Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bRS0BWYKqvqTu792Tc77ilvH6G8.roa
File: bRS0BWYKqvqTu792Tc77ilvH6G8.roa (raw, json)
Hash identifier: AJdVVLOXb0eYD6egFQpaDfZ1AQt40yHHE2xX1BB9xWk=
Subject key identifier: 6D:14:B4:05:66:0A:AA:FA:93:BB:BF:76:4D:CE:FB:8A:5B:C7:E8:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F671B59504C110DF2C5635EA1D61CCE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bRS0BWYKqvqTu792Tc77ilvH6G8.roa
Signing time: Sun 01 Jan 2023 22:15:06 +0000
ROA not before: Sun 01 Jan 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213373
IP address blocks: 195.133.192.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 10:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:1b:59:50:4c:11:0d:f2:c5:63:5e:a1:d6:1c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d14b405660aaafa93bbbf764dcefb8a5bc7e86f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dc:e6:87:94:35:cc:63:4c:e9:1a:73:92:ac:
5c:32:8a:aa:d6:b6:14:a3:a0:b9:b6:43:84:8a:a1:
09:c3:e5:3b:b4:7d:c2:84:86:98:43:df:5b:cb:6b:
22:92:33:38:57:0a:f3:1b:23:31:49:2b:c4:5e:5e:
f4:cd:ae:6f:81:25:b8:a2:e7:92:6c:df:9b:2c:8c:
86:64:7c:90:b3:3c:43:33:fa:f7:54:0c:24:63:fd:
9d:d6:51:21:5a:9e:fa:4d:2c:4d:23:4c:a4:86:ce:
9c:65:cf:f9:5a:d9:0e:dc:a5:d5:b1:dd:7c:8e:e8:
ae:83:b5:78:f7:1f:83:0d:2b:52:b5:45:5b:78:2d:
82:18:52:41:9a:21:37:bb:11:ab:e1:2a:fd:ce:20:
d8:44:71:4b:e0:3a:f1:69:53:29:72:73:c8:e5:6d:
70:26:0e:c6:4e:5c:69:3c:14:8c:28:b4:e5:bd:34:
12:7f:07:00:95:6d:21:31:02:16:f8:cb:dc:88:ec:
d5:9f:96:5b:97:1f:e1:90:6f:95:ad:58:d6:37:38:
c0:fb:eb:06:29:63:74:3a:92:6b:fb:f2:14:0d:84:
fb:a2:61:bb:84:8a:81:f0:24:26:91:20:e8:42:2b:
d2:52:1a:53:ca:77:1d:ef:06:6e:66:90:f0:bc:ed:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:14:B4:05:66:0A:AA:FA:93:BB:BF:76:4D:CE:FB:8A:5B:C7:E8:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bRS0BWYKqvqTu792Tc77ilvH6G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.245.0/24
194.135.33.0/24
195.133.192.0/24
Signature Algorithm: sha256WithRSAEncryption
75:d2:80:a5:2c:d0:c2:bb:15:40:22:2b:34:87:71:7e:bc:bf:
c7:6b:80:07:f9:fa:65:f4:67:26:e5:40:5d:54:0f:bc:94:4e:
90:40:e0:9a:3c:d4:7a:60:8f:11:cc:46:da:d5:9a:ec:fd:f9:
9d:2b:41:8f:eb:64:a9:d2:00:34:d0:dc:5a:1e:b3:1e:51:73:
c9:bf:66:f8:c7:46:78:f2:3f:16:51:76:9d:44:12:29:e6:87:
38:b1:d7:18:5e:ce:f8:34:f4:d0:75:bb:b6:de:31:c7:bc:4a:
67:08:e1:c9:56:84:7e:da:81:2c:5f:49:ea:04:f2:d4:ef:d1:
6b:f8:04:f6:0b:47:38:1c:11:c0:cd:04:03:bc:1e:af:b5:25:
a4:2c:1f:19:2f:a4:e0:7a:dd:2d:e3:e4:aa:74:41:71:51:7b:
96:1c:9b:b1:8c:f0:0f:ec:65:7d:23:9a:4a:d9:b6:5b:cb:8d:
5f:17:38:0a:7c:56:d8:f2:3b:dd:5b:a4:66:0f:a0:21:7f:27:
dd:99:04:f3:24:2f:d2:7f:24:25:cd:b7:de:91:be:7f:49:93:
a6:22:f2:e9:28:92:1b:a3:34:1a:8c:b1:f1:b3:28:37:81:67:
c0:40:6b:6b:07:d8:67:c8:7e:e2:9a:71:3d:8d:c3:0d:09:3e:
ca:44:44:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZxtZUEwRDfLFY16h1hzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDE0YjQwNTY2MGFhYWZhOTNiYmJmNzY0ZGNlZmI4YTViYzdlODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNzmh5Q1zGNM6RpzkqxcMoqq1rYU
o6C5tkOEiqEJw+U7tH3ChIaYQ99by2sikjM4VwrzGyMxSSvEXl70za5vgSW4oueS
bN+bLIyGZHyQszxDM/r3VAwkY/2d1lEhWp76TSxNI0ykhs6cZc/5WtkO3KXVsd18
juiug7V49x+DDStStUVbeC2CGFJBmiE3uxGr4Sr9ziDYRHFL4DrxaVMpcnPI5W1w
Jg7GTlxpPBSMKLTlvTQSfwcAlW0hMQIW+MvciOzVn5Zblx/hkG+VrVjWNzjA++sG
KWN0OpJr+/IUDYT7omG7hIqB8CQmkSDoQivSUhpTyncd7wZuZpDwvO1EQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG0UtAVmCqr6k7u/dk3O+4pbx+hvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYlJTMEJXWUtxdnFUdTc5MlRjNzdpbHZINkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlf1AwQA
wochAwQAw4XAMA0GCSqGSIb3DQEBCwUAA4IBAQB10oClLNDCuxVAIis0h3F+vL/H
a4AH+fpl9Gcm5UBdVA+8lE6QQOCaPNR6YI8RzEba1Zrs/fmdK0GP62Sp0gA00Nxa
HrMeUXPJv2b4x0Z48j8WUXadRBIp5oc4sdcYXs74NPTQdbu23jHHvEpnCOHJVoR+
2oEsX0nqBPLU79Fr+AT2C0c4HBHAzQQDvB6vtSWkLB8ZL6Tget0t4+SqdEFxUXuW
HJuxjPAP7GV9I5pK2bZby41fFzgKfFbY8jvdW6RmD6AhfyfdmQTzJC/SfyQlzbfe
kb5/SZOmIvLpKJIbozQajLHxsyg3gWfAQGtrB9hnyH7imnE9jcMNCT7KREQ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org