Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X4kahUxcgBT-FCSE73LmCgvlGlI.roa
File: X4kahUxcgBT-FCSE73LmCgvlGlI.roa (raw, json)
Hash identifier: buWtjSREyBhjvo4GiI6C+P+3rsZ9MZLFtPu+0ewPE9Y=
Subject key identifier: 5F:89:1A:85:4C:5C:80:14:FE:14:24:84:EF:72:E6:0A:0B:E5:1A:52
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018847D693B4BB04FBA9186A974BCE2760EF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X4kahUxcgBT-FCSE73LmCgvlGlI.roa
Signing time: Tue 23 May 2023 09:00:24 +0000
ROA not before: Tue 23 May 2023 09:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
212.192.209.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:d6:93:b4:bb:04:fb:a9:18:6a:97:4b:ce:27:60:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 23 09:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f891a854c5c8014fe142484ef72e60a0be51a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:b4:8c:36:26:87:d8:90:75:cc:27:08:c8:
e4:f8:e6:6b:89:21:da:9d:1c:8e:4d:5c:9c:d6:8e:
93:42:79:2a:9f:3d:f2:96:3a:43:5d:22:f7:56:bf:
85:91:85:cf:43:fe:d9:7a:66:d4:82:90:94:44:a7:
28:23:4c:c8:e1:fd:6f:de:c2:b3:87:04:cb:41:c2:
37:d0:5e:47:4c:92:fc:3f:7a:0c:81:b9:a7:17:15:
a8:42:02:03:b4:3f:e4:ee:9f:d3:b5:7c:dd:aa:ea:
87:8d:13:f7:0e:14:eb:e0:c8:f8:dd:74:88:32:ea:
d4:c6:04:0c:29:4b:aa:36:4d:eb:63:d8:d7:df:97:
6d:88:d0:a9:ce:71:70:29:e2:40:5c:f0:f6:7f:2e:
9d:6c:67:53:d8:d0:8a:63:8b:16:c4:ea:6b:31:8e:
17:ce:c8:1a:12:a3:1b:b1:07:54:c1:4a:11:45:e3:
60:99:68:31:bf:19:a7:37:69:6f:fb:7e:f6:6e:23:
d1:a1:68:31:0e:66:e5:4a:17:14:a4:e8:59:90:b1:
fa:dd:b5:6b:28:00:c2:35:87:c5:ad:97:0f:1b:a1:
e5:10:fd:17:ab:47:d0:ae:e7:31:05:4c:bd:2a:ac:
09:3d:91:3a:ee:81:a9:83:56:6c:68:ee:83:29:de:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:89:1A:85:4C:5C:80:14:FE:14:24:84:EF:72:E6:0A:0B:E5:1A:52
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X4kahUxcgBT-FCSE73LmCgvlGlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.73.0/24
195.133.81.0/24
212.192.208.0/23
Signature Algorithm: sha256WithRSAEncryption
71:b5:91:09:d5:27:f3:6f:bd:cc:3f:30:7a:c8:49:6a:22:e2:
7f:9b:6b:25:44:5c:00:d2:70:a1:05:5a:ff:4b:bb:34:8c:3c:
7a:ef:71:ae:75:00:47:09:49:f9:81:26:e0:ae:24:97:10:29:
7a:c1:8e:d2:42:a6:19:03:d5:16:c1:99:2e:3c:71:a8:c0:fe:
fe:1c:07:ea:e3:06:94:82:a2:92:b5:8f:7a:a8:5d:02:6e:5e:
42:7f:86:23:0d:40:33:12:2e:cc:d4:7e:d9:57:15:54:82:04:
15:5f:bf:fd:ca:c5:b8:0e:11:27:5a:2e:e2:3a:df:c6:b9:d7:
9e:ed:12:e6:cb:b6:a6:35:d6:73:5c:70:7b:05:7e:3a:8d:10:
60:99:81:c0:60:f7:69:6c:19:30:02:ed:3f:85:29:ba:8a:3f:
20:3e:d0:6d:bf:7d:cd:b4:00:d0:c9:24:c5:b6:7f:33:9d:7d:
03:ca:ec:c7:4c:28:0d:d3:79:85:28:a3:bd:d2:5f:74:dd:19:
f3:86:e1:bb:d7:fd:57:8c:ea:e5:f0:5e:0a:ba:a5:4c:ef:76:
54:2b:37:b5:dc:f8:43:f1:0e:f6:dd:fc:e8:30:cb:d0:0e:b4:
1e:8a:df:0b:79:27:ef:0f:50:81:cd:f3:ef:83:d9:7d:4d:fa:
76:88:87:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhH1pO0uwT7qRhql0vOJ2DvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTIzMDkwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg5MWE4NTRjNWM4MDE0ZmUxNDI0ODRlZjcyZTYwYTBiZTUxYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoi0jDYmh9iQdcwnCMjk+OZriSHa
nRyOTVyc1o6TQnkqnz3yljpDXSL3Vr+FkYXPQ/7ZembUgpCURKcoI0zI4f1v3sKz
hwTLQcI30F5HTJL8P3oMgbmnFxWoQgIDtD/k7p/TtXzdquqHjRP3DhTr4Mj43XSI
MurUxgQMKUuqNk3rY9jX35dtiNCpznFwKeJAXPD2fy6dbGdT2NCKY4sWxOprMY4X
zsgaEqMbsQdUwUoRReNgmWgxvxmnN2lv+372biPRoWgxDmblShcUpOhZkLH63bVr
KADCNYfFrZcPG6HlEP0Xq0fQrucxBUy9KqwJPZE67oGpg1ZsaO6DKd4CxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF+JGoVMXIAU/hQkhO9y5goL5RpSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWDRrYWhVeGNnQlQtRkNTRTczTG1DZ3ZsR2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw4VJAwQA
w4VRAwQB1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQBxtZEJ1Sfzb73MPzB6yElqIuJ/
m2slRFwA0nChBVr/S7s0jDx673GudQBHCUn5gSbgriSXECl6wY7SQqYZA9UWwZku
PHGowP7+HAfq4waUgqKStY96qF0Cbl5Cf4YjDUAzEi7M1H7ZVxVUggQVX7/9ysW4
DhEnWi7iOt/Gudee7RLmy7amNdZzXHB7BX46jRBgmYHAYPdpbBkwAu0/hSm6ij8g
PtBtv33NtADQySTFtn8znX0DyuzHTCgN03mFKKO90l903RnzhuG71/1XjOrl8F4K
uqVM73ZUKze13PhD8Q723fzoMMvQDrQeit8LeSfvD1CBzfPvg9l9Tfp2iIea
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org