Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yaXhbYBzO4cgf8UlrhMZF1WUtfw.roa
File: yaXhbYBzO4cgf8UlrhMZF1WUtfw.roa (raw, json)
Hash identifier: hrM0n1enwXO9xcAKLJXGovnA7vQJmBJCfqs498n0Xdo=
Subject key identifier: C9:A5:E1:6D:80:73:3B:87:20:7F:C5:25:AE:13:19:17:55:94:B5:FC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D9D869F5679505447804E01AE1A0E0E3C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yaXhbYBzO4cgf8UlrhMZF1WUtfw.roa
Signing time: Mon 12 Feb 2024 13:34:21 +0000
ROA not before: Mon 12 Feb 2024 13:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 195.133.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 13:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:86:9f:56:79:50:54:47:80:4e:01:ae:1a:0e:0e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 12 13:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a5e16d80733b87207fc525ae1319175594b5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:48:9d:ab:ba:ba:99:42:be:6a:0e:01:c6:5a:
17:68:8a:01:d0:61:de:68:09:1c:37:a8:3d:c6:fc:
f4:b7:d4:93:67:60:33:94:6f:6a:b4:30:be:84:83:
7f:11:1b:57:66:b9:b6:77:db:05:65:dc:b1:30:a9:
48:4e:c3:63:0a:b4:60:75:16:fc:77:96:14:7d:53:
5f:66:ef:97:f3:37:0f:b0:bc:4b:03:61:99:d1:17:
75:d2:62:4d:71:e7:b8:a9:39:26:f7:b0:e8:dc:50:
9b:44:01:52:ae:ec:a9:a5:69:44:21:db:ea:03:02:
e0:c4:8f:ac:b0:1d:a3:17:cb:a2:c9:39:24:a6:dd:
df:31:58:2b:fd:4b:d3:6a:31:72:93:8a:08:6e:e9:
1d:f4:ed:ed:c9:12:76:98:a2:cb:6c:f7:4d:24:47:
0e:83:c0:63:a3:78:0d:92:e6:88:ad:e4:7a:db:db:
a0:17:ba:fe:dd:d0:e5:d5:f1:ed:50:82:30:c0:49:
60:dc:7d:56:fe:2c:04:d4:55:ea:1f:c0:10:9d:dd:
7a:27:70:ef:7b:e2:5b:92:ff:ba:84:12:0c:25:6b:
68:ee:c0:08:26:74:fb:56:4e:d1:b6:cd:9f:11:a2:
fd:fb:c0:9e:56:6a:a6:ff:b0:e3:de:32:48:f4:fe:
be:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A5:E1:6D:80:73:3B:87:20:7F:C5:25:AE:13:19:17:55:94:B5:FC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yaXhbYBzO4cgf8UlrhMZF1WUtfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.28.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:90:c5:2b:c1:9e:74:23:f5:d0:cc:48:3b:09:9e:ca:fc:b8:
00:04:0a:8d:6f:bd:cc:fe:ab:aa:2d:2f:8e:2e:8f:e9:39:8e:
53:9d:66:f2:73:31:9c:7d:a0:61:ab:2c:8c:b2:f6:9c:c6:e7:
f9:a7:22:55:59:bc:22:a8:8f:91:74:9e:94:10:ae:9c:41:81:
87:4e:ee:90:6a:cc:cf:d4:95:3a:d1:af:9e:f1:f5:6f:c0:09:
25:73:da:dd:3b:57:ad:70:fa:4e:a6:d3:c6:8e:82:6f:c4:bb:
f5:98:94:c3:e5:44:67:7a:f6:92:7d:ce:84:7e:5a:11:0b:b7:
12:18:8b:f0:6f:2b:85:3d:c4:07:54:fe:9a:91:34:59:c3:e3:
91:dc:fc:83:d1:83:e5:75:61:f4:37:56:7a:45:db:3c:7d:3a:
58:db:6f:af:f3:a2:d5:8c:49:66:19:37:54:04:ef:81:50:d9:
24:45:ef:33:71:77:00:bc:33:96:1c:14:1d:bf:6b:54:23:6b:
18:2b:b9:1f:a0:1a:6e:08:c4:07:83:19:e1:81:19:2c:cc:95:
55:90:f2:54:47:ca:5d:8c:60:ad:e7:80:05:12:78:5e:df:02:
5c:fa:f6:e3:fd:9c:10:dd:74:8a:31:b2:21:5b:0e:60:fd:ba:
fe:4a:d6:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2dhp9WeVBUR4BOAa4aDg48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjEyMTMzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE1ZTE2ZDgwNzMzYjg3MjA3ZmM1MjVhZTEzMTkxNzU1OTRiNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUidq7q6mUK+ag4BxloXaIoB0GHe
aAkcN6g9xvz0t9STZ2AzlG9qtDC+hIN/ERtXZrm2d9sFZdyxMKlITsNjCrRgdRb8
d5YUfVNfZu+X8zcPsLxLA2GZ0Rd10mJNcee4qTkm97Do3FCbRAFSruyppWlEIdvq
AwLgxI+ssB2jF8uiyTkkpt3fMVgr/UvTajFyk4oIbukd9O3tyRJ2mKLLbPdNJEcO
g8Bjo3gNkuaIreR629ugF7r+3dDl1fHtUIIwwElg3H1W/iwE1FXqH8AQnd16J3Dv
e+Jbkv+6hBIMJWto7sAIJnT7Vk7Rts2fEaL9+8CeVmqm/7Dj3jJI9P6+4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMml4W2AczuHIH/FJa4TGRdVlLX8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWFYaGJZQnpPNGNnZjhVbHJoTVpGMVdVdGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UcMA0G
CSqGSIb3DQEBCwUAA4IBAQBrkMUrwZ50I/XQzEg7CZ7K/LgABAqNb73M/quqLS+O
Lo/pOY5TnWbyczGcfaBhqyyMsvacxuf5pyJVWbwiqI+RdJ6UEK6cQYGHTu6QaszP
1JU60a+e8fVvwAklc9rdO1etcPpOptPGjoJvxLv1mJTD5URnevaSfc6EfloRC7cS
GIvwbyuFPcQHVP6akTRZw+OR3PyD0YPldWH0N1Z6Rds8fTpY22+v86LVjElmGTdU
BO+BUNkkRe8zcXcAvDOWHBQdv2tUI2sYK7kfoBpuCMQHgxnhgRkszJVVkPJUR8pd
jGCt54AFEnhe3wJc+vbj/ZwQ3XSKMbIhWw5g/br+StYx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org