Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kgH0CdVdVndchLwKP-dTKTDG_EE.roa
File: kgH0CdVdVndchLwKP-dTKTDG_EE.roa (raw, json)
Hash identifier: nrtO3YigG7xgTiysFa/aJQz/MS1gWdgWjc0oW6hQQyg=
Subject key identifier: 92:01:F4:09:D5:5D:56:77:5C:84:BC:0A:3F:E7:53:29:30:C6:FC:41
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C8A831FB4C26893EC053A5A78E09FA782
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kgH0CdVdVndchLwKP-dTKTDG_EE.roa
Signing time: Thu 21 Dec 2023 03:54:58 +0000
ROA not before: Thu 21 Dec 2023 03:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216093
IP address blocks: 195.133.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8a:83:1f:b4:c2:68:93:ec:05:3a:5a:78:e0:9f:a7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 21 03:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9201f409d55d56775c84bc0a3fe7532930c6fc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:26:a4:39:f3:b0:25:fc:93:80:6e:13:0a:2f:
1e:4c:68:9c:e9:74:33:a1:05:4b:5e:5b:bb:b4:4a:
1a:68:98:6e:76:62:7d:d2:50:f4:78:23:e9:7f:b0:
54:52:1d:d3:a4:d9:64:07:13:f1:17:af:fa:2f:2a:
c4:8a:5f:b3:bd:6d:77:63:23:3a:5c:12:d7:5f:6d:
72:0f:1c:b9:7e:c2:62:1a:b9:52:bf:d2:be:01:67:
67:7c:24:01:70:79:93:45:b7:ab:5a:07:dd:76:e8:
b1:91:a6:5b:26:0a:ab:c7:09:35:2c:4a:f8:1c:f6:
55:94:af:c0:d2:95:a6:4a:0a:d5:95:01:bd:bb:40:
65:bd:e3:d6:dc:f4:71:45:0d:4c:7d:75:fb:ef:47:
1f:b0:f3:70:c2:b4:ab:78:77:c1:89:4d:64:ec:52:
d2:1a:d3:84:a6:08:1a:f5:91:c6:5b:26:b6:6a:25:
b5:e7:c9:8b:72:cd:57:11:03:a8:16:b0:f1:39:ad:
85:f7:49:fa:0c:dc:9d:6e:58:69:26:3f:9a:94:4e:
0c:cb:3b:37:64:72:96:d1:7b:67:56:b5:ce:3e:60:
0a:b5:05:67:93:52:d4:b0:9e:2c:b2:d5:80:47:8f:
a9:b1:f8:70:78:3c:26:0a:00:19:80:c0:40:b9:58:
ce:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:01:F4:09:D5:5D:56:77:5C:84:BC:0A:3F:E7:53:29:30:C6:FC:41
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kgH0CdVdVndchLwKP-dTKTDG_EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.14.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:33:19:9d:28:65:0f:0b:dc:55:2f:3b:87:65:d0:62:16:2f:
54:cd:db:86:6f:31:2d:b3:dd:38:b3:47:3c:89:18:3a:8a:e5:
c7:52:8c:f2:b9:e7:a4:59:31:94:2f:d1:07:fd:3a:d8:77:63:
a6:30:72:f3:33:8a:c4:c1:cf:d3:b2:b6:4d:c6:3f:69:51:09:
d7:3c:1e:a1:81:99:49:cd:79:01:5a:4c:36:58:81:ff:fd:9c:
80:b2:14:4a:17:6f:5c:94:3f:42:82:76:22:d5:d6:cf:2f:1f:
f1:ed:5a:f3:44:95:06:a4:6c:cf:c5:51:b5:c4:e0:80:cc:b5:
c7:2b:86:5f:d4:7b:81:3a:29:4c:a0:61:c6:7b:22:dc:b3:04:
ab:58:92:5b:d2:73:25:f3:3a:03:06:1a:30:75:3b:99:b0:fe:
21:cc:05:a1:cb:a7:e3:44:dc:94:59:e4:50:4c:bb:b4:35:c0:
34:9a:c2:e8:32:d3:67:04:3b:6d:42:06:8a:8f:2c:e9:5b:49:
93:fa:1f:a6:7c:ca:51:e7:9e:bd:79:ad:0b:6e:c3:61:71:d1:
fb:15:37:44:7a:34:22:ae:63:71:24:78:79:fa:bd:3a:be:3c:
64:03:56:d1:ae:34:e2:3a:2c:d8:16:d3:3f:a9:ff:0e:17:6f:
5d:59:de:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyKgx+0wmiT7AU6Wnjgn6eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjIxMDM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjAxZjQwOWQ1NWQ1Njc3NWM4NGJjMGEzZmU3NTMyOTMwYzZmYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSakOfOwJfyTgG4TCi8eTGic6XQz
oQVLXlu7tEoaaJhudmJ90lD0eCPpf7BUUh3TpNlkBxPxF6/6LyrEil+zvW13YyM6
XBLXX21yDxy5fsJiGrlSv9K+AWdnfCQBcHmTRberWgfdduixkaZbJgqrxwk1LEr4
HPZVlK/A0pWmSgrVlQG9u0BlvePW3PRxRQ1MfXX770cfsPNwwrSreHfBiU1k7FLS
GtOEpgga9ZHGWya2aiW158mLcs1XEQOoFrDxOa2F90n6DNydblhpJj+alE4Myzs3
ZHKW0XtnVrXOPmAKtQVnk1LUsJ4sstWAR4+psfhweDwmCgAZgMBAuVjOwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIB9AnVXVZ3XIS8Cj/nUykwxvxBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva2dIMENkVmRWbmRjaEx3S1AtZFRLVERHX0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UOMA0G
CSqGSIb3DQEBCwUAA4IBAQAqMxmdKGUPC9xVLzuHZdBiFi9UzduGbzEts904s0c8
iRg6iuXHUozyueekWTGUL9EH/TrYd2OmMHLzM4rEwc/TsrZNxj9pUQnXPB6hgZlJ
zXkBWkw2WIH//ZyAshRKF29clD9CgnYi1dbPLx/x7VrzRJUGpGzPxVG1xOCAzLXH
K4Zf1HuBOilMoGHGeyLcswSrWJJb0nMl8zoDBhowdTuZsP4hzAWhy6fjRNyUWeRQ
TLu0NcA0msLoMtNnBDttQgaKjyzpW0mT+h+mfMpR5569ea0LbsNhcdH7FTdEejQi
rmNxJHh5+r06vjxkA1bRrjTiOizYFtM/qf8OF29dWd45
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org