Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NX-PUfazcrD4sss2PKpmCrCUi68.roa
File: NX-PUfazcrD4sss2PKpmCrCUi68.roa (raw, json)
Hash identifier: zCO3CsMXJe2owNILqDoF/qTkHDIKLSOdlo8upeuaKL0=
Subject key identifier: 35:7F:8F:51:F6:B3:72:B0:F8:B2:CB:36:3C:AA:66:0A:B0:94:8B:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1356118C718F748EC70AAB4A268E2239
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NX-PUfazcrD4sss2PKpmCrCUi68.roa
Signing time: Mon 09 Oct 2023 07:28:09 +0000
ROA not before: Mon 09 Oct 2023 07:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 212.193.28.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 10:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:56:11:8c:71:8f:74:8e:c7:0a:ab:4a:26:8e:22:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 07:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357f8f51f6b372b0f8b2cb363caa660ab0948baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:48:22:bf:a4:c2:5c:5d:fe:21:e6:7d:72:
88:f5:c3:92:a4:7d:7f:f4:8f:5a:41:3e:14:58:12:
52:00:96:b7:74:2e:ea:88:0c:61:0b:db:55:69:25:
18:5d:4f:28:51:9d:fa:b2:82:71:98:0b:51:b2:aa:
c6:56:6e:22:bf:ca:ef:00:a5:c2:40:9b:ba:a0:cb:
39:95:01:1f:50:27:e8:49:9e:ac:e5:26:cd:a3:0f:
0d:b0:d3:47:a3:a9:79:ef:f5:20:96:a5:8d:d1:72:
80:c9:8e:42:74:fa:fa:35:4c:f1:eb:49:df:7e:95:
f7:a4:2b:54:50:18:ec:08:21:ca:ec:51:82:8f:5d:
db:c0:0d:e9:53:0d:8c:6c:c1:89:db:0e:4e:02:3c:
b6:4d:29:db:06:52:ca:ac:18:4b:e4:28:43:f3:7f:
dd:6a:4b:4c:2e:83:49:1c:a2:19:30:0e:73:34:38:
c1:17:9b:6c:ee:d3:ac:fb:09:e8:fa:ba:3a:7d:40:
9c:4e:78:35:1b:88:92:4f:33:ca:76:31:7b:53:54:
f5:06:e8:97:6f:7a:68:5f:25:1c:5c:38:80:87:ef:
98:33:25:8e:92:a8:49:8d:ed:71:a7:0d:aa:d9:11:
72:66:b8:dc:54:09:0e:f1:72:e6:87:59:62:e2:c6:
c2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7F:8F:51:F6:B3:72:B0:F8:B2:CB:36:3C:AA:66:0A:B0:94:8B:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NX-PUfazcrD4sss2PKpmCrCUi68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.81.0/24
212.193.28.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:88:22:ca:a8:a8:55:1f:3b:6d:92:d3:aa:3d:1c:48:bb:8f:
3f:0c:bd:4d:1e:c9:17:43:23:d7:f9:50:40:ad:b0:95:b3:e1:
8e:ac:bc:bc:7e:04:49:48:4e:5f:db:20:07:c5:5d:85:af:99:
52:ec:a7:ee:d7:44:5c:c6:21:10:4d:76:0a:c9:ee:e9:b5:17:
f5:89:0d:99:49:f9:14:4e:7f:ee:16:f5:28:1a:b0:72:02:23:
37:21:dd:89:59:bc:a0:e2:f6:6b:d2:f5:8d:4b:ef:95:c8:f5:
ae:1b:ad:a7:53:13:49:9d:46:b8:0b:eb:d8:26:00:51:14:70:
38:69:86:e2:51:ba:57:b6:a3:f8:49:17:96:e8:71:1e:d7:bd:
8e:41:e3:a2:5f:95:3b:88:f1:e6:c7:3e:b3:8a:64:d5:b6:c4:
3e:90:77:bb:4f:28:5d:04:a4:87:27:3e:ce:1e:e8:32:8b:14:
d6:c1:c9:7a:2d:12:61:d7:59:2e:e7:4e:ab:c6:61:03:9a:27:
8d:c9:54:7d:b7:5a:e7:45:0f:a5:3c:10:ee:02:e3:b6:8f:1d:
96:9b:5b:50:2e:71:07:b9:c0:0a:38:2d:df:53:4a:d8:db:80:
87:db:64:2e:d0:6d:7d:7c:8b:48:0c:d3:62:7e:f7:37:77:6d:
4e:bd:f7:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsTVhGMcY90jscKq0omjiI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MDcyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdmOGY1MWY2YjM3MmIwZjhiMmNiMzYzY2FhNjYwYWIwOTQ4YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspBIIr+kwlxd/iHmfXKI9cOSpH1/
9I9aQT4UWBJSAJa3dC7qiAxhC9tVaSUYXU8oUZ36soJxmAtRsqrGVm4iv8rvAKXC
QJu6oMs5lQEfUCfoSZ6s5SbNow8NsNNHo6l57/UglqWN0XKAyY5CdPr6NUzx60nf
fpX3pCtUUBjsCCHK7FGCj13bwA3pUw2MbMGJ2w5OAjy2TSnbBlLKrBhL5ChD83/d
aktMLoNJHKIZMA5zNDjBF5ts7tOs+wno+ro6fUCcTng1G4iSTzPKdjF7U1T1BuiX
b3poXyUcXDiAh++YMyWOkqhJje1xpw2q2RFyZrjcVAkO8XLmh1li4sbCBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDV/j1H2s3Kw+LLLNjyqZgqwlIuvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlgtUFVmYXpjckQ0c3NzMlBLcG1DckNVaTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VRAwQA
1MEcMA0GCSqGSIb3DQEBCwUAA4IBAQAviCLKqKhVHzttktOqPRxIu48/DL1NHskX
QyPX+VBArbCVs+GOrLy8fgRJSE5f2yAHxV2Fr5lS7Kfu10RcxiEQTXYKye7ptRf1
iQ2ZSfkUTn/uFvUoGrByAiM3Id2JWbyg4vZr0vWNS++VyPWuG62nUxNJnUa4C+vY
JgBRFHA4aYbiUbpXtqP4SReW6HEe172OQeOiX5U7iPHmxz6zimTVtsQ+kHe7Tyhd
BKSHJz7OHugyixTWwcl6LRJh11ku506rxmEDmieNyVR9t1rnRQ+lPBDuAuO2jx2W
m1tQLnEHucAKOC3fU0rY24CH22Qu0G19fItIDNNifvc3d21OvfeX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org