Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SmQt3Hu48rqisxLBxNVkEYg12Hs.roa
File: SmQt3Hu48rqisxLBxNVkEYg12Hs.roa (raw, json)
Hash identifier: E8s4xg8OPwrVCWoWotCP/uM+DjF8NNcTowAQUhUgDtU=
Subject key identifier: 4A:64:2D:DC:7B:B8:F2:BA:A2:B3:12:C1:C4:D5:64:11:88:35:D8:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ACBB2A67C993F34D08A21CE2670F8E472
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SmQt3Hu48rqisxLBxNVkEYg12Hs.roa
Signing time: Mon 25 Sep 2023 09:36:37 +0000
ROA not before: Mon 25 Sep 2023 09:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 195.133.18.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 05:59:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:b2:a6:7c:99:3f:34:d0:8a:21:ce:26:70:f8:e4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 25 09:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a642ddc7bb8f2baa2b312c1c4d564118835d87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cd:bb:3b:19:36:1f:ba:69:b7:94:9c:7f:2b:
c9:5a:65:e8:49:ee:90:1d:a3:7e:cb:d4:e7:3a:52:
32:4d:4b:40:8b:1d:b6:d6:bd:62:0b:28:9d:be:bf:
c5:16:fc:c3:93:c5:6b:b6:76:69:56:83:c7:57:b5:
5c:ab:f9:c3:ee:e2:51:be:9c:f8:35:a0:d0:ba:ed:
d9:33:0d:b3:39:99:95:ae:d4:1b:ff:bf:b8:30:c5:
90:c5:87:4c:06:ab:bc:61:72:e1:d4:df:02:1a:07:
9e:d4:ae:13:07:b9:57:52:a8:1b:89:08:0c:3f:48:
2b:86:31:2d:82:9f:23:b7:c9:d7:d3:74:7a:e6:14:
a8:7c:0e:ba:08:7d:43:57:e1:02:21:bb:c4:2d:5a:
1f:a4:57:ef:a2:08:bc:3e:3b:a1:8f:fd:4c:93:31:
b8:42:19:64:76:12:46:79:07:f7:b6:b7:d6:61:d1:
ec:a9:4a:eb:37:ae:4c:83:aa:d5:40:31:44:73:1a:
21:16:84:d2:8c:4c:6b:b3:82:cc:37:88:24:ce:d6:
a4:08:74:39:d9:74:f0:72:ed:8a:31:24:44:8a:fa:
e7:9b:46:95:a1:41:e5:21:42:44:61:7f:aa:5e:e9:
2d:74:c2:d9:d8:57:6d:12:ca:59:17:6d:09:1a:c5:
14:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:64:2D:DC:7B:B8:F2:BA:A2:B3:12:C1:C4:D5:64:11:88:35:D8:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SmQt3Hu48rqisxLBxNVkEYg12Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
195.133.18.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b7:b2:3f:b6:39:d1:d5:26:76:ab:cf:6b:cb:a7:44:36:5b:
08:2c:cb:af:a5:7b:1c:05:78:fe:f0:3a:4b:7e:c6:ee:a6:8e:
9b:f1:6f:af:de:97:82:d8:a6:98:9c:30:72:d8:c0:7a:fc:24:
5b:09:fc:2d:96:1d:e6:89:63:cf:6c:14:da:bf:e1:43:49:d2:
1e:1b:48:3f:bb:d8:80:be:b6:21:6a:ca:d5:8c:1e:33:d1:90:
59:94:ee:e0:ce:dc:fc:3d:56:76:9a:c2:f5:ae:fb:19:3a:6e:
53:ed:6d:37:f3:6a:bb:fc:89:9f:4b:44:83:ae:5a:3c:9e:67:
3f:0e:e7:2c:29:39:9b:c4:7b:f6:a6:47:7c:64:b7:17:0b:23:
a1:51:71:66:a0:59:9d:a3:9a:e2:9d:7e:cc:ed:aa:b0:5c:f1:
32:d3:7c:3b:da:1d:21:0f:41:2c:23:27:80:06:d2:e9:55:8f:
b4:c6:be:d2:d0:1e:c0:cc:b2:a2:0c:cb:19:b7:d1:37:87:e7:
ec:d7:69:9d:6a:56:47:f4:82:07:09:61:83:1b:f0:01:70:a5:
0b:88:32:22:d3:5f:f2:64:79:83:9e:72:27:9e:6d:f3:47:84:
22:1f:09:4b:21:e7:97:33:10:45:f8:c6:e3:24:4b:b7:c9:1c:
54:33:26:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrLsqZ8mT800IohziZw+ORyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI1MDkzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY0MmRkYzdiYjhmMmJhYTJiMzEyYzFjNGQ1NjQxMTg4MzVkODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq827Oxk2H7ppt5ScfyvJWmXoSe6Q
HaN+y9TnOlIyTUtAix221r1iCyidvr/FFvzDk8VrtnZpVoPHV7Vcq/nD7uJRvpz4
NaDQuu3ZMw2zOZmVrtQb/7+4MMWQxYdMBqu8YXLh1N8CGgee1K4TB7lXUqgbiQgM
P0grhjEtgp8jt8nX03R65hSofA66CH1DV+ECIbvELVofpFfvogi8Pjuhj/1MkzG4
QhlkdhJGeQf3trfWYdHsqUrrN65Mg6rVQDFEcxohFoTSjExrs4LMN4gkztakCHQ5
2XTwcu2KMSREivrnm0aVoUHlIUJEYX+qXuktdMLZ2FdtEspZF20JGsUUpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEpkLdx7uPK6orMSwcTVZBGINdh7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU21RdDNIdTQ4cnFpc3hMQnhOVmtFWWcxMkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy1AwQA
w4USMA0GCSqGSIb3DQEBCwUAA4IBAQB5t7I/tjnR1SZ2q89ry6dENlsILMuvpXsc
BXj+8DpLfsbupo6b8W+v3peC2KaYnDBy2MB6/CRbCfwtlh3miWPPbBTav+FDSdIe
G0g/u9iAvrYhasrVjB4z0ZBZlO7gztz8PVZ2msL1rvsZOm5T7W0382q7/ImfS0SD
rlo8nmc/DucsKTmbxHv2pkd8ZLcXCyOhUXFmoFmdo5rinX7M7aqwXPEy03w72h0h
D0EsIyeABtLpVY+0xr7S0B7AzLKiDMsZt9E3h+fs12mdalZH9IIHCWGDG/ABcKUL
iDIi01/yZHmDnnInnm3zR4QiHwlLIeeXMxBF+MbjJEu3yRxUMybO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org