Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvzzvixFKmxLb7DuA9VXNtWzv6o.roa
File: jvzzvixFKmxLb7DuA9VXNtWzv6o.roa (raw, json)
Hash identifier: uRrfDoAYB4D+9rW7hXo7XUxhXN246ygnk8tPxpwDPiM=
Subject key identifier: 8E:FC:F3:BE:2C:45:2A:6C:4B:6F:B0:EE:03:D5:57:36:D5:B3:BF:AA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A981B1FDE01D457A8FC2742144888
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvzzvixFKmxLb7DuA9VXNtWzv6o.roa
Signing time: Tue 02 Jan 2024 12:33:58 +0000
ROA not before: Tue 02 Jan 2024 12:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:98:1b:1f:de:01:d4:57:a8:fc:27:42:14:48:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8efcf3be2c452a6c4b6fb0ee03d55736d5b3bfaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:93:04:d6:ef:db:1e:48:bf:c9:a3:f7:b8:
f6:7f:57:7f:01:39:a5:ec:9f:11:64:ca:5a:9f:ff:
fc:6a:ac:55:5e:8d:97:ec:dc:b2:47:ec:8d:a8:56:
be:da:ec:67:61:8e:0a:fa:68:46:6f:1b:d8:4c:c8:
1f:a9:11:b7:cb:5c:4c:d8:eb:26:22:25:7b:e6:05:
00:43:cd:17:8b:2a:dc:5b:a9:b8:ad:cd:89:bc:29:
c8:28:d2:a2:c4:b6:77:0a:c7:55:a9:db:d3:be:09:
9e:13:14:15:09:7c:e6:ed:a7:76:fd:62:20:e9:ad:
e0:1f:21:58:84:84:3b:c6:bb:8b:0e:0a:f5:5e:e8:
67:67:1c:62:fd:3a:87:a0:fd:b8:43:66:ca:df:9a:
0c:54:fa:c9:02:45:1e:94:de:2b:60:9c:48:f4:26:
dd:96:ae:75:80:9d:24:75:4a:6d:e9:34:d6:a1:3b:
f1:af:a6:b6:4f:4b:22:dd:d7:87:d1:4f:ad:34:58:
9d:bf:22:b9:66:4a:d1:79:32:95:7d:8d:3b:f0:50:
84:11:37:5b:9f:b5:c4:e2:5d:d8:9b:df:4e:d3:10:
f1:3b:b6:5e:c3:e2:c6:3c:32:4d:c3:e9:b7:e2:5f:
57:7c:3a:a1:0a:a3:64:91:3f:d4:02:d8:35:3d:d3:
a6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FC:F3:BE:2C:45:2A:6C:4B:6F:B0:EE:03:D5:57:36:D5:B3:BF:AA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jvzzvixFKmxLb7DuA9VXNtWzv6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.9.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b9:da:81:14:cb:48:bb:c4:17:b7:a9:88:6f:e3:5d:d9:45:
37:b9:b3:09:05:d1:83:ea:ac:ab:5d:b1:02:99:6f:de:1d:c4:
65:26:92:b8:eb:9f:6e:9e:f0:62:9d:18:9d:66:1b:0c:59:49:
41:19:11:80:f2:5a:77:40:18:52:fc:e7:42:ca:4f:8a:30:81:
9a:a5:ca:bb:f1:40:07:5c:21:4b:e7:92:ba:ad:7d:c1:a7:59:
9b:66:6a:2b:8f:ca:97:9f:92:e4:bb:e1:2d:d9:84:3c:18:e1:
db:a8:bd:74:19:c5:35:e3:72:6b:8d:d4:2f:cb:85:5b:70:1b:
ed:30:e8:6c:16:4d:63:52:d5:a4:9c:18:b2:dd:b4:63:8f:94:
30:67:06:3f:e6:7f:6e:e3:00:3a:92:a5:cb:e2:3f:e6:6e:01:
03:fd:c8:87:c4:dd:2e:53:b7:5b:ea:8a:ad:da:b3:fe:fc:48:
8c:e1:2b:de:92:6e:a1:bc:68:4f:b1:a0:c6:e8:c0:6a:a1:6d:
6b:bf:43:c2:03:08:81:fb:4b:6c:cc:a0:db:9b:01:29:8a:49:
af:c4:27:81:8a:51:10:f5:f4:f4:28:d7:4d:38:fe:86:f0:77:
4b:82:d9:77:ab:c0:ae:71:9f:cc:a2:51:0d:7d:24:69:28:a4:
20:a3:ac:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKpgbH94B1Feo/CdCFEiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZjZjNiZTJjNDUyYTZjNGI2ZmIwZWUwM2Q1NTczNmQ1YjNiZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsiTBNbv2x5Iv8mj97j2f1d/ATml
7J8RZMpan//8aqxVXo2X7NyyR+yNqFa+2uxnYY4K+mhGbxvYTMgfqRG3y1xM2Osm
IiV75gUAQ80XiyrcW6m4rc2JvCnIKNKixLZ3CsdVqdvTvgmeExQVCXzm7ad2/WIg
6a3gHyFYhIQ7xruLDgr1XuhnZxxi/TqHoP24Q2bK35oMVPrJAkUelN4rYJxI9Cbd
lq51gJ0kdUpt6TTWoTvxr6a2T0si3deH0U+tNFidvyK5ZkrReTKVfY078FCEETdb
n7XE4l3Ym99O0xDxO7Zew+LGPDJNw+m34l9XfDqhCqNkkT/UAtg1PdOm+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI78874sRSpsS2+w7gPVVzbVs7+qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvanZ6enZpeEZLbXhMYjdEdUE5VlhOdFd6djZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UJMA0G
CSqGSIb3DQEBCwUAA4IBAQBDudqBFMtIu8QXt6mIb+Nd2UU3ubMJBdGD6qyrXbEC
mW/eHcRlJpK4659unvBinRidZhsMWUlBGRGA8lp3QBhS/OdCyk+KMIGapcq78UAH
XCFL55K6rX3Bp1mbZmorj8qXn5Lku+Et2YQ8GOHbqL10GcU143JrjdQvy4VbcBvt
MOhsFk1jUtWknBiy3bRjj5QwZwY/5n9u4wA6kqXL4j/mbgED/ciHxN0uU7db6oqt
2rP+/EiM4Svekm6hvGhPsaDG6MBqoW1rv0PCAwiB+0tszKDbmwEpikmvxCeBilEQ
9fT0KNdNOP6G8HdLgtl3q8CucZ/MolENfSRpKKQgo6w4
-----END CERTIFICATE-----
Generated at Fri Feb 2 12:05:17 2024 by rpki-client on console-ams.rpki-client.org