Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ybzqzDg6aTWnnQKVDJ7pN7HeXIg.roa
File: ybzqzDg6aTWnnQKVDJ7pN7HeXIg.roa (raw, json)
Hash identifier: KBMWfP6HtKLU0mamUm6GD7neaIu0FTFQ6dZ7aOQST58=
Subject key identifier: C9:BC:EA:CC:38:3A:69:35:A7:9D:02:95:0C:9E:E9:37:B1:DE:5C:88
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66E6B67098F5E49F8C4232C2CD0F51
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ybzqzDg6aTWnnQKVDJ7pN7HeXIg.roa
Signing time: Sun 01 Jan 2023 22:14:52 +0000
ROA not before: Sun 01 Jan 2023 22:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 195.133.29.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 13:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e6:b6:70:98:f5:e4:9f:8c:42:32:c2:cd:0f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9bceacc383a6935a79d02950c9ee937b1de5c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ae:15:fc:93:0d:8b:2f:94:13:0b:84:e1:aa:
b9:3d:bd:40:83:64:1b:95:9b:c0:a2:6f:2c:16:dd:
99:ed:18:9f:b8:0c:6c:e6:04:6b:8b:f0:1c:bd:d0:
5a:2b:d7:26:04:8f:3a:fa:40:c4:aa:10:2e:c0:e0:
71:9b:50:10:6c:aa:c7:22:25:0f:bc:46:9f:00:a1:
8b:23:9a:da:16:c1:ed:1a:6f:8e:c9:16:bd:e5:f8:
55:1d:21:fe:a1:92:4e:62:43:bd:23:b4:a0:79:f6:
14:ec:6a:b8:66:c1:00:f9:a3:bd:ca:03:f7:04:f2:
b2:e3:c3:28:5e:dd:bf:58:37:8f:8f:cd:7d:1d:cf:
05:96:29:da:74:85:ce:9f:7a:5e:fc:15:7c:41:01:
62:2d:8d:a6:1e:3c:48:54:08:36:a6:be:51:0e:3e:
62:ef:9a:fd:d9:a7:6d:a4:3c:c8:2d:3a:f0:82:0f:
43:9b:d1:ce:42:11:90:fc:91:e9:48:9c:be:ca:c2:
31:68:3f:e7:16:1e:aa:32:c3:0a:24:85:eb:d5:aa:
c6:35:5b:ed:3b:63:4b:aa:aa:3d:23:33:2e:c4:ad:
7d:73:98:8f:c6:cb:fa:b1:08:7b:bd:d4:ce:02:dc:
7f:25:9b:34:60:93:4a:05:a1:de:c8:63:d8:58:22:
d5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BC:EA:CC:38:3A:69:35:A7:9D:02:95:0C:9E:E9:37:B1:DE:5C:88
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ybzqzDg6aTWnnQKVDJ7pN7HeXIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.91.0/24
193.124.95.0/24
195.58.55.0/24
195.133.29.0/24
Signature Algorithm: sha256WithRSAEncryption
13:6e:96:50:04:90:8e:e7:fa:64:4b:f6:6d:d5:25:9e:6c:a9:
25:af:ea:23:57:b9:3d:4f:88:24:6d:75:a8:54:2d:c9:a7:54:
1c:15:d5:1d:3e:3c:64:56:5c:eb:d3:b1:ad:e9:57:c2:2f:2b:
9e:b0:07:c1:46:01:ee:f4:13:86:e9:99:ca:ba:72:6d:16:38:
54:1e:37:c1:7c:24:ed:9b:22:c8:37:01:f2:71:b1:ef:2c:42:
a5:36:01:6d:74:0d:10:00:47:75:25:d2:2d:7b:78:68:48:be:
83:c3:e3:4c:06:a4:15:46:80:99:b3:f2:2a:bb:dc:7a:10:ec:
c0:03:5b:ff:07:a4:ac:68:a6:b5:d3:27:75:ba:53:54:c7:a7:
c4:57:d2:2b:90:bc:c8:41:e4:98:cb:b3:e3:f0:b5:7f:12:d8:
40:98:d8:98:60:3d:9a:09:cb:a3:c7:67:ad:14:1e:4c:4d:74:
09:44:d7:0d:c9:3d:36:54:ea:4c:f2:0b:1d:c7:fe:e9:64:aa:
00:8f:f9:a7:15:6e:16:07:64:ca:cf:73:8f:ab:15:ca:85:5e:
5e:4b:45:db:dc:b1:ac:61:8f:61:51:ce:ca:ff:39:f9:ca:d1:
d5:07:49:cd:a6:09:9d:92:51:7b:b8:d8:0e:39:9c:4c:62:29:
f9:40:43:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvZua2cJj15J+MQjLCzQ9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJjZWFjYzM4M2E2OTM1YTc5ZDAyOTUwYzllZTkzN2IxZGU1Yzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK4V/JMNiy+UEwuE4aq5Pb1Ag2Qb
lZvAom8sFt2Z7RifuAxs5gRri/AcvdBaK9cmBI86+kDEqhAuwOBxm1AQbKrHIiUP
vEafAKGLI5raFsHtGm+OyRa95fhVHSH+oZJOYkO9I7SgefYU7Gq4ZsEA+aO9ygP3
BPKy48MoXt2/WDePj819Hc8FlinadIXOn3pe/BV8QQFiLY2mHjxIVAg2pr5RDj5i
75r92adtpDzILTrwgg9Dm9HOQhGQ/JHpSJy+ysIxaD/nFh6qMsMKJIXr1arGNVvt
O2NLqqo9IzMuxK19c5iPxsv6sQh7vdTOAtx/JZs0YJNKBaHeyGPYWCLVWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMm86sw4Omk1p50ClQye6Tex3lyIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWJ6cXpEZzZhVFdublFLVkRKN3BON0hlWElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxbAwQA
wXxfAwQAwzo3AwQAw4UdMA0GCSqGSIb3DQEBCwUAA4IBAQATbpZQBJCO5/pkS/Zt
1SWebKklr+ojV7k9T4gkbXWoVC3Jp1QcFdUdPjxkVlzr07Gt6VfCLyuesAfBRgHu
9BOG6ZnKunJtFjhUHjfBfCTtmyLINwHycbHvLEKlNgFtdA0QAEd1JdIte3hoSL6D
w+NMBqQVRoCZs/Iqu9x6EOzAA1v/B6SsaKa10yd1ulNUx6fEV9IrkLzIQeSYy7Pj
8LV/EthAmNiYYD2aCcujx2etFB5MTXQJRNcNyT02VOpM8gsdx/7pZKoAj/mnFW4W
B2TKz3OPqxXKhV5eS0Xb3LGsYY9hUc7K/zn5ytHVB0nNpgmdklF7uNgOOZxMYin5
QEMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org