Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OzRJjrP4RZV70OjzsUj8BYlNU1U.roa
File: OzRJjrP4RZV70OjzsUj8BYlNU1U.roa (raw, json)
Hash identifier: joMhi5rvo/xPFWPXR5Hrm36h5L9M2Gma+LLe4VoySis=
Subject key identifier: 3B:34:49:8E:B3:F8:45:95:7B:D0:E8:F3:B1:48:FC:05:89:4D:53:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875258A7E5C0525C98D1D1C0BA27E8A640
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OzRJjrP4RZV70OjzsUj8BYlNU1U.roa
Signing time: Wed 05 Apr 2023 16:55:54 +0000
ROA not before: Wed 05 Apr 2023 16:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
195.133.26.0/23 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 14:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:58:a7:e5:c0:52:5c:98:d1:d1:c0:ba:27:e8:a6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b34498eb3f845957bd0e8f3b148fc05894d5355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ae:24:9b:96:a1:f6:e6:4b:07:2b:e1:1c:be:
af:a6:94:95:a5:e1:1e:5f:a8:35:94:1d:4c:0f:db:
39:5f:31:18:2f:1c:7b:db:a2:9c:12:df:2c:d9:05:
9a:77:19:0b:da:79:0e:5a:fb:2e:06:39:07:41:60:
70:12:c1:ab:7c:23:8c:db:9f:00:9c:33:36:14:4b:
14:8d:72:dd:19:f3:e5:3d:bc:61:e7:35:26:61:31:
46:80:93:35:ff:b2:74:9e:fb:b2:2f:58:27:0a:f4:
bc:c7:c3:27:cc:09:02:94:0a:36:6d:d2:42:1d:64:
40:3c:04:7e:0d:9d:47:1d:8c:46:b8:8e:6c:69:78:
ab:10:0e:83:3e:6a:82:3a:df:2b:36:c7:c5:27:d8:
ab:8d:78:14:21:d4:ea:1a:62:60:f5:63:5d:78:6c:
ca:e5:63:9f:03:16:fa:88:76:b8:9f:8b:59:b4:13:
f6:6d:43:78:bc:77:24:26:39:b4:c2:ba:9e:b3:9e:
75:d8:91:2f:a0:81:5b:5b:03:56:ec:da:02:90:dd:
be:13:6b:6f:83:ef:d2:4a:46:34:2d:63:47:85:68:
dd:ed:fc:66:ef:9b:16:54:80:4c:bd:4e:d6:25:29:
d1:69:18:04:a4:c8:77:d0:90:69:4d:3b:7f:6b:a8:
9c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:34:49:8E:B3:F8:45:95:7B:D0:E8:F3:B1:48:FC:05:89:4D:53:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OzRJjrP4RZV70OjzsUj8BYlNU1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.118.0/23
195.133.26.0/23
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
29:53:48:dc:db:ce:22:c7:d7:c8:97:f9:da:df:54:7a:ea:79:
03:08:1f:a9:32:7e:66:aa:b7:9a:73:bf:0c:b0:73:9e:12:93:
3f:70:23:ee:0b:c3:bc:ba:7f:fa:ba:cd:60:c3:28:be:3f:0a:
07:f0:bc:d5:4d:72:a2:f3:f5:5a:29:5c:49:19:b8:96:3e:cf:
22:47:66:13:ad:9a:f3:b4:e7:76:1a:8a:3f:ce:ed:dc:0e:b3:
b5:93:00:7b:bd:a1:d8:21:f9:88:e4:e8:8b:4c:af:35:21:9d:
dc:30:85:8f:0c:77:e3:63:e9:0c:42:46:b1:dd:46:e4:45:43:
12:d9:0a:04:d1:84:71:5b:d5:1c:ca:78:5c:db:75:28:77:c3:
11:30:e5:ea:02:ff:57:d1:96:b5:b8:24:a7:f7:04:83:29:66:
54:dc:0a:86:18:0c:03:1c:25:d3:1f:55:01:dc:9b:c2:37:ac:
af:0b:21:76:f0:e7:23:24:3b:c6:ce:a4:3b:98:92:3c:59:e6:
72:ef:9d:88:a9:20:bd:65:b8:e3:0a:52:b4:45:e9:3e:bc:46:
08:2d:06:4a:92:59:a8:9f:84:45:ad:7a:91:ae:19:d4:58:85:
6c:03:2b:d9:24:cf:c0:ec:6a:09:d2:8e:2a:4c:ab:49:0c:56:
14:e9:40:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdSWKflwFJcmNHRwLon6KZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM0NDk4ZWIzZjg0NTk1N2JkMGU4ZjNiMTQ4ZmMwNTg5NGQ1MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7a4km5ah9uZLByvhHL6vppSVpeEe
X6g1lB1MD9s5XzEYLxx726KcEt8s2QWadxkL2nkOWvsuBjkHQWBwEsGrfCOM258A
nDM2FEsUjXLdGfPlPbxh5zUmYTFGgJM1/7J0nvuyL1gnCvS8x8MnzAkClAo2bdJC
HWRAPAR+DZ1HHYxGuI5saXirEA6DPmqCOt8rNsfFJ9irjXgUIdTqGmJg9WNdeGzK
5WOfAxb6iHa4n4tZtBP2bUN4vHckJjm0wrqes5512JEvoIFbWwNW7NoCkN2+E2tv
g+/SSkY0LWNHhWjd7fxm75sWVIBMvU7WJSnRaRgEpMh30JBpTTt/a6ic3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDs0SY6z+EWVe9Do87FI/AWJTVNVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT3pSSmpyUDRSWlY3ME9qenNVajhCWWxOVTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwld2AwQB
w4UaAwQAw4U7MA0GCSqGSIb3DQEBCwUAA4IBAQApU0jc284ix9fIl/na31R66nkD
CB+pMn5mqreac78MsHOeEpM/cCPuC8O8un/6us1gwyi+PwoH8LzVTXKi8/VaKVxJ
GbiWPs8iR2YTrZrztOd2Goo/zu3cDrO1kwB7vaHYIfmI5OiLTK81IZ3cMIWPDHfj
Y+kMQkax3UbkRUMS2QoE0YRxW9Ucynhc23Uod8MRMOXqAv9X0Za1uCSn9wSDKWZU
3AqGGAwDHCXTH1UB3JvCN6yvCyF28OcjJDvGzqQ7mJI8WeZy752IqSC9ZbjjClK0
Rek+vEYILQZKklmon4RFrXqRrhnUWIVsAyvZJM/A7GoJ0o4qTKtJDFYU6UCx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org