Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/okjDiYnvt8VRR064dqAiH-QXJ8I.roa
File: okjDiYnvt8VRR064dqAiH-QXJ8I.roa (raw, json)
Hash identifier: lcE0sW7za7sMichhQHZBgMijIV5lwdqUi1bL4Edjdko=
Subject key identifier: A2:48:C3:89:89:EF:B7:C5:51:47:4E:B8:76:A0:22:1F:E4:17:27:C2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188AF31137723E786B79F79B1CB36C2019B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/okjDiYnvt8VRR064dqAiH-QXJ8I.roa
Signing time: Mon 12 Jun 2023 10:40:08 +0000
ROA not before: Mon 12 Jun 2023 10:40:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 195.133.73.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Jun 2023 12:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:31:13:77:23:e7:86:b7:9f:79:b1:cb:36:c2:01:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 10:40:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a248c38989efb7c551474eb876a0221fe41727c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7b:7e:a3:33:b2:b1:fb:97:c1:4f:ea:54:44:
74:23:b0:01:c2:84:0c:a5:7a:2c:02:6b:b1:59:7f:
3e:c2:97:0f:32:3f:f8:8e:ba:93:3d:29:9e:0c:84:
0c:d9:d0:63:9e:fa:ae:d3:34:f5:2b:7e:b6:58:19:
a2:78:18:66:e5:b2:d4:c6:fd:cf:d8:46:79:16:a4:
4a:55:2f:52:51:95:51:c6:58:ed:5b:dc:44:59:fe:
c5:3e:b0:5f:26:2e:18:8b:2a:ad:0b:0a:1c:9c:8b:
69:db:f8:c4:74:48:94:bc:28:e6:dd:fb:12:36:5d:
da:33:c8:3c:c3:98:c1:8d:20:3b:ca:23:31:ad:e7:
bf:1f:ab:70:0c:8c:6f:c3:46:e5:e8:09:39:51:ca:
10:25:ce:ed:8d:3a:cf:38:af:72:7a:9f:36:39:f6:
17:25:6e:3d:c6:06:d0:0e:00:d1:a4:f4:76:1e:d7:
0b:64:d9:76:b6:45:4c:bc:e0:1e:7a:96:3b:fd:20:
fd:0c:6a:ed:c5:d6:5b:ea:94:bb:e8:fb:41:c5:62:
e0:81:7d:87:37:e3:6a:8f:cf:73:f8:f4:b5:58:9d:
81:67:8b:47:78:0b:c5:50:ea:8a:a9:1e:68:54:5a:
d8:40:ac:d1:75:15:cc:fe:ca:5d:2e:7e:7a:29:3f:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:48:C3:89:89:EF:B7:C5:51:47:4E:B8:76:A0:22:1F:E4:17:27:C2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/okjDiYnvt8VRR064dqAiH-QXJ8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.73.0/24
195.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
63:cc:88:62:86:05:3f:ba:d8:45:02:7b:83:99:20:ec:19:b9:
13:a5:ee:f2:1e:7e:68:02:18:b5:c8:5b:1b:78:c7:45:a7:e4:
bd:7e:30:46:87:9b:77:1a:55:4e:cd:4b:c2:79:a9:4c:81:f3:
07:a5:5f:48:7a:0a:75:d9:5c:09:15:c3:2a:58:7e:38:d8:7b:
2b:71:b1:e3:0f:50:00:77:03:34:47:be:58:15:f6:7e:52:37:
d4:56:50:9e:d6:4d:d0:ff:d9:1b:cd:5f:69:1d:d4:07:75:d2:
9c:a5:37:e7:4b:01:19:7d:7b:ca:61:e8:97:27:20:e2:8b:51:
6a:64:76:b7:8b:91:bd:5e:34:5c:ca:61:d5:a7:bf:cc:70:78:
23:97:84:95:3a:79:f3:23:3d:8d:46:79:c1:d6:2a:0a:f0:64:
45:64:c9:1d:4a:8f:32:9e:a1:6a:6e:82:ae:05:99:65:77:ea:
a2:82:a0:d4:27:82:b2:61:e0:17:11:eb:61:6f:c3:0d:01:24:
1f:b4:39:ed:2a:40:70:aa:18:11:70:0f:3f:ca:b1:b6:90:bf:
ce:e3:d9:9e:7d:7b:ae:4c:fc:c9:1f:cb:a4:ef:0c:97:81:2a:
3d:40:b7:72:94:cb:1a:16:e8:2a:a8:76:ab:fd:ea:ed:b6:bb:
54:7b:7d:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYivMRN3I+eGt595scs2wgGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEyMTA0MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ4YzM4OTg5ZWZiN2M1NTE0NzRlYjg3NmEwMjIxZmU0MTcyN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHt+ozOysfuXwU/qVER0I7ABwoQM
pXosAmuxWX8+wpcPMj/4jrqTPSmeDIQM2dBjnvqu0zT1K362WBmieBhm5bLUxv3P
2EZ5FqRKVS9SUZVRxljtW9xEWf7FPrBfJi4YiyqtCwocnItp2/jEdEiUvCjm3fsS
Nl3aM8g8w5jBjSA7yiMxree/H6twDIxvw0bl6Ak5UcoQJc7tjTrPOK9yep82OfYX
JW49xgbQDgDRpPR2HtcLZNl2tkVMvOAeepY7/SD9DGrtxdZb6pS76PtBxWLggX2H
N+Nqj89z+PS1WJ2BZ4tHeAvFUOqKqR5oVFrYQKzRdRXM/spdLn56KT/VMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJIw4mJ77fFUUdOuHagIh/kFyfCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb2tqRGlZbnZ0OFZSUjA2NGRxQWlILVFYSjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VJAwQA
w4VRMA0GCSqGSIb3DQEBCwUAA4IBAQBjzIhihgU/uthFAnuDmSDsGbkTpe7yHn5o
Ahi1yFsbeMdFp+S9fjBGh5t3GlVOzUvCealMgfMHpV9Iegp12VwJFcMqWH442Hsr
cbHjD1AAdwM0R75YFfZ+UjfUVlCe1k3Q/9kbzV9pHdQHddKcpTfnSwEZfXvKYeiX
JyDii1FqZHa3i5G9XjRcymHVp7/McHgjl4SVOnnzIz2NRnnB1ioK8GRFZMkdSo8y
nqFqboKuBZlld+qigqDUJ4KyYeAXEethb8MNASQftDntKkBwqhgRcA8/yrG2kL/O
49mefXuuTPzJH8uk7wyXgSo9QLdylMsaFugqqHar/erttrtUe31Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org