Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fdKPp7SH88go9WybtvfYWMwWm2E.roa
File: fdKPp7SH88go9WybtvfYWMwWm2E.roa (raw, json)
Hash identifier: bfKLrV0JoETxFprMhizK5k2dX02QPJ8VmG/Qd0WZkxo=
Subject key identifier: 7D:D2:8F:A7:B4:87:F3:C8:28:F5:6C:9B:B6:F7:D8:58:CC:16:9B:61
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BF77F1218777A638EEBD68C9B1FD507FF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fdKPp7SH88go9WybtvfYWMwWm2E.roa
Signing time: Wed 22 Nov 2023 14:46:21 +0000
ROA not before: Wed 22 Nov 2023 14:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 195.133.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:7f:12:18:77:7a:63:8e:eb:d6:8c:9b:1f:d5:07:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 22 14:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dd28fa7b487f3c828f56c9bb6f7d858cc169b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9c:3b:ed:f4:2a:76:55:24:f2:1c:b7:47:d8:
97:93:86:12:4d:bf:ab:49:55:28:0f:01:45:40:b8:
59:bc:3d:f4:2c:fa:b6:7b:bf:29:ec:e6:3b:1f:0c:
ce:3d:8f:42:49:d4:49:7a:7d:85:1d:6b:e4:4c:0b:
27:2b:86:cf:6f:7c:bc:0f:35:5e:02:d3:d4:d3:00:
c2:72:9a:a9:50:8a:88:26:c6:21:5b:0c:04:35:37:
fd:16:20:35:e4:5d:13:62:3c:f3:86:a5:42:40:c2:
18:4f:91:d4:45:89:d2:fb:b1:dd:89:ff:3f:2c:d9:
88:6c:6d:b8:e8:90:7e:56:7b:22:74:bb:a4:9d:cc:
f3:b1:cd:de:93:a1:10:46:cc:19:0a:8a:f8:11:fa:
64:8f:e7:ef:f6:49:80:36:c5:e0:50:41:e0:de:64:
51:3b:99:69:81:cd:2f:7c:49:43:af:cf:b0:c4:2e:
d1:8c:c3:37:03:37:2c:b0:50:5d:50:b9:d6:d5:b4:
eb:f2:4d:41:5d:d8:b3:f9:de:fd:f5:3a:88:26:9b:
1a:7f:e1:ef:15:24:90:eb:5c:40:43:c1:a6:e2:ad:
13:2a:c0:a6:fb:fb:26:33:db:67:39:8b:bc:db:e6:
32:dd:79:1c:85:79:9e:78:37:f4:2a:67:44:92:4e:
98:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D2:8F:A7:B4:87:F3:C8:28:F5:6C:9B:B6:F7:D8:58:CC:16:9B:61
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fdKPp7SH88go9WybtvfYWMwWm2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.28.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:61:37:f3:36:fe:2d:f9:67:ea:de:0a:83:6f:9c:03:bf:ce:
59:c5:43:66:4c:01:c9:87:7c:a2:93:90:0c:64:44:cf:94:dd:
67:32:e5:b8:b2:cc:c8:fa:3b:94:eb:ed:40:8b:46:9c:19:3c:
62:e3:c4:94:03:1b:e3:dc:54:94:d5:62:3d:09:0e:b5:c6:de:
f0:f6:f6:93:66:66:d1:7f:22:87:ed:98:11:0b:d5:aa:42:56:
c8:7c:15:28:9e:ca:d0:42:87:8a:5c:c0:1f:fc:0e:bd:f9:87:
bf:ba:7f:9a:43:08:67:18:77:3a:b3:ec:d1:0d:0d:24:69:28:
0d:b0:63:06:bd:4f:c5:d0:86:e4:49:4d:33:ae:f5:df:75:27:
58:1a:0d:bf:7d:be:28:b3:21:05:e0:74:f3:33:59:51:13:67:
a0:b7:2b:7b:1a:ec:96:6a:c5:79:e4:7d:09:be:c9:be:2f:b8:
d4:52:5c:71:cd:74:3f:fb:e0:5d:b5:1f:c8:4f:74:b6:27:3f:
a2:0a:50:6d:90:12:96:3a:a7:61:cc:fe:76:a5:c7:7e:51:04:
9b:d0:f6:46:a6:a7:57:bd:6e:c2:fd:d5:19:ef:f7:c5:44:70:
04:e1:eb:18:81:90:f6:99:c4:3f:cd:2f:54:28:09:8d:98:6e:
f7:8c:e5:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv3fxIYd3pjjuvWjJsf1Qf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIyMTQ0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQyOGZhN2I0ODdmM2M4MjhmNTZjOWJiNmY3ZDg1OGNjMTY5YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5w77fQqdlUk8hy3R9iXk4YSTb+r
SVUoDwFFQLhZvD30LPq2e78p7OY7HwzOPY9CSdRJen2FHWvkTAsnK4bPb3y8DzVe
AtPU0wDCcpqpUIqIJsYhWwwENTf9FiA15F0TYjzzhqVCQMIYT5HURYnS+7Hdif8/
LNmIbG246JB+VnsidLuknczzsc3ek6EQRswZCor4Efpkj+fv9kmANsXgUEHg3mRR
O5lpgc0vfElDr8+wxC7RjMM3AzcssFBdULnW1bTr8k1BXdiz+d799TqIJpsaf+Hv
FSSQ61xAQ8Gm4q0TKsCm+/smM9tnOYu82+Yy3XkchXmeeDf0KmdEkk6YrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3Sj6e0h/PIKPVsm7b32FjMFpthMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZmRLUHA3U0g4OGdvOVd5YnR2ZllXTXdXbTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UcMA0G
CSqGSIb3DQEBCwUAA4IBAQAtYTfzNv4t+Wfq3gqDb5wDv85ZxUNmTAHJh3yik5AM
ZETPlN1nMuW4sszI+juU6+1Ai0acGTxi48SUAxvj3FSU1WI9CQ61xt7w9vaTZmbR
fyKH7ZgRC9WqQlbIfBUonsrQQoeKXMAf/A69+Ye/un+aQwhnGHc6s+zRDQ0kaSgN
sGMGvU/F0IbkSU0zrvXfdSdYGg2/fb4osyEF4HTzM1lRE2egtyt7GuyWasV55H0J
vsm+L7jUUlxxzXQ/++BdtR/IT3S2Jz+iClBtkBKWOqdhzP52pcd+UQSb0PZGpqdX
vW7C/dUZ7/fFRHAE4esYgZD2mcQ/zS9UKAmNmG73jOWj
-----END CERTIFICATE-----
Generated at Mon Nov 27 15:49:46 2023 by rpki-client on console-ams.rpki-client.org