Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L8c7Q_fXpLG0gdDvLrp2y_vT910.roa
File: L8c7Q_fXpLG0gdDvLrp2y_vT910.roa (raw, json)
Hash identifier: qefI4jkL0JP4CCqJq6FCXHPcJK+X2zO93rPIZlk9RZk=
Subject key identifier: 2F:C7:3B:43:F7:D7:A4:B1:B4:81:D0:EF:2E:BA:76:CB:FB:D3:F7:5D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D6DE760FB8BEA2FB1D6327E127A0DF5A5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L8c7Q_fXpLG0gdDvLrp2y_vT910.roa
Signing time: Sat 03 Feb 2024 07:38:16 +0000
ROA not before: Sat 03 Feb 2024 07:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 195.133.24.0/23 maxlen: 23
212.193.25.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 21 Feb 2024 04:51:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:e7:60:fb:8b:ea:2f:b1:d6:32:7e:12:7a:0d:f5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 3 07:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fc73b43f7d7a4b1b481d0ef2eba76cbfbd3f75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:13:1f:cc:a6:ac:ec:29:03:9c:e4:c7:9e:
e2:ab:12:5b:22:bb:7d:58:01:4d:86:a9:c5:52:49:
69:c4:63:47:6b:61:20:36:88:32:ff:4c:29:b1:1b:
bf:69:f4:f4:3e:d9:9d:d2:1a:c0:7c:6f:34:f8:9e:
d0:38:88:50:f2:5c:78:94:24:8e:ef:70:b1:7b:e4:
a6:81:a7:54:62:b0:82:ff:7c:28:58:08:ec:9e:b7:
d0:8f:90:50:88:e7:87:8a:95:a1:40:01:44:6b:d1:
bc:06:d8:09:33:6f:71:2f:39:98:a1:c0:04:84:05:
4e:61:90:9b:ee:06:dd:b3:f9:c5:9d:2b:6a:6e:12:
e2:f2:bc:f2:09:ed:f2:1c:a0:42:cc:8d:84:d5:27:
02:a6:d3:a0:62:0c:86:7c:20:ae:28:a5:33:94:d8:
2a:dd:39:57:ce:6b:3c:7d:ab:af:b0:0f:ee:9c:40:
da:02:81:3e:c6:7d:61:dd:4b:05:9c:22:58:ce:99:
06:07:91:b6:4c:14:6d:8d:38:6f:f0:e4:00:23:c1:
63:6b:c9:fb:ca:56:40:48:ca:27:ee:21:8c:43:77:
33:c7:f0:66:57:c3:b8:ff:1c:10:66:ae:37:b8:fc:
3e:e7:2d:f7:4a:b1:49:b5:c5:7c:04:db:c4:a8:bd:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C7:3B:43:F7:D7:A4:B1:B4:81:D0:EF:2E:BA:76:CB:FB:D3:F7:5D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L8c7Q_fXpLG0gdDvLrp2y_vT910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.24.0/23
212.193.25.0-212.193.27.255
Signature Algorithm: sha256WithRSAEncryption
10:a2:60:f5:b6:88:33:83:34:4b:e8:20:e4:72:f1:76:d9:41:
0f:f9:9b:5c:82:5b:47:94:70:ef:c5:64:01:cd:0d:91:56:30:
cb:d4:ed:f6:00:a4:d0:82:e6:3f:b3:91:19:1e:e4:88:09:64:
cf:c6:64:67:f3:48:7b:5a:cb:f7:be:c3:fb:15:5f:dc:2e:08:
bf:27:bd:91:69:fb:52:69:dd:1a:28:c6:c6:3d:4f:18:24:0a:
0f:be:c5:7f:6b:b6:ed:cc:6d:3b:1b:93:69:2f:34:76:28:e1:
90:aa:42:10:32:82:ff:f8:6e:d3:c9:39:51:fa:8a:68:31:60:
b3:7a:d7:01:ec:a6:d9:48:ef:4f:76:f1:13:07:a5:b0:94:bc:
a5:c5:99:48:89:fd:ed:55:eb:75:a7:6d:ff:0f:b8:4f:51:10:
a8:57:13:14:76:0e:f8:9e:3f:04:a3:e5:b5:f9:1f:97:ad:ff:
ff:3a:a6:c7:4b:ea:f4:20:3d:e5:26:62:3f:82:2f:f0:54:46:
12:c8:9a:52:58:94:ba:6a:a7:23:36:b1:7b:47:ab:21:20:fe:
3e:b6:c9:16:71:12:de:2a:57:7f:2f:dc:07:89:03:e9:e9:86:
dd:17:e5:c6:66:5f:ac:e4:c2:da:0b:ae:17:f9:75:25:1d:fa:
8d:36:fc:01
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1t52D7i+ovsdYyfhJ6DfWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAzMDczODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM3M2I0M2Y3ZDdhNGIxYjQ4MWQwZWYyZWJhNzZjYmZiZDNmNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz4TH8ymrOwpA5zkx57iqxJbIrt9
WAFNhqnFUklpxGNHa2EgNogy/0wpsRu/afT0Ptmd0hrAfG80+J7QOIhQ8lx4lCSO
73Cxe+SmgadUYrCC/3woWAjsnrfQj5BQiOeHipWhQAFEa9G8BtgJM29xLzmYocAE
hAVOYZCb7gbds/nFnStqbhLi8rzyCe3yHKBCzI2E1ScCptOgYgyGfCCuKKUzlNgq
3TlXzms8fauvsA/unEDaAoE+xn1h3UsFnCJYzpkGB5G2TBRtjThv8OQAI8Fja8n7
ylZASMon7iGMQ3czx/BmV8O4/xwQZq43uPw+5y33SrFJtcV8BNvEqL3fqQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC/HO0P316SxtIHQ7y66dsv70/ddMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTDhjN1FfZlhwTEcwZ2REdkxycDJ5X3ZUOTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBw4UYMAwD
BADUwRkDBALUwRgwDQYJKoZIhvcNAQELBQADggEBABCiYPW2iDODNEvoIORy8XbZ
QQ/5m1yCW0eUcO/FZAHNDZFWMMvU7fYApNCC5j+zkRke5IgJZM/GZGfzSHtay/e+
w/sVX9wuCL8nvZFp+1Jp3RooxsY9TxgkCg++xX9rtu3MbTsbk2kvNHYo4ZCqQhAy
gv/4btPJOVH6imgxYLN61wHsptlI70928RMHpbCUvKXFmUiJ/e1V63Wnbf8PuE9R
EKhXExR2DviePwSj5bX5H5et//86psdL6vQgPeUmYj+CL/BURhLImlJYlLpqpyM2
sXtHqyEg/j62yRZxEt4qV38v3AeJA+npht0X5cZmX6zkwtoLrhf5dSUd+o02/AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org