Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZhxO26YvZi9wHMQoIOeR_KDsbus.roa
File: ZhxO26YvZi9wHMQoIOeR_KDsbus.roa (raw, json)
Hash identifier: C5EVUJb4Y7mwlV7FdNKf4lwHTkUXhO2aaiwNS8DshD4=
Subject key identifier: 66:1C:4E:DB:A6:2F:66:2F:70:1C:C4:28:20:E7:91:FC:A0:EC:6E:EB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01880F2AE556815D0E69E6083B96302E7BCD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZhxO26YvZi9wHMQoIOeR_KDsbus.roa
Signing time: Fri 12 May 2023 08:54:09 +0000
ROA not before: Fri 12 May 2023 08:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 195.133.76.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
193.124.35.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
195.133.64.0/22 maxlen: 22
194.87.255.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:2a:e5:56:81:5d:0e:69:e6:08:3b:96:30:2e:7b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 12 08:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=661c4edba62f662f701cc42820e791fca0ec6eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6c:80:ee:d2:53:6b:a3:94:42:aa:63:f8:41:
2f:46:cd:6b:52:b7:3b:4f:00:15:2d:c7:3d:a1:0d:
6f:00:98:9a:67:e0:98:73:d4:29:80:a9:ef:88:ba:
6b:9a:eb:ef:16:1e:b6:06:2e:1f:be:6f:a0:5e:82:
32:8f:5b:4a:1b:c6:28:a5:9c:54:ae:21:3c:c8:3b:
be:84:4c:12:99:b6:dc:bc:5d:6b:63:48:bf:44:8c:
14:74:f0:88:a0:27:a3:67:8c:97:37:3d:34:b6:c9:
c3:79:c3:79:53:8f:4f:7d:b7:ac:21:d9:61:59:45:
67:79:3c:e6:ac:dc:88:ea:5a:2b:3c:a1:0d:0b:05:
55:d2:ba:6b:61:3e:3f:ba:f4:9f:74:52:a9:4b:81:
47:9d:49:a5:5c:19:2a:e0:47:5d:f6:6d:fd:84:bd:
b8:b4:03:64:a7:fc:c0:b9:a6:b2:19:47:45:da:de:
e2:50:8a:3e:55:59:40:2d:21:64:22:c3:f2:95:a1:
b6:e3:78:f7:09:5d:0d:44:e5:95:5f:c7:fc:11:e3:
a4:1f:36:61:0c:39:af:e4:0d:cd:67:7f:36:4e:e7:
97:23:10:db:a0:c6:65:a1:7d:6e:73:e2:db:fc:35:
26:17:b9:f1:8d:e2:eb:8e:1c:96:3b:e9:e1:06:c5:
91:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1C:4E:DB:A6:2F:66:2F:70:1C:C4:28:20:E7:91:FC:A0:EC:6E:EB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZhxO26YvZi9wHMQoIOeR_KDsbus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
194.58.40.0/24
194.58.56.0/23
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.77.0/24
194.87.255.0/24
195.58.38.0/24
195.133.20.0/24
195.133.64.0/22
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
37:3d:e0:0a:25:9d:4b:47:c0:03:bd:4a:54:b3:dd:cc:8d:c6:
8b:4e:65:4f:84:21:1f:5a:47:0e:07:25:a8:99:00:6a:50:83:
be:50:ca:34:b1:9c:bf:dc:1c:da:a5:89:d4:cc:0c:c1:75:5c:
61:08:a6:b8:79:43:5c:cf:0e:7a:ba:65:03:26:c6:85:4f:00:
80:50:8e:e2:99:8b:16:98:fb:a1:96:60:2d:ac:b1:44:34:2c:
1e:86:d2:a2:a6:2c:20:ed:0e:45:cd:8e:94:9e:8b:2f:46:9c:
84:de:e2:72:ab:e5:bf:ee:a5:38:e5:70:ce:43:5f:6d:73:3b:
02:c1:cc:06:1a:3a:fa:96:e2:74:42:60:9b:c5:33:6c:fe:7f:
9e:f1:9c:46:7c:ee:79:c0:ea:d1:f5:4e:ce:c5:05:67:81:94:
4d:11:70:b1:36:83:22:fa:4b:b3:d8:2a:4a:27:1d:60:16:f6:
5b:75:fd:31:d9:12:67:ae:7d:53:15:52:f3:93:78:9c:2f:d7:
e5:62:a8:b8:ee:c6:ed:02:db:25:25:fe:42:ea:59:38:90:6c:
86:60:39:28:92:9b:c2:e5:35:fb:e1:08:4f:80:d8:0f:14:48:
2b:8e:43:f9:c7:fa:11:24:52:30:60:87:af:43:20:ec:a6:87:
ab:dd:d3:c9
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYgPKuVWgV0OaeYIO5YwLnvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTEyMDg1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFjNGVkYmE2MmY2NjJmNzAxY2M0MjgyMGU3OTFmY2EwZWM2ZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2yA7tJTa6OUQqpj+EEvRs1rUrc7
TwAVLcc9oQ1vAJiaZ+CYc9QpgKnviLprmuvvFh62Bi4fvm+gXoIyj1tKG8YopZxU
riE8yDu+hEwSmbbcvF1rY0i/RIwUdPCIoCejZ4yXNz00tsnDecN5U49PfbesIdlh
WUVneTzmrNyI6lorPKENCwVV0rprYT4/uvSfdFKpS4FHnUmlXBkq4Edd9m39hL24
tANkp/zAuaayGUdF2t7iUIo+VVlALSFkIsPylaG243j3CV0NROWVX8f8EeOkHzZh
DDmv5A3NZ382TueXIxDboMZloX1uc+Lb/DUmF7nxjeLrjhyWO+nhBsWRiQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGYcTtumL2YvcBzEKCDnkfyg7G7rMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWmh4TzI2WXZaaTl3SE1Rb0lPZVJfS0RzYnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwjAwQA
wjooAwQBwjo4AwQAwlX4AwQAwlX7AwQAwlcKAwQAwlcRAwQAwldNAwQAwlf/AwQA
wzomAwQAw4UUAwQCw4VAAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQA3PeAKJZ1L
R8ADvUpUs93MjcaLTmVPhCEfWkcOByWomQBqUIO+UMo0sZy/3BzapYnUzAzBdVxh
CKa4eUNczw56umUDJsaFTwCAUI7imYsWmPuhlmAtrLFENCwehtKipiwg7Q5FzY6U
nosvRpyE3uJyq+W/7qU45XDOQ19tczsCwcwGGjr6luJ0QmCbxTNs/n+e8ZxGfO55
wOrR9U7OxQVngZRNEXCxNoMi+kuz2CpKJx1gFvZbdf0x2RJnrn1TFVLzk3icL9fl
Yqi47sbtAtslJf5C6lk4kGyGYDkokpvC5TX74QhPgNgPFEgrjkP5x/oRJFIwYIev
QyDspoer3dPJ
-----END CERTIFICATE-----
Generated at Sun Jul 30 17:46:59 2023 by rpki-client on console-fra.rpki-client.org