Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UzqOf3Zs-PUbL-U7OMuz5isKQJs.roa
File: UzqOf3Zs-PUbL-U7OMuz5isKQJs.roa (raw, json)
Hash identifier: QxHlc3gfS1ha3wngjru/qlDSBG8v+nBya2CGKi4+rtw=
Subject key identifier: 53:3A:8E:7F:76:6C:F8:F5:1B:2F:E5:3B:38:CB:B3:E6:2B:0A:40:9B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BB461E8FBDA3D257D26EA414650388D12
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UzqOf3Zs-PUbL-U7OMuz5isKQJs.roa
Signing time: Thu 09 Nov 2023 13:59:57 +0000
ROA not before: Thu 09 Nov 2023 13:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31863
IP address blocks: 195.58.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:61:e8:fb:da:3d:25:7d:26:ea:41:46:50:38:8d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 9 13:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=533a8e7f766cf8f51b2fe53b38cbb3e62b0a409b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:70:c7:29:94:48:17:40:df:2f:35:1e:6e:
91:81:10:1f:72:df:cc:84:0e:40:12:50:f9:e8:8b:
ba:e1:7a:71:43:1c:c4:8c:8c:27:47:ee:0f:8f:d6:
52:4d:26:44:3e:9a:e1:7a:c5:c8:92:19:64:1e:42:
e3:47:0a:cb:0c:21:58:b5:dc:3b:c9:d2:a4:9b:4a:
6b:b8:5f:8a:ea:cc:85:51:08:f4:8b:7e:a3:58:c1:
a2:c4:97:db:08:d6:d4:34:71:39:f6:82:08:66:07:
84:af:85:20:2e:51:cf:0e:b6:ab:ed:ef:6a:c9:1f:
bb:08:f0:92:36:dc:12:d8:4d:f7:99:fa:29:31:45:
56:12:a9:d2:75:18:46:3c:7a:8d:18:99:2a:73:4d:
59:ab:50:e1:84:1f:14:cf:10:86:31:cc:46:b1:b9:
9d:a3:ab:7e:76:ec:3e:08:7e:61:b4:d2:ad:99:69:
d5:0a:46:eb:9c:3f:d3:ed:cd:53:4d:33:f5:19:d9:
ff:c6:b0:72:8d:c1:4a:af:47:7b:6c:62:4a:93:b0:
c7:10:80:12:e5:07:61:d1:41:1a:76:1d:c2:62:e7:
3b:38:51:23:a8:4c:70:19:c5:ad:06:a9:f6:12:44:
93:79:fe:18:6c:3f:ea:ed:38:a7:29:3d:28:e0:5d:
f1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3A:8E:7F:76:6C:F8:F5:1B:2F:E5:3B:38:CB:B3:E6:2B:0A:40:9B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UzqOf3Zs-PUbL-U7OMuz5isKQJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.36.0/24
Signature Algorithm: sha256WithRSAEncryption
05:da:8a:87:7b:ce:8c:75:80:69:7f:5c:ba:41:5c:ae:94:8b:
ca:ba:51:9d:44:12:a4:0f:68:4f:cb:28:b8:ac:eb:1d:9a:e9:
56:4e:df:ce:e3:73:c5:35:cf:39:66:c4:8c:df:5c:78:a5:61:
cb:a9:9d:2f:93:f3:d3:1c:8a:1b:cf:a3:f9:11:e6:f4:d9:c0:
9c:73:50:57:b5:e1:35:5c:ef:03:16:25:89:b3:57:e7:52:4f:
6c:92:72:1f:b1:45:45:5e:7d:72:80:46:db:0b:a7:ee:79:2a:
2a:da:37:84:84:43:09:b5:c7:0f:d7:39:0f:bd:09:8e:60:67:
01:a5:0c:a5:ee:96:a4:36:61:ca:d8:94:6a:10:6e:2c:1f:ac:
00:62:68:56:31:44:4c:be:e4:12:e7:02:61:59:48:0e:cb:22:
c3:1e:01:20:fd:ea:90:86:72:19:3d:7e:b4:4b:56:50:6c:d8:
da:0c:37:60:cb:fa:46:f2:6f:45:43:d2:76:cd:81:fb:9c:b0:
14:a1:8c:d1:f3:c4:e9:90:05:87:e3:2d:0b:01:a8:1a:a6:bd:
8d:18:9e:fc:e5:7a:9e:2e:26:5e:aa:d0:4d:2a:57:4e:4b:38:
27:c6:64:d6:cb:47:12:ad:e2:46:de:00:95:cb:97:65:44:7d:
5f:02:20:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu0Yej72j0lfSbqQUZQOI0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA5MTM1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNhOGU3Zjc2NmNmOGY1MWIyZmU1M2IzOGNiYjNlNjJiMGE0MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt29wxymUSBdA3y81Hm6RgRAfct/M
hA5AElD56Iu64XpxQxzEjIwnR+4Pj9ZSTSZEPprhesXIkhlkHkLjRwrLDCFYtdw7
ydKkm0pruF+K6syFUQj0i36jWMGixJfbCNbUNHE59oIIZgeEr4UgLlHPDrar7e9q
yR+7CPCSNtwS2E33mfopMUVWEqnSdRhGPHqNGJkqc01Zq1DhhB8UzxCGMcxGsbmd
o6t+duw+CH5htNKtmWnVCkbrnD/T7c1TTTP1Gdn/xrByjcFKr0d7bGJKk7DHEIAS
5Qdh0UEadh3CYuc7OFEjqExwGcWtBqn2EkSTef4YbD/q7TinKT0o4F3x0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFM6jn92bPj1Gy/lOzjLs+YrCkCbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVXpxT2YzWnMtUFViTC1VN09NdXo1aXNLUUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzokMA0G
CSqGSIb3DQEBCwUAA4IBAQAF2oqHe86MdYBpf1y6QVyulIvKulGdRBKkD2hPyyi4
rOsdmulWTt/O43PFNc85ZsSM31x4pWHLqZ0vk/PTHIobz6P5Eeb02cCcc1BXteE1
XO8DFiWJs1fnUk9sknIfsUVFXn1ygEbbC6fueSoq2jeEhEMJtccP1zkPvQmOYGcB
pQyl7pakNmHK2JRqEG4sH6wAYmhWMURMvuQS5wJhWUgOyyLDHgEg/eqQhnIZPX60
S1ZQbNjaDDdgy/pG8m9FQ9J2zYH7nLAUoYzR88TpkAWH4y0LAagapr2NGJ785Xqe
LiZeqtBNKldOSzgnxmTWy0cSreJG3gCVy5dlRH1fAiD/
-----END CERTIFICATE-----
Generated at Thu Nov 9 15:13:02 2023 by rpki-client on console-ams.rpki-client.org