Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oAq1bO0ERhm02ZnUb5UCHntaPio.roa
File: oAq1bO0ERhm02ZnUb5UCHntaPio.roa (raw, json)
Hash identifier: jNDXuWqgFGlCgxWHxajIMPm0xYTGVWSuO3Q3bfPmoGI=
Subject key identifier: A0:0A:B5:6C:ED:04:46:19:B4:D9:99:D4:6F:95:02:1E:7B:5A:3E:2A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875258A8312109829D77BCC0200348295D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oAq1bO0ERhm02ZnUb5UCHntaPio.roa
Signing time: Wed 05 Apr 2023 16:55:54 +0000
ROA not before: Wed 05 Apr 2023 16:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 14:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:58:a8:31:21:09:82:9d:77:bc:c0:20:03:48:29:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00ab56ced044619b4d999d46f95021e7b5a3e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:68:01:dd:7b:fc:9f:d3:9a:97:57:fb:56:
f5:8a:2e:17:39:5c:a3:ff:52:93:96:76:70:d8:40:
d9:6a:8c:a3:0d:ea:18:0e:88:d2:d9:bb:9f:f3:67:
96:ee:06:35:1a:a5:91:01:f4:b0:63:cf:c9:24:ec:
fe:e0:35:9d:0f:8f:fe:42:a2:59:6b:be:6a:60:e1:
fe:d8:be:0e:4a:43:66:19:3b:06:58:c1:35:fb:53:
3d:7c:d5:ff:cb:0b:c7:62:9d:13:df:8b:33:10:24:
2e:50:69:ff:7a:f9:12:a1:6d:3c:a1:53:8f:57:0b:
e4:21:df:22:f9:f8:67:0a:99:61:4a:0e:0a:4f:39:
43:9c:c6:73:22:5f:72:f6:10:38:f3:f7:d8:45:4a:
5c:ab:b2:08:0e:11:09:f5:84:f4:2d:cf:50:ca:95:
ac:df:73:f2:a8:d8:25:ab:51:dc:1a:d1:65:05:da:
20:e9:75:b1:c0:15:72:30:60:5f:ae:46:30:26:a5:
8e:08:2b:82:05:9f:e0:4e:a3:6c:fb:2c:fe:d1:57:
c7:46:da:95:04:07:ad:01:1b:fa:10:56:08:8b:54:
6d:bf:c5:d3:3a:fd:5d:ce:68:40:3b:47:57:48:0e:
7a:5a:15:64:d5:ac:9c:57:ee:6b:53:4a:35:62:8a:
93:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0A:B5:6C:ED:04:46:19:B4:D9:99:D4:6F:95:02:1E:7B:5A:3E:2A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oAq1bO0ERhm02ZnUb5UCHntaPio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.26.0/23
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
40:70:ca:5c:2f:a1:37:49:5b:a9:5b:3b:84:fc:9f:a8:9d:97:
df:2c:fe:b6:43:23:1f:82:d0:0a:2f:d5:f8:48:20:6a:e6:d6:
7c:c4:d9:3b:51:96:ad:85:a8:69:c7:af:c5:cc:ef:ff:e8:d4:
3e:3d:cc:1e:a0:bc:23:40:74:bd:2f:b0:54:0d:f9:91:6e:e0:
f9:f0:de:2a:95:43:bc:c4:03:77:55:ae:b9:89:99:65:f0:0a:
07:d2:9b:d5:61:4f:69:b9:28:0e:06:55:a7:bf:0f:59:ef:2e:
cd:ae:ad:e1:b7:c9:6c:b8:b8:3a:ee:ad:8a:e0:bc:ec:d3:5b:
5d:87:f4:f2:25:f5:c7:28:33:de:48:91:f4:0d:b0:eb:1f:f5:
99:a6:ff:8e:ba:d0:3f:fc:aa:be:f0:c9:eb:37:5f:56:d7:5a:
f8:1b:8b:4b:1e:1b:6e:14:8f:ef:79:7c:d3:94:99:a3:c2:bc:
80:61:b3:ef:14:3b:1c:a1:0a:bd:0b:97:4f:c1:f8:7b:9e:4b:
22:18:95:86:3c:ac:6d:a2:5a:10:15:63:56:25:ab:24:8c:98:
03:9c:86:f1:e8:d0:a4:32:ed:2d:7f:b0:8b:31:24:78:4c:b5:
b5:64:7c:2d:47:1c:7c:e5:af:29:bc:b0:2d:62:78:a1:2a:dd:
0d:a8:2b:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdSWKgxIQmCnXe8wCADSCldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBhYjU2Y2VkMDQ0NjE5YjRkOTk5ZDQ2Zjk1MDIxZTdiNWEzZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/JoAd17/J/TmpdX+1b1ii4XOVyj
/1KTlnZw2EDZaoyjDeoYDojS2buf82eW7gY1GqWRAfSwY8/JJOz+4DWdD4/+QqJZ
a75qYOH+2L4OSkNmGTsGWME1+1M9fNX/ywvHYp0T34szECQuUGn/evkSoW08oVOP
VwvkId8i+fhnCplhSg4KTzlDnMZzIl9y9hA48/fYRUpcq7IIDhEJ9YT0Lc9QypWs
33PyqNglq1HcGtFlBdog6XWxwBVyMGBfrkYwJqWOCCuCBZ/gTqNs+yz+0VfHRtqV
BAetARv6EFYIi1Rtv8XTOv1dzmhAO0dXSA56WhVk1aycV+5rU0o1YoqTpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAKtWztBEYZtNmZ1G+VAh57Wj4qMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb0FxMWJPMEVSaG0wMlpuVWI1VUNIbnRhUGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw4UaAwQA
w4U7MA0GCSqGSIb3DQEBCwUAA4IBAQBAcMpcL6E3SVupWzuE/J+onZffLP62QyMf
gtAKL9X4SCBq5tZ8xNk7UZathahpx6/FzO//6NQ+PcweoLwjQHS9L7BUDfmRbuD5
8N4qlUO8xAN3Va65iZll8AoH0pvVYU9puSgOBlWnvw9Z7y7Nrq3ht8lsuLg67q2K
4Lzs01tdh/TyJfXHKDPeSJH0DbDrH/WZpv+OutA//Kq+8MnrN19W11r4G4tLHhtu
FI/veXzTlJmjwryAYbPvFDscoQq9C5dPwfh7nksiGJWGPKxtoloQFWNWJaskjJgD
nIbx6NCkMu0tf7CLMSR4TLW1ZHwtRxx85a8pvLAtYnihKt0NqCuV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org