Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KXIas4BbjJWrHpeghEoEwhYUaSs.roa
File: KXIas4BbjJWrHpeghEoEwhYUaSs.roa (raw, json)
Hash identifier: 5ozgTfx1Yfr60EirGGEgmtmUqE7gVbgLsPuAdw9y92E=
Subject key identifier: 29:72:1A:B3:80:5B:8C:95:AB:1E:97:A0:84:4A:04:C2:16:14:69:2B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB84517642A045E5D06399496CBAEB66F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KXIas4BbjJWrHpeghEoEwhYUaSs.roa
Signing time: Fri 10 Nov 2023 08:06:57 +0000
ROA not before: Fri 10 Nov 2023 08:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400899
IP address blocks: 194.87.128.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Nov 2023 03:55:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:45:17:64:2a:04:5e:5d:06:39:94:96:cb:ae:b6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 10 08:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29721ab3805b8c95ab1e97a0844a04c21614692b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:60:8a:34:fb:26:9b:74:5f:63:c7:97:ee:
64:b3:99:75:a1:77:c6:55:b5:c2:da:ec:48:2c:02:
e0:7c:13:a4:56:f9:d5:5c:b6:da:30:f8:b5:4e:29:
e7:3f:3e:be:81:39:30:51:d5:8a:1a:20:3d:8a:ec:
7c:f9:1f:2b:ed:7b:29:a6:98:d2:4f:e1:cc:18:39:
9f:d0:62:72:6e:ac:05:7f:7f:68:5e:ae:50:bc:dd:
99:6b:df:a1:36:fc:b7:c0:8b:70:a2:62:8f:88:d1:
9d:f5:82:9d:e7:a0:26:ea:16:23:41:0c:ab:a9:0e:
6d:a8:e9:b0:db:96:65:16:66:4d:5d:2d:f9:04:6e:
a5:7f:13:23:42:b2:31:d8:0d:3f:13:e4:45:6b:09:
65:cc:76:b5:f5:d9:eb:40:55:60:b6:6c:ac:92:8e:
19:a4:3b:a3:b9:3a:d7:88:2b:30:58:a7:91:68:fd:
ef:b7:08:cd:13:4f:6a:d6:af:53:a3:b0:dd:9f:a1:
09:2e:03:25:ba:96:11:f4:15:58:a5:95:4b:8f:19:
ff:bd:6d:6d:9a:5a:b6:a8:02:ed:8f:91:5e:2b:33:
f1:0a:90:3b:3d:41:84:9a:70:34:e8:56:d0:26:6b:
fc:c7:4f:a6:2c:f9:67:bd:73:3d:71:10:ab:ce:37:
fa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:72:1A:B3:80:5B:8C:95:AB:1E:97:A0:84:4A:04:C2:16:14:69:2B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KXIas4BbjJWrHpeghEoEwhYUaSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.128.0/24
195.58.60.0/24
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
82:5c:ba:27:42:09:47:5b:15:f4:05:50:d6:61:b2:da:53:f4:
41:fa:cf:63:26:16:fa:f0:62:a2:44:dc:8b:b4:8d:4a:84:e6:
27:a9:eb:91:de:42:0e:80:e1:0c:89:6d:dc:69:4f:c0:ee:ad:
c3:97:0d:ea:37:78:a8:d4:89:e3:77:e8:18:85:fe:b7:ad:70:
3a:8b:d0:a7:2d:12:5f:a3:50:0f:49:bb:0e:4a:dd:22:52:d1:
d0:ae:44:ba:0c:b5:f8:f1:7f:61:3e:6f:c8:cb:b9:b0:a8:15:
53:d9:84:a6:51:3a:d6:5b:5f:63:1f:eb:db:95:b1:04:4c:ba:
3c:53:da:db:6d:3e:f1:b1:d2:7b:9f:03:bb:20:c1:1c:b8:71:
6e:93:94:8b:b5:76:45:9d:f3:77:1e:e0:0d:58:77:6b:3d:05:
60:46:c6:b5:9a:8d:cd:9f:5e:7e:28:a1:b3:fe:97:65:31:b8:
4b:c0:52:54:2d:b6:84:fb:7e:8a:13:0c:41:fd:53:83:97:85:
15:de:ee:3e:2c:b9:85:e4:1f:d9:5d:e1:ee:61:34:4e:ac:79:
de:2d:f7:f2:3e:ff:41:cf:10:20:56:78:b2:04:a0:b6:e7:8d:
a4:11:8d:fd:a7:ee:07:d6:16:3a:f0:7f:e8:85:c9:9e:a8:70:
ce:7f:ee:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu4RRdkKgReXQY5lJbLrrZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTEwMDgwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcyMWFiMzgwNWI4Yzk1YWIxZTk3YTA4NDRhMDRjMjE2MTQ2OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKhgijT7Jpt0X2PHl+5ks5l1oXfG
VbXC2uxILALgfBOkVvnVXLbaMPi1TinnPz6+gTkwUdWKGiA9iux8+R8r7XspppjS
T+HMGDmf0GJybqwFf39oXq5QvN2Za9+hNvy3wItwomKPiNGd9YKd56Am6hYjQQyr
qQ5tqOmw25ZlFmZNXS35BG6lfxMjQrIx2A0/E+RFawllzHa19dnrQFVgtmysko4Z
pDujuTrXiCswWKeRaP3vtwjNE09q1q9To7Ddn6EJLgMlupYR9BVYpZVLjxn/vW1t
mlq2qALtj5FeKzPxCpA7PUGEmnA06FbQJmv8x0+mLPlnvXM9cRCrzjf6ZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFClyGrOAW4yVqx6XoIRKBMIWFGkrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS1hJYXM0QmJqSldySHBlZ2hFb0V3aFlVYVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxfAwQA
wleAAwQAwzo8AwQAw4UYMA0GCSqGSIb3DQEBCwUAA4IBAQCCXLonQglHWxX0BVDW
YbLaU/RB+s9jJhb68GKiRNyLtI1KhOYnqeuR3kIOgOEMiW3caU/A7q3Dlw3qN3io
1Injd+gYhf63rXA6i9CnLRJfo1APSbsOSt0iUtHQrkS6DLX48X9hPm/Iy7mwqBVT
2YSmUTrWW19jH+vblbEETLo8U9rbbT7xsdJ7nwO7IMEcuHFuk5SLtXZFnfN3HuAN
WHdrPQVgRsa1mo3Nn15+KKGz/pdlMbhLwFJULbaE+36KEwxB/VODl4UV3u4+LLmF
5B/ZXeHuYTROrHneLffyPv9BzxAgVniyBKC2542kEY39p+4H1hY68H/ohcmeqHDO
f+4V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org