Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g0UlhUbCq2CpeHgapYjqeVD4hBs.roa
File: g0UlhUbCq2CpeHgapYjqeVD4hBs.roa (raw, json)
Hash identifier: VhW2pmHcPgBh/0r6bZiW3vtJ/gU6RGQF8sxlRs81X5c=
Subject key identifier: 83:45:25:85:46:C2:AB:60:A9:78:78:1A:A5:88:EA:79:50:F8:84:1B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ACD3994414473784969C8EB502E00E793
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g0UlhUbCq2CpeHgapYjqeVD4hBs.roa
Signing time: Mon 25 Sep 2023 16:43:37 +0000
ROA not before: Mon 25 Sep 2023 16:43:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 195.133.92.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:39:94:41:44:73:78:49:69:c8:eb:50:2e:00:e7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 25 16:43:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8345258546c2ab60a978781aa588ea7950f8841b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:9b:dd:85:2e:07:60:4b:d9:4c:3a:2d:e5:
be:ad:51:b3:78:b4:ec:fc:40:3f:69:6c:48:d2:ec:
12:b4:99:13:64:55:34:fd:29:4a:5d:d1:f5:3f:4f:
da:45:64:61:36:6d:6b:2e:fa:97:6e:96:95:92:d4:
9c:ec:51:45:aa:35:51:18:e3:99:d3:8d:4c:f4:d0:
6d:4c:7e:fc:95:15:18:a6:21:cc:ba:aa:97:76:9f:
e2:6e:55:e0:ea:23:9a:1b:3a:05:78:1d:c5:39:5e:
fd:db:43:3a:a7:c5:f5:22:42:8d:9a:d2:99:37:fe:
61:01:23:12:e3:9c:8d:09:ba:47:2a:3a:e6:84:a8:
cd:f6:92:9a:46:de:9e:75:2d:a0:62:c1:9c:d3:2a:
c8:be:b2:22:15:a9:57:e3:e8:4a:19:50:3f:5d:81:
e7:33:a9:4b:82:d9:e9:bc:8a:1e:1d:eb:b4:2d:fa:
0c:27:22:9a:1d:48:47:1f:d2:22:1a:04:4b:fd:1b:
73:ef:31:96:7a:a3:48:4f:04:f3:8e:f2:43:a3:f0:
6d:07:20:d6:31:28:d4:09:1d:c8:4d:6e:7f:70:6a:
9f:d1:11:db:13:0b:d2:80:16:b4:f7:8e:5f:24:0b:
52:5e:ba:ed:61:b4:b5:e0:95:c9:de:03:71:01:36:
58:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:45:25:85:46:C2:AB:60:A9:78:78:1A:A5:88:EA:79:50:F8:84:1B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g0UlhUbCq2CpeHgapYjqeVD4hBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.92.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:f4:b4:cf:2b:64:14:45:29:f1:57:f9:6b:02:a6:88:53:de:
e4:d7:df:75:f2:f9:70:87:cb:88:5c:27:6c:63:9a:f4:3e:a8:
08:f5:6d:a5:15:24:9a:53:ff:2d:64:62:b6:dc:a0:4d:28:83:
05:68:b8:33:d2:e6:6c:d8:7c:9b:64:29:3f:04:c1:f1:66:ee:
21:28:ad:4e:e6:bf:3c:43:fe:7d:13:34:9c:30:55:12:a6:fb:
50:b7:68:42:c9:60:99:26:6f:04:ba:43:6a:4d:8d:a7:6b:8f:
0c:40:30:45:25:80:b6:08:1b:40:d1:ed:8a:d0:90:09:a1:40:
1a:30:54:fb:93:96:50:91:34:43:e3:9f:1f:99:9a:69:3f:9e:
68:20:c0:8d:b2:da:81:54:d0:a6:95:6a:c4:95:43:ac:37:77:
6f:2e:30:1c:ec:04:1f:cd:c0:fd:53:40:81:12:64:06:d9:35:
f3:7e:34:1f:58:cf:cb:9e:ac:78:c4:79:34:36:45:fb:d8:7b:
ef:85:dc:93:84:03:a3:46:9c:51:dc:53:87:1e:a6:22:5c:69:
65:3e:c0:9e:1f:b7:23:6c:77:bb:1e:b5:bb:a5:e9:61:c0:37:
8c:ef:36:33:60:f7:08:8a:f3:cd:bd:e9:7a:83:b9:84:86:c7:
30:3c:72:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrNOZRBRHN4SWnI61AuAOeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI1MTY0MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ1MjU4NTQ2YzJhYjYwYTk3ODc4MWFhNTg4ZWE3OTUwZjg4NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB6b3YUuB2BL2Uw6LeW+rVGzeLTs
/EA/aWxI0uwStJkTZFU0/SlKXdH1P0/aRWRhNm1rLvqXbpaVktSc7FFFqjVRGOOZ
041M9NBtTH78lRUYpiHMuqqXdp/iblXg6iOaGzoFeB3FOV7920M6p8X1IkKNmtKZ
N/5hASMS45yNCbpHKjrmhKjN9pKaRt6edS2gYsGc0yrIvrIiFalX4+hKGVA/XYHn
M6lLgtnpvIoeHeu0LfoMJyKaHUhHH9IiGgRL/Rtz7zGWeqNITwTzjvJDo/BtByDW
MSjUCR3ITW5/cGqf0RHbEwvSgBa0945fJAtSXrrtYbS14JXJ3gNxATZYtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINFJYVGwqtgqXh4GqWI6nlQ+IQbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZzBVbGhVYkNxMkNwZUhnYXBZanFlVkQ0aEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4VcMA0G
CSqGSIb3DQEBCwUAA4IBAQBf9LTPK2QURSnxV/lrAqaIU97k19918vlwh8uIXCds
Y5r0PqgI9W2lFSSaU/8tZGK23KBNKIMFaLgz0uZs2HybZCk/BMHxZu4hKK1O5r88
Q/59EzScMFUSpvtQt2hCyWCZJm8EukNqTY2na48MQDBFJYC2CBtA0e2K0JAJoUAa
MFT7k5ZQkTRD458fmZppP55oIMCNstqBVNCmlWrElUOsN3dvLjAc7AQfzcD9U0CB
EmQG2TXzfjQfWM/Lnqx4xHk0NkX72HvvhdyThAOjRpxR3FOHHqYiXGllPsCeH7cj
bHe7HrW7pelhwDeM7zYzYPcIivPNvel6g7mEhscwPHIa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org