Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXlse3BtErobdWcDcUo7HsZYiQk.roa
File: sXlse3BtErobdWcDcUo7HsZYiQk.roa (raw, json)
Hash identifier: qIRR46VNKRKmr6vCDQcV+n/ZShb4BVuMlQkvI4BjNuI=
Subject key identifier: B1:79:6C:7B:70:6D:12:BA:1B:75:67:03:71:4A:3B:1E:C6:58:89:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66E859C76B645401E90518D221D3B3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXlse3BtErobdWcDcUo7HsZYiQk.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 195.133.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e8:59:c7:6b:64:54:01:e9:05:18:d2:21:d3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1796c7b706d12ba1b756703714a3b1ec6588909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:8c:db:ae:2f:c1:a3:64:fe:2a:3d:9d:7f:
c4:12:13:ed:7f:08:c9:11:a8:f4:f4:23:f2:12:76:
88:15:f3:56:a6:3a:63:31:88:86:3b:45:c3:c3:69:
71:fd:e8:c5:57:1a:f4:19:ba:fe:29:40:d5:f5:b3:
3c:7d:61:d1:b3:e7:16:5d:9c:f1:cc:04:cd:a6:e8:
ca:8f:56:55:6c:9e:2e:b2:8c:43:39:7c:8d:a9:f8:
9f:77:e7:70:36:e6:2a:2b:54:91:64:46:c1:72:89:
c7:8d:f0:c9:24:63:ad:b2:81:f3:c4:2e:c9:57:82:
22:8e:64:e5:4b:5d:61:ac:3c:7d:04:84:8c:f1:3e:
92:5a:61:f2:65:94:de:f1:6c:80:c9:61:3d:9d:65:
a3:bb:6c:2e:c9:8b:d4:95:99:d9:85:51:26:ea:e3:
3e:eb:92:c7:a9:32:0a:47:8b:6e:45:c1:8c:6a:48:
78:0e:d1:f1:82:da:b1:b5:60:9f:d5:7e:00:9d:69:
a2:19:f0:47:ed:c1:ff:4d:72:cd:59:ac:ad:76:f1:
8b:03:1b:4c:cd:c9:f9:f4:98:59:11:21:38:cd:65:
e6:e7:7b:9a:58:f8:c8:00:79:89:00:f3:f2:01:9d:
03:59:1e:30:69:2d:45:85:a8:fe:98:0e:18:e0:ce:
30:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:79:6C:7B:70:6D:12:BA:1B:75:67:03:71:4A:3B:1E:C6:58:89:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sXlse3BtErobdWcDcUo7HsZYiQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
22:77:6c:fe:75:db:7a:2f:f5:21:8f:9e:46:fd:1e:77:9b:c9:
6b:d7:8f:68:9d:cd:d4:cb:3f:8c:c7:5e:d4:37:85:65:c4:55:
a8:fe:7c:3a:c7:d8:28:79:d8:e0:da:e1:39:a7:9a:a0:43:cd:
3f:cc:b3:f8:7d:71:7e:91:4d:81:27:27:1d:d7:4f:ce:90:e1:
86:54:3b:11:71:91:56:65:17:33:8d:13:ec:30:44:d7:91:1e:
77:3d:1b:d8:51:aa:19:3f:75:b1:1f:25:4a:79:c9:d1:6f:93:
89:b5:b1:e7:91:c1:94:b9:9d:fc:10:dc:43:14:ea:53:f3:02:
e2:eb:0e:82:76:2e:e1:a3:91:16:37:af:b1:8c:6c:f8:25:e7:
23:19:be:05:86:0f:23:37:9d:27:88:2e:64:2b:78:be:73:d3:
04:ea:cf:8c:d4:a9:a6:d7:77:2a:90:bd:08:9b:df:b8:92:7f:
03:4b:ba:2b:c5:4f:a3:db:41:ef:66:d1:04:05:c4:d5:27:4a:
48:dc:5b:df:48:de:6f:64:79:2e:fc:7e:97:c1:ef:aa:8c:76:
82:29:e8:ae:35:59:40:54:3b:2b:2a:cf:da:7e:68:aa:dd:e8:
54:ff:93:11:84:61:91:31:e3:56:4f:dd:26:f0:c0:62:eb:b1:
5e:d5:1c:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZuhZx2tkVAHpBRjSIdOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc5NmM3YjcwNmQxMmJhMWI3NTY3MDM3MTRhM2IxZWM2NTg4OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpCM264vwaNk/io9nX/EEhPtfwjJ
Eaj09CPyEnaIFfNWpjpjMYiGO0XDw2lx/ejFVxr0Gbr+KUDV9bM8fWHRs+cWXZzx
zATNpujKj1ZVbJ4usoxDOXyNqfifd+dwNuYqK1SRZEbBconHjfDJJGOtsoHzxC7J
V4IijmTlS11hrDx9BISM8T6SWmHyZZTe8WyAyWE9nWWju2wuyYvUlZnZhVEm6uM+
65LHqTIKR4tuRcGMakh4DtHxgtqxtWCf1X4AnWmiGfBH7cH/TXLNWaytdvGLAxtM
zcn59JhZESE4zWXm53uaWPjIAHmJAPPyAZ0DWR4waS1Fhaj+mA4Y4M4w6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLF5bHtwbRK6G3VnA3FKOx7GWIkJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc1hsc2UzQnRFcm9iZFdjRGNVbzdIc1pZaVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4XBMA0G
CSqGSIb3DQEBCwUAA4IBAQAid2z+ddt6L/Uhj55G/R53m8lr149onc3Uyz+Mx17U
N4VlxFWo/nw6x9goedjg2uE5p5qgQ80/zLP4fXF+kU2BJycd10/OkOGGVDsRcZFW
ZRczjRPsMETXkR53PRvYUaoZP3WxHyVKecnRb5OJtbHnkcGUuZ38ENxDFOpT8wLi
6w6Cdi7ho5EWN6+xjGz4JecjGb4Fhg8jN50niC5kK3i+c9ME6s+M1Kmm13cqkL0I
m9+4kn8DS7orxU+j20HvZtEEBcTVJ0pI3FvfSN5vZHku/H6Xwe+qjHaCKeiuNVlA
VDsrKs/afmiq3ehU/5MRhGGRMeNWT90m8MBi67Fe1Rw9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org