Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xq2kZ4yIHmMPDGE3TtyxKPN0WuA.roa
File: xq2kZ4yIHmMPDGE3TtyxKPN0WuA.roa (raw, json)
Hash identifier: P4a7wkmcBjo13zeB75f92Owms8fyzsJ26cthEB2Gnxw=
Subject key identifier: C6:AD:A4:67:8C:88:1E:63:0F:0C:61:37:4E:DC:B1:28:F3:74:5A:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189D8E70A9C5870D8C0AE0132E4B4A86838
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xq2kZ4yIHmMPDGE3TtyxKPN0WuA.roa
Signing time: Wed 09 Aug 2023 06:06:07 +0000
ROA not before: Wed 09 Aug 2023 06:06:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 195.133.79.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:e7:0a:9c:58:70:d8:c0:ae:01:32:e4:b4:a8:68:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 9 06:06:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6ada4678c881e630f0c61374edcb128f3745ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:29:27:d4:d3:19:65:7d:44:a0:f0:3d:77:38:
66:3e:c7:e8:ab:ba:cb:53:fd:8c:a8:eb:ef:6c:ce:
c7:2d:32:d3:a4:a7:56:e2:94:f1:29:a1:6c:ce:fe:
99:9a:11:6e:b4:0e:ee:ee:b1:60:a1:d9:a5:82:58:
48:75:b2:f3:6b:85:6d:41:a6:bd:a9:11:e0:a2:c1:
75:3b:f0:fc:de:23:a0:1d:4f:20:34:78:b6:97:c1:
b3:a6:ca:45:28:52:0b:c2:20:30:9a:c8:fd:13:06:
0e:2d:1a:63:0d:0e:11:fc:e0:33:f8:0c:e5:4c:44:
e0:c9:2a:7d:14:80:bd:52:d4:fa:0e:e1:ec:aa:38:
f5:93:e5:c6:00:89:5c:2f:92:a4:8c:3e:69:81:c6:
eb:cd:24:7b:ea:c3:86:9d:bb:ff:51:e6:c9:d0:88:
68:ee:1f:b6:ab:8b:00:63:c6:32:f8:f8:79:ff:48:
cd:2a:b8:06:f3:05:c6:2f:d7:ed:44:b3:5a:74:1d:
f0:fa:f5:d7:9c:0b:72:e4:e6:ac:2d:a2:21:30:a8:
01:a7:05:ac:a4:62:f0:04:ec:59:0b:3a:3b:d6:aa:
9a:6e:32:88:96:67:c3:6f:92:88:f5:1c:2f:07:d3:
35:ec:7e:02:2c:cc:b8:6d:51:f5:46:fe:b2:d4:36:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AD:A4:67:8C:88:1E:63:0F:0C:61:37:4E:DC:B1:28:F3:74:5A:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xq2kZ4yIHmMPDGE3TtyxKPN0WuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.58.0/24
195.133.35.0/24
195.133.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8b:36:27:66:7e:ee:7f:a5:5e:01:36:09:46:53:5f:ca:fa:
85:4b:94:b3:79:61:f6:08:d2:db:58:ed:e3:7a:ab:b1:dd:df:
c7:fa:a9:67:8f:9a:e3:d1:f2:51:24:6d:8a:25:16:15:f9:06:
52:8b:95:fd:1d:b3:62:50:88:b6:e3:27:29:3c:f7:b1:c3:47:
cd:ca:a3:12:d9:57:cb:6b:b9:1c:c2:01:a7:2c:d2:61:87:da:
00:66:c4:ee:99:8b:a2:cd:cb:26:f7:2f:f7:3a:72:35:89:be:
6c:e2:35:9d:c6:19:50:de:33:31:0c:2e:2d:ba:c3:c0:7b:0b:
0b:f4:a4:c5:92:4e:f3:be:00:88:dc:f7:43:bc:ad:99:1e:19:
f2:d0:5d:bb:58:0a:dd:a8:10:4c:5e:64:83:1b:99:a7:02:ad:
50:8c:96:34:63:56:c4:47:0c:98:da:47:da:74:03:d6:f9:6e:
56:70:6c:e5:03:c1:af:d7:40:1d:78:27:a4:09:a0:1f:e8:52:
01:bb:3e:cd:d5:2c:b6:a1:ea:c3:23:07:6e:05:20:cd:06:ec:
7f:96:4f:91:08:09:5c:09:79:8a:b0:15:5c:21:87:5d:88:b9:
9a:ac:98:ad:b3:82:70:95:c6:54:09:a8:30:36:e0:e6:f3:ba:
36:4c:fd:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnY5wqcWHDYwK4BMuS0qGg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA5MDYwNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFkYTQ2NzhjODgxZTYzMGYwYzYxMzc0ZWRjYjEyOGYzNzQ1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCkn1NMZZX1EoPA9dzhmPsfoq7rL
U/2MqOvvbM7HLTLTpKdW4pTxKaFszv6ZmhFutA7u7rFgodmlglhIdbLza4VtQaa9
qRHgosF1O/D83iOgHU8gNHi2l8GzpspFKFILwiAwmsj9EwYOLRpjDQ4R/OAz+Azl
TETgySp9FIC9UtT6DuHsqjj1k+XGAIlcL5KkjD5pgcbrzSR76sOGnbv/UebJ0Iho
7h+2q4sAY8Yy+Ph5/0jNKrgG8wXGL9ftRLNadB3w+vXXnAty5OasLaIhMKgBpwWs
pGLwBOxZCzo71qqabjKIlmfDb5KI9RwvB9M17H4CLMy4bVH1Rv6y1DYZeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMatpGeMiB5jDwxhN07csSjzdFrgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHEya1o0eUlIbU1QREdFM1R0eXhLUE4wV3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwzo6AwQA
w4UjAwQAw4VPMA0GCSqGSIb3DQEBCwUAA4IBAQA/izYnZn7uf6VeATYJRlNfyvqF
S5SzeWH2CNLbWO3jequx3d/H+qlnj5rj0fJRJG2KJRYV+QZSi5X9HbNiUIi24ycp
PPexw0fNyqMS2VfLa7kcwgGnLNJhh9oAZsTumYuizcsm9y/3OnI1ib5s4jWdxhlQ
3jMxDC4tusPAewsL9KTFkk7zvgCI3PdDvK2ZHhny0F27WArdqBBMXmSDG5mnAq1Q
jJY0Y1bERwyY2kfadAPW+W5WcGzlA8Gv10AdeCekCaAf6FIBuz7N1Sy2oerDIwdu
BSDNBux/lk+RCAlcCXmKsBVcIYddiLmarJits4JwlcZUCagwNuDm87o2TP0q
-----END CERTIFICATE-----
Generated at Thu Aug 10 15:07:20 2023 by rpki-client on console-ams.rpki-client.org