Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDGYWejcrtAFAm-yxpz7OVscFlY.roa
File: vDGYWejcrtAFAm-yxpz7OVscFlY.roa (raw, json)
Hash identifier: hom+rdaNB3lNVCjJtAoBBdBmmya7SnH2Ulg2Xz2BdRE=
Subject key identifier: BC:31:98:59:E8:DC:AE:D0:05:02:6F:B2:C6:9C:FB:39:5B:1C:16:56
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A6BE38063383E0DEDDF33A7A63235
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDGYWejcrtAFAm-yxpz7OVscFlY.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 195.133.92.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 May 2024 06:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6b:e3:80:63:38:3e:0d:ed:df:33:a7:a6:32:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc319859e8dcaed005026fb2c69cfb395b1c1656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ac:c4:71:06:fb:f8:8f:19:a9:cd:a5:13:b4:
3d:ce:15:e0:ed:b0:ff:62:1e:9a:20:2f:de:65:ba:
e9:2d:38:24:91:83:59:9c:ab:b6:a7:3b:2e:79:02:
88:2f:34:56:94:20:c9:4e:30:a7:0e:6a:f2:f6:e0:
b1:c9:69:97:4e:d9:5c:6f:c6:ab:25:c7:89:2b:b1:
66:a2:52:6e:b6:f0:9d:f9:13:fa:82:88:e4:38:30:
aa:99:ee:92:3c:46:f9:c8:51:7d:22:22:f0:80:79:
b4:bb:30:fd:2b:c9:ee:7a:dd:8e:92:51:fb:f0:ad:
bd:ca:2a:63:21:55:f8:e9:cc:be:5e:9c:d3:f3:0e:
10:77:ba:8e:96:59:4c:6a:ed:77:c4:02:42:31:7f:
d4:d9:f8:ac:f7:d4:89:30:60:ff:f5:97:e3:eb:8c:
14:53:78:45:c2:3d:36:ee:bf:0d:76:db:0f:8e:5d:
a3:af:bc:5b:9e:fa:81:db:7f:ec:6d:1c:c7:71:4d:
5c:52:c3:4e:68:e9:84:52:93:df:b5:09:f3:7b:e9:
54:a5:12:da:05:1b:05:ef:dd:aa:07:16:55:fc:c3:
48:40:67:b2:14:fc:bf:ba:a5:11:34:a9:c7:7f:88:
e4:21:99:29:fc:4c:74:08:3b:d6:15:cc:c4:2e:c8:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:31:98:59:E8:DC:AE:D0:05:02:6F:B2:C6:9C:FB:39:5B:1C:16:56
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDGYWejcrtAFAm-yxpz7OVscFlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.92.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:07:83:e6:ae:e3:4a:65:91:78:12:28:53:d4:26:e2:cb:5e:
3d:9b:19:18:c2:fb:1b:35:f4:14:7c:19:c1:0c:ba:72:bf:fd:
81:db:39:37:ab:a8:a7:41:60:df:68:f2:1c:ea:1a:0a:36:58:
c8:2a:b5:20:02:c6:a1:aa:6e:15:25:e4:19:e7:c9:29:94:08:
58:39:af:6e:08:b0:75:55:94:94:8b:e9:ec:51:da:91:9e:53:
8f:2e:d4:dc:51:7f:89:44:29:e3:dc:36:10:03:cf:89:31:15:
dc:ad:28:7b:bb:ff:b4:41:fd:5a:cc:25:f8:1f:85:3f:76:03:
44:3f:58:d6:f6:d5:fc:b7:11:25:bb:e3:15:cd:81:7e:80:e1:
33:02:ca:8e:62:e3:0b:ae:04:8e:9c:05:3d:ae:47:9c:3f:62:
a8:74:a0:82:f1:70:f7:a5:9d:33:6a:18:97:5f:d0:98:02:59:
49:58:2e:96:fb:47:88:a1:df:ea:da:a6:a7:80:32:65:10:02:
d8:65:ff:a7:33:2f:b5:aa:78:66:14:46:24:56:6d:0d:bc:7a:
8a:25:c1:a9:5b:2f:21:3d:58:b7:0d:a5:b3:50:8d:1a:83:e1:
bf:fa:d4:62:f4:94:4d:b2:87:01:5d:fc:71:c0:a5:d7:9d:7c:
71:94:63:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmvjgGM4Pg3t3zOnpjI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzMxOTg1OWU4ZGNhZWQwMDUwMjZmYjJjNjljZmIzOTViMWMxNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKzEcQb7+I8Zqc2lE7Q9zhXg7bD/
Yh6aIC/eZbrpLTgkkYNZnKu2pzsueQKILzRWlCDJTjCnDmry9uCxyWmXTtlcb8ar
JceJK7FmolJutvCd+RP6gojkODCqme6SPEb5yFF9IiLwgHm0uzD9K8nuet2OklH7
8K29yipjIVX46cy+XpzT8w4Qd7qOlllMau13xAJCMX/U2fis99SJMGD/9Zfj64wU
U3hFwj027r8NdtsPjl2jr7xbnvqB23/sbRzHcU1cUsNOaOmEUpPftQnze+lUpRLa
BRsF792qBxZV/MNIQGeyFPy/uqURNKnHf4jkIZkp/Ex0CDvWFczELsjg8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwxmFno3K7QBQJvssac+zlbHBZWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdkRHWVdlamNydEFGQW0teXhwejdPVnNjRmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4VcMA0G
CSqGSIb3DQEBCwUAA4IBAQBNB4PmruNKZZF4EihT1Cbiy149mxkYwvsbNfQUfBnB
DLpyv/2B2zk3q6inQWDfaPIc6hoKNljIKrUgAsahqm4VJeQZ58kplAhYOa9uCLB1
VZSUi+nsUdqRnlOPLtTcUX+JRCnj3DYQA8+JMRXcrSh7u/+0Qf1azCX4H4U/dgNE
P1jW9tX8txElu+MVzYF+gOEzAsqOYuMLrgSOnAU9rkecP2KodKCC8XD3pZ0zahiX
X9CYAllJWC6W+0eIod/q2qangDJlEALYZf+nMy+1qnhmFEYkVm0NvHqKJcGpWy8h
PVi3DaWzUI0ag+G/+tRi9JRNsocBXfxxwKXXnXxxlGMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org