Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g5xWmtHTZIMO2ebmQlHov5BneCU.roa
File: g5xWmtHTZIMO2ebmQlHov5BneCU.roa (raw, json)
Hash identifier: p8DqI7z+vKkZpzHL7Y77lq5qU1VaFjUyQmEpTdCQWQI=
Subject key identifier: 83:9C:56:9A:D1:D3:64:83:0E:D9:E6:E6:42:51:E8:BF:90:67:78:25
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F6717E5B14D462D4E7E384D5D52AC60
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g5xWmtHTZIMO2ebmQlHov5BneCU.roa
Signing time: Sun 01 Jan 2023 22:15:05 +0000
ROA not before: Sun 01 Jan 2023 22:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212609
IP address blocks: 195.58.33.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 15:09:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:17:e5:b1:4d:46:2d:4e:7e:38:4d:5d:52:ac:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=839c569ad1d364830ed9e6e64251e8bf90677825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1d:05:6a:41:9e:00:ea:52:26:8c:f6:39:3d:
82:40:4a:74:fc:84:1d:25:b0:ae:66:b2:f4:db:85:
52:6e:59:a6:62:de:a4:fa:fb:99:01:70:20:89:a0:
7f:e2:3e:d5:f0:c8:61:dd:8d:b2:5a:62:37:25:37:
4e:86:8c:e4:bb:55:98:79:4f:73:45:04:d6:5a:e6:
88:ab:3f:86:65:a4:1e:b3:a0:92:9b:3d:2e:16:57:
56:67:e1:3b:4b:77:1e:24:15:48:90:bc:aa:6b:74:
15:c8:c4:2b:13:a9:60:45:01:c5:0f:18:a0:2f:46:
d9:8a:9c:1b:d0:83:9a:f7:d2:c5:9b:a1:c4:47:aa:
7e:a7:83:e8:b9:36:47:ee:56:6a:23:4f:0b:91:6d:
74:75:e9:78:0e:75:bc:58:13:ef:1d:35:12:d7:92:
45:9a:57:a2:b2:f8:19:ab:1e:6e:52:b4:28:a3:4c:
7a:41:ff:0f:e2:ca:4b:e9:f0:00:e4:65:45:24:07:
0b:19:24:1c:83:c1:a4:26:72:5a:0a:3f:a2:79:ff:
cd:e4:39:db:75:ee:a1:42:3c:90:41:ad:b6:86:8a:
8a:44:34:ac:b0:c6:4e:6b:11:5b:73:28:46:ac:79:
c6:f5:78:4c:ec:b9:42:f7:6d:29:cf:dc:08:14:be:
cb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9C:56:9A:D1:D3:64:83:0E:D9:E6:E6:42:51:E8:BF:90:67:78:25
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/g5xWmtHTZIMO2ebmQlHov5BneCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.206.0/24
195.58.33.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f7:d3:65:e9:b9:17:27:b3:ad:42:a7:e1:63:f7:61:60:7b:
86:df:1c:90:31:eb:e7:99:3b:df:a2:0d:be:83:e9:43:9f:66:
be:79:9a:87:05:65:38:af:65:90:31:d8:e4:0a:27:08:de:7b:
91:17:bf:05:bc:10:bc:65:e5:65:fa:e1:a5:1e:30:36:4e:be:
0c:20:05:a0:2f:e7:97:82:49:76:81:a9:a5:81:15:66:75:7a:
b9:af:d6:1b:94:2a:10:c2:3c:e2:44:f3:30:6c:bf:df:3a:85:
38:eb:54:8d:10:ea:38:ec:02:79:6b:8f:a4:e4:08:f2:ed:f5:
c7:42:be:4a:65:fb:e6:81:89:4c:71:41:28:a6:3b:fc:0c:b1:
9b:c1:e4:10:f0:b2:03:2a:1f:ff:47:36:c5:3f:e9:48:ed:5e:
f0:58:98:e3:68:ae:9f:49:d5:1e:07:72:ad:29:a4:ab:7f:08:
77:7f:35:e8:02:e0:68:7f:a5:27:38:10:03:6f:fd:a9:d3:db:
45:0d:26:80:1d:07:5a:34:4e:ad:5f:78:2a:62:c5:53:c0:69:
a5:32:4d:14:02:ff:ff:1d:48:6f:cd:ea:d0:a9:77:6e:07:33:
f8:43:d7:88:48:52:40:8a:08:11:c3:4e:9d:34:a8:d7:b4:f5:
7c:19:0f:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZxflsU1GLU5+OE1dUqxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzljNTY5YWQxZDM2NDgzMGVkOWU2ZTY0MjUxZThiZjkwNjc3ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB0FakGeAOpSJoz2OT2CQEp0/IQd
JbCuZrL024VSblmmYt6k+vuZAXAgiaB/4j7V8Mhh3Y2yWmI3JTdOhozku1WYeU9z
RQTWWuaIqz+GZaQes6CSmz0uFldWZ+E7S3ceJBVIkLyqa3QVyMQrE6lgRQHFDxig
L0bZipwb0IOa99LFm6HER6p+p4PouTZH7lZqI08LkW10del4DnW8WBPvHTUS15JF
mleisvgZqx5uUrQoo0x6Qf8P4spL6fAA5GVFJAcLGSQcg8GkJnJaCj+ief/N5Dnb
de6hQjyQQa22hoqKRDSssMZOaxFbcyhGrHnG9XhM7LlC920pz9wIFL7LJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIOcVprR02SDDtnm5kJR6L+QZ3glMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZzV4V210SFRaSU1PMmVibVFsSG92NUJuZUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzOAwQA
wzohMA0GCSqGSIb3DQEBCwUAA4IBAQCB99Nl6bkXJ7OtQqfhY/dhYHuG3xyQMevn
mTvfog2+g+lDn2a+eZqHBWU4r2WQMdjkCicI3nuRF78FvBC8ZeVl+uGlHjA2Tr4M
IAWgL+eXgkl2gamlgRVmdXq5r9YblCoQwjziRPMwbL/fOoU461SNEOo47AJ5a4+k
5Ajy7fXHQr5KZfvmgYlMcUEopjv8DLGbweQQ8LIDKh//RzbFP+lI7V7wWJjjaK6f
SdUeB3KtKaSrfwh3fzXoAuBof6UnOBADb/2p09tFDSaAHQdaNE6tX3gqYsVTwGml
Mk0UAv//HUhvzerQqXduBzP4Q9eISFJAiggRw06dNKjXtPV8GQ+Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org