Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u72Rg4rKVu7Ff7F2AITMXxOX8nk.roa
File: u72Rg4rKVu7Ff7F2AITMXxOX8nk.roa (raw, json)
Hash identifier: t5Sqxp2PhY6KVbABDakVVOJpQJ7Qrrm5IYbhGFfsL8s=
Subject key identifier: BB:BD:91:83:8A:CA:56:EE:C5:7F:B1:76:00:84:CC:5F:13:97:F2:79
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C194B0BEA22160849526F6B7382AE5AFA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u72Rg4rKVu7Ff7F2AITMXxOX8nk.roa
Signing time: Wed 29 Nov 2023 04:16:37 +0000
ROA not before: Wed 29 Nov 2023 04:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 195.133.76.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
193.124.35.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.248.0/24 maxlen: 24
194.58.56.0/23 maxlen: 23
195.133.64.0/22 maxlen: 22
195.133.7.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:4b:0b:ea:22:16:08:49:52:6f:6b:73:82:ae:5a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 04:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbbd91838aca56eec57fb1760084cc5f1397f279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7a:23:b4:70:d1:cf:6f:58:09:fa:48:6b:08:
55:9c:74:43:7e:4f:e6:d3:51:25:13:4b:a0:ad:83:
ad:ec:76:d1:85:87:3a:1a:7a:36:53:43:a4:85:11:
17:79:ce:91:6b:2e:31:4e:e1:af:43:df:80:5b:b0:
fe:56:dc:f4:a8:b1:68:3a:a3:02:ef:b0:bc:fa:fa:
7d:78:02:7b:c0:c5:e0:ef:86:18:1b:75:1a:90:0b:
a5:12:b6:b6:57:0b:ce:18:89:08:1d:3e:1c:74:33:
6b:f5:2e:8d:ad:2c:84:b9:c0:8f:89:8a:64:c1:1e:
0d:ed:35:c9:3f:6d:2e:20:4a:1b:0a:56:bf:a3:eb:
7f:c6:d2:9a:9a:57:c3:ac:13:e2:32:c7:54:73:f3:
89:df:3c:36:e0:63:89:d5:28:ba:8c:3d:03:22:f6:
22:76:a6:d0:58:8c:67:ac:96:b3:e0:98:d4:f7:55:
25:0a:87:af:de:c1:54:6a:a4:61:87:59:17:30:85:
dd:ff:14:e9:90:78:59:c5:93:97:d8:99:42:11:69:
2a:26:9b:85:a3:ae:b6:8d:59:74:c2:f2:37:66:40:
38:69:b2:fc:ce:6e:0e:9c:25:3e:c8:0c:6b:77:d6:
00:7d:15:74:53:d5:0e:0a:4b:59:6b:38:aa:e4:85:
35:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BD:91:83:8A:CA:56:EE:C5:7F:B1:76:00:84:CC:5F:13:97:F2:79
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u72Rg4rKVu7Ff7F2AITMXxOX8nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.35.0/24
194.58.40.0/24
194.58.56.0/23
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.77.0/24
194.87.255.0/24
195.133.7.0/24
195.133.20.0/24
195.133.64.0/22
195.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:8e:bd:1b:fe:87:4a:11:35:69:7b:a1:bd:5a:40:61:32:c7:
fa:d7:06:92:f6:88:de:60:c0:90:4f:aa:e0:ad:c7:2b:77:c8:
0b:bf:43:17:b4:96:c0:68:9d:18:d5:fc:39:52:3a:9d:12:68:
49:bb:a8:d3:3d:71:67:20:52:d5:ac:7e:06:ca:44:be:60:8d:
d2:cc:05:44:0b:ea:06:7b:16:a9:bd:74:03:da:3f:f5:e7:08:
b6:e6:1b:ae:33:e0:e8:d3:28:e2:9d:19:ae:21:54:18:52:25:
fc:ff:59:2d:67:ba:5b:f2:25:47:cd:26:29:9a:04:3b:20:c9:
4f:88:4b:a2:3a:31:75:50:82:17:8c:12:3c:94:00:91:9c:a7:
a1:b2:10:01:68:f1:96:be:0a:f4:61:09:67:f6:cd:03:f3:81:
fe:be:50:2a:2e:6e:b6:71:2c:51:1d:c0:7d:1e:a8:ba:c4:6b:
fc:c6:08:d8:b8:31:90:6d:0a:dc:7d:1c:68:21:47:e0:61:0c:
12:71:64:a6:88:fb:b5:28:da:57:cb:b9:c7:41:a6:e0:44:2c:
b1:7c:c3:c7:5c:91:77:f7:a5:cf:65:1c:68:6d:9d:45:80:bf:
50:5b:a4:f4:21:bd:95:ee:c6:04:fa:d9:eb:c2:6a:53:fe:1a:
bf:48:cc:a7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYwZSwvqIhYISVJva3OCrlr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI5MDQxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJkOTE4MzhhY2E1NmVlYzU3ZmIxNzYwMDg0Y2M1ZjEzOTdmMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnojtHDRz29YCfpIawhVnHRDfk/m
01ElE0ugrYOt7HbRhYc6Gno2U0OkhREXec6Ray4xTuGvQ9+AW7D+Vtz0qLFoOqMC
77C8+vp9eAJ7wMXg74YYG3UakAulEra2VwvOGIkIHT4cdDNr9S6NrSyEucCPiYpk
wR4N7TXJP20uIEobCla/o+t/xtKamlfDrBPiMsdUc/OJ3zw24GOJ1Si6jD0DIvYi
dqbQWIxnrJaz4JjU91UlCoev3sFUaqRhh1kXMIXd/xTpkHhZxZOX2JlCEWkqJpuF
o662jVl0wvI3ZkA4abL8zm4OnCU+yAxrd9YAfRV0U9UOCktZaziq5IU1PwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLu9kYOKylbuxX+xdgCEzF8Tl/J5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdTcyUmc0cktWdTdGZjdGMkFJVE1YeE9YOG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwXwjAwQA
wjooAwQBwjo4AwQAwlX4AwQAwlX7AwQAwlcKAwQAwlcRAwQAwldNAwQAwlf/AwQA
w4UHAwQAw4UUAwQCw4VAAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQB8jr0b/odK
ETVpe6G9WkBhMsf61waS9ojeYMCQT6rgrccrd8gLv0MXtJbAaJ0Y1fw5UjqdEmhJ
u6jTPXFnIFLVrH4GykS+YI3SzAVEC+oGexapvXQD2j/15wi25huuM+Do0yjinRmu
IVQYUiX8/1ktZ7pb8iVHzSYpmgQ7IMlPiEuiOjF1UIIXjBI8lACRnKehshABaPGW
vgr0YQln9s0D84H+vlAqLm62cSxRHcB9Hqi6xGv8xgjYuDGQbQrcfRxoIUfgYQwS
cWSmiPu1KNpXy7nHQabgRCyxfMPHXJF396XPZRxobZ1FgL9QW6T0Ib2V7sYE+tnr
wmpT/hq/SMyn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org