Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy75aL5aOkRN46t5qnV3QsOZY_Q.roa
File: cy75aL5aOkRN46t5qnV3QsOZY_Q.roa (raw, json)
Hash identifier: SyAWXs7U+aZA6NRcOcR58+UsKIMn53TnXiDGoP0wREI=
Subject key identifier: 73:2E:F9:68:BE:5A:3A:44:4D:E3:AB:79:AA:75:77:42:C3:99:63:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01869B8DCA053D3846BF1E31A733EA37814D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy75aL5aOkRN46t5qnV3QsOZY_Q.roa
Signing time: Wed 01 Mar 2023 05:03:26 +0000
ROA not before: Wed 01 Mar 2023 05:03:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41944
IP address blocks: 195.133.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 07:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:8d:ca:05:3d:38:46:bf:1e:31:a7:33:ea:37:81:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 1 05:03:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=732ef968be5a3a444de3ab79aa757742c39963f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:67:f6:2b:13:4d:38:4e:a7:bb:a0:ab:f0:25:
ed:ca:b1:59:27:53:4d:0b:1d:80:9d:4b:58:ed:17:
f6:fe:c3:a7:54:ea:0f:d9:11:b0:04:76:ac:69:1c:
fa:b0:91:54:57:22:e4:fa:32:7e:e0:5d:54:15:83:
d8:ea:2d:da:dd:7b:6f:de:be:48:49:7b:5a:da:36:
10:55:03:51:93:43:a8:6d:60:9e:03:39:de:56:be:
bb:f7:33:b6:d8:fc:3e:00:84:e2:c7:ea:93:28:8d:
64:62:d7:2f:54:9f:b3:b8:10:dd:57:aa:96:44:a3:
52:2a:f4:4f:03:94:59:35:c1:59:0b:79:e8:d1:55:
b9:68:00:be:a5:98:71:ea:d5:6f:9b:ef:d4:df:a5:
3e:b5:61:75:63:78:bd:e9:e1:17:af:51:12:22:3f:
00:15:b3:f9:1d:5f:24:36:9e:0d:34:e3:6d:14:57:
c6:7e:08:94:23:f3:e7:95:9b:b1:6e:7c:20:3f:d2:
23:5b:98:df:f1:a1:00:5a:f1:38:e9:37:3e:6f:8f:
93:fd:45:f1:72:ad:1f:03:10:f9:50:c3:76:74:d3:
dc:51:27:97:a3:ba:7f:d8:8c:e3:ca:52:af:3f:ce:
cb:6c:8f:7e:8d:a7:3a:5f:d5:e1:58:b6:c2:94:c7:
d3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2E:F9:68:BE:5A:3A:44:4D:E3:AB:79:AA:75:77:42:C3:99:63:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy75aL5aOkRN46t5qnV3QsOZY_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ec:3c:10:01:f3:98:a2:2e:a6:8e:5e:f9:d1:71:d8:61:2c:
c3:71:4c:72:b5:39:54:ae:a5:cd:1d:87:d7:7c:7c:18:b4:fe:
db:d7:c1:df:c0:eb:97:86:a9:6c:60:41:c6:a9:c3:48:18:4d:
62:cd:bb:0d:f9:0c:24:6a:e5:96:ba:85:9c:76:c3:d0:57:67:
44:34:55:06:77:a4:90:61:3f:c4:84:04:f3:a6:68:94:cb:8e:
7e:de:98:bb:27:65:05:32:fe:2d:c1:07:ba:29:a9:c6:02:00:
57:c5:6f:01:d8:3a:a9:02:3c:8d:c1:85:57:97:be:ad:df:6f:
40:08:ba:a7:fe:3c:4d:88:42:20:95:0c:fa:bb:81:42:1a:a7:
c5:e6:73:99:0b:93:55:8e:32:62:a9:76:44:a1:e4:49:b6:67:
df:b3:d2:9c:e2:1c:e6:f4:c1:b3:a7:b8:61:23:27:1d:84:d7:
51:41:30:15:25:6e:99:4e:9f:c6:73:f4:8d:4b:a4:95:bb:7a:
9e:8e:f2:cc:a7:12:e9:60:9e:b3:fb:05:51:8c:d8:cc:cf:e9:
b8:4f:55:5a:91:e9:0d:c1:a9:47:56:36:fb:97:e6:41:cd:0e:
c8:3a:11:38:96:57:25:1e:97:1a:1d:a9:3b:98:2d:03:9f:e6:
fd:2e:8f:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYabjcoFPThGvx4xpzPqN4FNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAxMDUwMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzJlZjk2OGJlNWEzYTQ0NGRlM2FiNzlhYTc1Nzc0MmMzOTk2M2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2f2KxNNOE6nu6Cr8CXtyrFZJ1NN
Cx2AnUtY7Rf2/sOnVOoP2RGwBHasaRz6sJFUVyLk+jJ+4F1UFYPY6i3a3Xtv3r5I
SXta2jYQVQNRk0OobWCeAzneVr679zO22Pw+AITix+qTKI1kYtcvVJ+zuBDdV6qW
RKNSKvRPA5RZNcFZC3no0VW5aAC+pZhx6tVvm+/U36U+tWF1Y3i96eEXr1ESIj8A
FbP5HV8kNp4NNONtFFfGfgiUI/PnlZuxbnwgP9IjW5jf8aEAWvE46Tc+b4+T/UXx
cq0fAxD5UMN2dNPcUSeXo7p/2IzjylKvP87LbI9+jac6X9XhWLbClMfTUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMu+Wi+WjpETeOreap1d0LDmWP0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY3k3NWFMNWFPa1JONDZ0NXFuVjNRc09aWV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4VeMA0G
CSqGSIb3DQEBCwUAA4IBAQAL7DwQAfOYoi6mjl750XHYYSzDcUxytTlUrqXNHYfX
fHwYtP7b18HfwOuXhqlsYEHGqcNIGE1izbsN+QwkauWWuoWcdsPQV2dENFUGd6SQ
YT/EhATzpmiUy45+3pi7J2UFMv4twQe6KanGAgBXxW8B2DqpAjyNwYVXl76t329A
CLqn/jxNiEIglQz6u4FCGqfF5nOZC5NVjjJiqXZEoeRJtmffs9Kc4hzm9MGzp7hh
IycdhNdRQTAVJW6ZTp/Gc/SNS6SVu3qejvLMpxLpYJ6z+wVRjNjMz+m4T1VakekN
walHVjb7l+ZBzQ7IOhE4llclHpcaHak7mC0Dn+b9Lo+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org