFF9E45C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K2AYFj0bstYpoiVT1HmQCxk0-1w.roa
Signing time: Thu 25 Jan 2024 07:14:11 +0000
ROA not before: Thu 25 Jan 2024 07:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 195.133.24.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 26 Jan 2024 05:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:78:19:a1:37:b1:19:15:7c:c4:a1:7e:af:f9:e4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 25 07:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b6018163d1bb2d629a22553d479900b1934fb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9e:ed:9e:84:57:9c:3a:64:c0:8e:9b:2c:ab:
b0:c1:d5:20:f7:2b:ad:e9:b6:35:8b:b0:0f:78:c7:
a3:fb:5e:d2:4f:46:39:38:5c:8a:76:6b:a5:ad:94:
f1:aa:ff:9f:f7:af:a5:ec:4f:19:c2:bf:40:df:28:
24:69:b0:dc:65:37:70:ec:46:90:d7:42:58:4b:d9:
91:f3:14:d5:cd:5b:fb:2b:2c:29:26:18:0f:42:38:
cd:55:49:22:be:be:aa:2a:cf:55:13:11:be:de:31:
04:e0:2b:15:12:6c:f6:96:ce:ce:ee:a7:81:6e:98:
4f:55:26:dc:7b:cd:28:1a:92:45:83:16:3a:8b:96:
78:c0:89:9c:0f:56:97:36:cd:98:06:45:d9:77:12:
db:20:22:2f:22:bc:a9:81:ac:02:c1:d8:d5:8d:0f:
17:d7:65:18:8f:1f:0a:41:60:63:d5:d6:3b:22:e9:
87:3c:da:8a:1f:37:b4:d0:94:85:2c:6d:62:3a:d2:
4e:99:6b:01:8e:45:de:8f:ee:8c:a9:94:88:f2:86:
c7:c7:b6:ef:9c:b1:a3:d6:7c:d0:b5:f4:9d:68:c7:
3c:1d:a8:cb:cb:38:06:c0:7d:16:8e:6b:87:02:21:
d5:ff:ef:19:62:81:b1:2f:6e:63:f4:55:46:e5:54:
4c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:60:18:16:3D:1B:B2:D6:29:A2:25:53:D4:79:90:0B:19:34:FB:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K2AYFj0bstYpoiVT1HmQCxk0-1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.24.0/23
Signature Algorithm: sha256WithRSAEncryption
76:35:12:61:53:74:28:22:63:fd:c2:f9:2b:93:5c:2f:9c:9c:
0c:b6:1c:a1:cf:5c:8e:50:be:1a:76:80:62:67:a3:54:8f:ba:
bb:af:05:2d:a5:51:f1:35:d9:fb:6b:bd:a3:ab:64:71:b9:33:
db:25:d7:c3:df:9d:3f:72:d3:d6:5f:6a:fe:55:e4:d1:8d:03:
2c:6b:4f:85:6f:0a:c0:76:ea:49:fc:86:10:25:36:42:05:43:
2c:a7:c9:7e:4e:13:ef:89:f4:43:44:8a:9b:f7:c0:ba:db:03:
67:b8:3b:06:6f:a6:50:ae:38:4a:98:ca:c0:f3:a4:df:ef:5c:
bc:36:5b:b6:2a:3b:41:9f:43:31:67:da:2b:03:8d:50:db:16:
e2:4e:61:e2:a1:c2:5e:66:3c:3d:08:31:2e:c3:27:73:c3:53:
cb:e5:01:90:ab:ee:e6:3e:ed:ea:b5:02:35:d0:ef:e3:4a:72:
83:e6:16:d0:4e:f5:c1:6a:04:fe:45:55:9c:36:15:a8:db:f9:
94:59:37:09:21:e2:e6:d6:f2:4f:7e:54:d3:f7:6f:76:31:17:
d0:6b:10:71:6c:52:8a:14:87:c0:7f:9d:ae:69:59:54:0c:9e:
7a:0e:e6:47:fc:74:ef:fc:8c:63:ed:68:11:33:e2:89:ad:eb:
b3:68:ed:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0/eBmhN7EZFXzEoX6v+eRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTI1MDcxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjYwMTgxNjNkMWJiMmQ2MjlhMjI1NTNkNDc5OTAwYjE5MzRmYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ7tnoRXnDpkwI6bLKuwwdUg9yut
6bY1i7APeMej+17ST0Y5OFyKdmulrZTxqv+f96+l7E8Zwr9A3ygkabDcZTdw7EaQ
10JYS9mR8xTVzVv7KywpJhgPQjjNVUkivr6qKs9VExG+3jEE4CsVEmz2ls7O7qeB
bphPVSbce80oGpJFgxY6i5Z4wImcD1aXNs2YBkXZdxLbICIvIrypgawCwdjVjQ8X
12UYjx8KQWBj1dY7IumHPNqKHze00JSFLG1iOtJOmWsBjkXej+6MqZSI8obHx7bv
nLGj1nzQtfSdaMc8HajLyzgGwH0WjmuHAiHV/+8ZYoGxL25j9FVG5VRMUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtgGBY9G7LWKaIlU9R5kAsZNPtcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSzJBWUZqMGJzdFlwb2lWVDFIbVFDeGswLTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4UYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2NRJhU3QoImP9wvkrk1wvnJwMthyhz1yOUL4adoBi
Z6NUj7q7rwUtpVHxNdn7a72jq2RxuTPbJdfD350/ctPWX2r+VeTRjQMsa0+FbwrA
dupJ/IYQJTZCBUMsp8l+ThPvifRDRIqb98C62wNnuDsGb6ZQrjhKmMrA86Tf71y8
Nlu2KjtBn0MxZ9orA41Q2xbiTmHiocJeZjw9CDEuwydzw1PL5QGQq+7mPu3qtQI1
0O/jSnKD5hbQTvXBagT+RVWcNhWo2/mUWTcJIeLm1vJPflTT9292MRfQaxBxbFKK
FIfAf52uaVlUDJ56DuZH/HTv/Ixj7WgRM+KJreuzaO2O
-----END CERTIFICATE-----
Generated at Fri Jan 26 07:43:03 2024 by rpki-client on console-ams.rpki-client.org