Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/brW7mTzg_hYhDSECitRjIw9kgMI.roa
File: brW7mTzg_hYhDSECitRjIw9kgMI.roa (raw, json)
Hash identifier: EEpLMmCcJW8tVrUgxWxKDlhHHwiKH+m74OtBI6ewoTM=
Subject key identifier: 6E:B5:BB:99:3C:E0:FE:16:21:0D:21:02:8A:D4:63:23:0F:64:80:C2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019144C40D4B9D564C8FFBA2A713101A2AB1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/brW7mTzg_hYhDSECitRjIw9kgMI.roa
Signing time: Mon 12 Aug 2024 04:06:24 +0000
ROA not before: Mon 12 Aug 2024 04:06:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 09:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:44:c4:0d:4b:9d:56:4c:8f:fb:a2:a7:13:10:1a:2a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 12 04:06:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eb5bb993ce0fe16210d21028ad463230f6480c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:fc:18:2b:4e:5c:ef:ed:34:d5:e9:a4:a5:
dd:37:6d:4b:c8:e1:21:f4:97:75:3f:fd:c7:dd:84:
c5:d4:f7:59:36:49:d0:b2:61:87:64:8e:9f:83:af:
4c:b2:ba:ff:90:41:9f:1d:c0:ab:2b:c6:29:d8:ab:
17:5e:68:0a:9c:7c:36:77:4e:75:99:2c:34:4c:0f:
de:48:78:8e:a7:56:be:6e:28:7f:bd:46:aa:4c:9d:
66:27:88:a9:55:e5:09:0b:eb:8b:2c:a8:9e:55:3a:
bc:29:34:0e:8e:c0:3b:45:78:d1:3a:f7:98:c5:48:
7b:8b:f3:0b:3d:21:3f:30:a3:f1:9e:38:18:52:1e:
53:fd:e6:ae:f7:83:37:ed:cc:1d:f4:88:65:34:4d:
64:5c:06:d7:26:e0:ad:3e:b1:a7:b8:48:45:38:b3:
52:22:aa:23:84:53:32:5c:98:3a:d2:f9:29:85:45:
45:04:8d:c1:41:dc:78:c1:6e:b1:49:7f:b3:60:28:
d3:57:d6:1f:76:70:56:ac:b4:5a:9e:86:39:ff:a1:
bf:b0:5b:e1:ab:4c:2e:59:be:30:2d:41:8d:56:f9:
23:e5:02:1d:d8:15:5d:42:9b:1a:19:6a:54:0b:93:
a1:3d:82:3d:e8:d6:25:ce:7b:80:ba:57:2a:4e:48:
91:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B5:BB:99:3C:E0:FE:16:21:0D:21:02:8A:D4:63:23:0F:64:80:C2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/brW7mTzg_hYhDSECitRjIw9kgMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
43:88:ba:07:8c:41:6e:2d:63:c9:56:85:4c:24:d1:1c:ec:bd:
d6:64:2c:44:89:35:e9:76:0c:16:30:df:38:50:7d:58:17:e5:
42:3a:f5:5e:6b:e1:91:92:33:de:5f:07:16:dc:17:5a:c4:0f:
8c:57:07:8e:65:b7:7e:2f:93:46:1a:3f:d4:36:92:da:14:94:
68:74:cc:57:69:03:bc:9d:49:6f:ba:b1:1d:69:67:df:9e:46:
35:f7:59:78:b8:d2:e5:18:97:49:5a:3f:73:99:39:5c:c0:22:
01:0e:50:80:1d:75:b1:42:4d:f2:8d:fe:c1:ad:42:ba:ac:38:
a3:49:4a:1d:27:37:d3:3f:d6:e4:f9:8c:2a:0a:d6:7b:83:70:
33:32:12:e2:35:a1:fa:e0:71:ad:a0:9c:66:24:35:56:94:a9:
b1:20:ca:41:bf:57:9c:ff:b9:6a:44:c8:5b:9a:81:02:25:1a:
fe:b7:7e:67:00:53:a5:db:6e:1f:b1:1e:0f:4e:b2:6d:67:76:
c3:49:1a:bf:6d:30:c0:af:bd:ae:2e:99:10:6d:bf:d8:52:61:
a5:c7:f3:36:00:10:e6:bb:80:73:a6:9f:8b:00:ba:ef:f8:e2:
db:09:de:22:57:86:d7:08:48:4a:77:cd:76:b7:76:4a:c3:8a:
48:bd:e7:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFExA1LnVZMj/uipxMQGiqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODEyMDQwNjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI1YmI5OTNjZTBmZTE2MjEwZDIxMDI4YWQ0NjMyMzBmNjQ4MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2C/8GCtOXO/tNNXppKXdN21LyOEh
9Jd1P/3H3YTF1PdZNknQsmGHZI6fg69Msrr/kEGfHcCrK8Yp2KsXXmgKnHw2d051
mSw0TA/eSHiOp1a+bih/vUaqTJ1mJ4ipVeUJC+uLLKieVTq8KTQOjsA7RXjROveY
xUh7i/MLPSE/MKPxnjgYUh5T/eau94M37cwd9IhlNE1kXAbXJuCtPrGnuEhFOLNS
IqojhFMyXJg60vkphUVFBI3BQdx4wW6xSX+zYCjTV9YfdnBWrLRanoY5/6G/sFvh
q0wuWb4wLUGNVvkj5QId2BVdQpsaGWpUC5OhPYI96NYlznuAulcqTkiRKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG61u5k84P4WIQ0hAorUYyMPZIDCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYnJXN21UemdfaFloRFNFQ2l0UmpJdzlrZ01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4URAwQA
w4UnMA0GCSqGSIb3DQEBCwUAA4IBAQBDiLoHjEFuLWPJVoVMJNEc7L3WZCxEiTXp
dgwWMN84UH1YF+VCOvVea+GRkjPeXwcW3BdaxA+MVweOZbd+L5NGGj/UNpLaFJRo
dMxXaQO8nUlvurEdaWffnkY191l4uNLlGJdJWj9zmTlcwCIBDlCAHXWxQk3yjf7B
rUK6rDijSUodJzfTP9bk+YwqCtZ7g3AzMhLiNaH64HGtoJxmJDVWlKmxIMpBv1ec
/7lqRMhbmoECJRr+t35nAFOl224fsR4PTrJtZ3bDSRq/bTDAr72uLpkQbb/YUmGl
x/M2ABDmu4Bzpp+LALrv+OLbCd4iV4bXCEhKd812t3ZKw4pIveeN
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:49:59 2024 by rpki-client on console-ams.rpki-client.org