Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ehMVK9zrWLDsCHT_kpIxiEUt36s.roa
File: ehMVK9zrWLDsCHT_kpIxiEUt36s.roa (raw, json)
Hash identifier: C7B0S7sjSF2XZsCbLPl7KYeN8FMoqkU1gij6G/gcOvg=
Subject key identifier: 7A:13:15:2B:DC:EB:58:B0:EC:08:74:FF:92:92:31:88:45:2D:DF:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AE6F8CF654CB3EDAF3B0FA5495DF30DDB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ehMVK9zrWLDsCHT_kpIxiEUt36s.roa
Signing time: Sat 30 Sep 2023 16:43:00 +0000
ROA not before: Sat 30 Sep 2023 16:43:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211318
IP address blocks: 194.87.33.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Oct 2023 10:15:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:f8:cf:65:4c:b3:ed:af:3b:0f:a5:49:5d:f3:0d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 30 16:43:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a13152bdceb58b0ec0874ff92923188452ddfab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:5a:3f:ef:77:c4:64:f0:42:20:b1:c4:43:
87:3d:e0:82:be:7d:3a:2b:e6:55:81:59:ac:15:87:
33:80:a9:cb:b9:b2:e0:28:af:a8:2d:47:17:d0:8a:
bd:65:34:28:e5:2b:09:61:ad:d3:99:70:3f:ed:63:
7a:f6:c5:eb:50:00:80:18:eb:dd:cd:1c:2b:9c:48:
35:06:3c:3b:f6:7c:78:ac:94:63:f2:cc:d2:e9:6d:
d5:9f:a4:16:53:51:d4:64:4c:18:42:d9:1f:bf:a4:
76:17:08:ac:6d:fc:7e:ac:80:94:c4:54:7b:71:97:
6a:b1:76:58:7e:a3:b2:14:59:63:2b:2a:32:5c:b0:
0a:26:a1:1d:56:84:fe:72:92:d6:a9:3e:1e:4b:1d:
31:6f:45:41:18:c9:b2:3a:58:35:2a:44:7d:08:68:
1a:33:96:cb:bd:13:31:8e:f2:5d:ef:37:c8:02:3d:
f4:75:08:a2:09:e6:e8:74:a5:b9:91:91:95:29:a7:
57:79:eb:9e:08:05:ee:2a:39:f7:c5:07:19:20:63:
b4:f6:de:78:fc:5f:01:77:cf:d2:fa:04:5c:a1:04:
a2:96:55:7e:62:ea:21:cb:6b:19:a5:87:24:b8:f1:
ac:d8:aa:57:89:2b:15:53:44:1b:8c:eb:f9:38:1a:
9e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:13:15:2B:DC:EB:58:B0:EC:08:74:FF:92:92:31:88:45:2D:DF:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ehMVK9zrWLDsCHT_kpIxiEUt36s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.33.0/24
195.133.18.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:44:4a:0c:f6:62:07:28:9d:a2:2c:6e:96:c9:19:5d:e9:12:
48:9e:75:55:83:89:94:70:a3:0b:e4:83:7c:d1:ea:d5:ad:33:
da:53:1b:35:b8:be:23:7e:99:da:86:89:80:84:68:68:13:08:
08:06:05:22:da:27:94:e3:1b:d1:4d:a0:f4:ea:6b:55:5c:08:
22:13:f2:56:9e:8f:84:db:01:d6:46:5b:ee:09:a7:24:a1:cf:
92:99:36:99:d7:35:66:c8:1c:c5:bf:6f:a9:33:fb:52:eb:03:
83:b4:e4:e1:0c:2e:77:96:75:6f:f0:4d:ec:f6:18:0a:84:dd:
a8:01:e7:2d:bb:1c:79:e3:c8:60:4f:73:bc:dc:a8:b5:35:5b:
66:a2:8d:cf:bc:cf:3d:f7:f5:91:7f:63:66:99:96:16:f2:55:
06:a2:a0:7e:99:bc:f7:2a:da:68:b5:62:07:e3:78:e8:f7:6b:
c9:c9:2c:56:fc:36:36:4e:2b:3b:38:b8:09:ee:bf:68:81:ee:
89:8c:8f:1e:ac:6d:c3:63:48:b0:90:e9:32:50:c3:30:5f:85:
83:8b:29:9a:07:27:fc:3c:bb:0b:5c:4a:42:9c:33:74:85:44:
6e:4b:ac:45:e8:6e:84:97:44:41:d0:e3:84:e6:df:b3:fd:ea:
02:79:12:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrm+M9lTLPtrzsPpUld8w3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTMwMTY0MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEzMTUyYmRjZWI1OGIwZWMwODc0ZmY5MjkyMzE4ODQ1MmRkZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLNaP+93xGTwQiCxxEOHPeCCvn06
K+ZVgVmsFYczgKnLubLgKK+oLUcX0Iq9ZTQo5SsJYa3TmXA/7WN69sXrUACAGOvd
zRwrnEg1Bjw79nx4rJRj8szS6W3Vn6QWU1HUZEwYQtkfv6R2Fwisbfx+rICUxFR7
cZdqsXZYfqOyFFljKyoyXLAKJqEdVoT+cpLWqT4eSx0xb0VBGMmyOlg1KkR9CGga
M5bLvRMxjvJd7zfIAj30dQiiCebodKW5kZGVKadXeeueCAXuKjn3xQcZIGO09t54
/F8Bd8/S+gRcoQSillV+Yuohy2sZpYckuPGs2KpXiSsVU0QbjOv5OBqeDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHoTFSvc61iw7Ah0/5KSMYhFLd+rMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZWhNVks5enJXTERzQ0hUX2twSXhpRVV0MzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlchAwQA
w4USMA0GCSqGSIb3DQEBCwUAA4IBAQBdREoM9mIHKJ2iLG6WyRld6RJInnVVg4mU
cKML5IN80erVrTPaUxs1uL4jfpnahomAhGhoEwgIBgUi2ieU4xvRTaD06mtVXAgi
E/JWno+E2wHWRlvuCackoc+SmTaZ1zVmyBzFv2+pM/tS6wODtOThDC53lnVv8E3s
9hgKhN2oAectuxx548hgT3O83Ki1NVtmoo3PvM899/WRf2NmmZYW8lUGoqB+mbz3
KtpotWIH43jo92vJySxW/DY2Tis7OLgJ7r9oge6JjI8erG3DY0iwkOkyUMMwX4WD
iymaByf8PLsLXEpCnDN0hURuS6xF6G6El0RB0OOE5t+z/eoCeRLQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org