Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhcRYKZF3-bOXwAr8rIuqRPOSng.roa
File: zhcRYKZF3-bOXwAr8rIuqRPOSng.roa (raw, json)
Hash identifier: kq7xtEzTHPTw/xN0PQNdokWUObdUYTum/rwsz6iLNiY=
Subject key identifier: CE:17:11:60:A6:45:DF:E6:CE:5F:00:2B:F2:B2:2E:A9:13:CE:4A:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01888AABC1BA33939CA04603F02EC06B4398
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhcRYKZF3-bOXwAr8rIuqRPOSng.roa
Signing time: Mon 05 Jun 2023 08:28:12 +0000
ROA not before: Mon 05 Jun 2023 08:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204902
IP address blocks: 195.133.77.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 08:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:ab:c1:ba:33:93:9c:a0:46:03:f0:2e:c0:6b:43:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 5 08:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce171160a645dfe6ce5f002bf2b22ea913ce4a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e9:33:89:4f:76:ac:2b:79:b8:f5:e3:15:66:
85:33:53:33:dd:67:bd:db:28:5f:c1:bd:9f:a6:49:
cf:b1:f5:b3:9f:e9:55:cd:fb:ef:6d:a2:a8:ba:90:
cb:60:7b:1a:2f:31:50:c8:02:46:67:21:86:de:97:
43:24:7d:3c:30:cf:86:49:af:70:08:ab:82:89:9d:
d8:ba:d9:6c:18:b3:6a:bb:c8:fb:5e:c8:b6:37:45:
d3:c6:06:a4:0c:82:9d:7b:80:fc:b4:ae:f4:f6:30:
52:ec:b3:8c:d8:b0:d9:82:38:7d:20:66:24:31:b5:
f9:1e:da:26:16:23:9a:55:c1:ab:d2:c7:16:1f:bd:
f4:b9:d8:ec:56:51:d4:34:ff:54:a3:18:bb:3c:a2:
a1:0f:64:2a:c5:66:f8:1d:59:ee:d3:4f:20:2f:b1:
2a:7f:3f:67:7c:42:03:ff:aa:04:8e:e3:da:9f:3c:
ce:eb:dd:4b:3b:44:55:06:05:0c:d6:73:47:b6:2b:
f6:e9:b0:bd:3d:27:3f:94:47:bd:fb:3d:71:6e:0f:
2f:41:26:54:9d:86:03:7c:ff:4e:b0:db:ac:7a:43:
ea:d5:05:9f:0a:db:16:70:f3:39:84:4c:92:4c:b2:
70:ab:be:99:89:21:83:c3:e1:14:b7:7a:5e:c4:c8:
a2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:17:11:60:A6:45:DF:E6:CE:5F:00:2B:F2:B2:2E:A9:13:CE:4A:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zhcRYKZF3-bOXwAr8rIuqRPOSng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.77.0/24
195.133.86.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a6:35:ed:4d:88:9b:2a:4d:1f:a9:25:96:b4:89:11:d1:d9:
19:fc:dd:fc:41:0e:d8:22:98:20:74:b6:f1:26:18:6c:13:dc:
4d:9c:f2:65:95:5b:27:7c:25:46:5c:a1:2a:b7:2e:38:b8:2c:
b8:de:13:5a:51:36:af:01:08:75:66:c1:42:dd:da:8d:e7:e8:
37:86:ab:8f:7c:2d:c4:53:ef:c6:8c:e4:b5:9b:45:76:3a:32:
a1:af:4e:c6:71:da:69:4a:f4:0e:5d:8a:77:e7:e7:cd:e2:19:
55:7d:98:67:b9:eb:6f:8a:aa:9b:1c:d6:10:99:1a:ee:c0:f3:
a0:54:d7:3d:af:74:35:8f:b1:39:32:04:60:ca:f9:3b:28:1e:
7f:de:f6:71:f1:cd:99:0f:cc:64:41:51:d5:6f:54:e7:11:61:
7c:b9:08:9f:13:37:ee:3f:3b:84:38:81:ed:d5:3a:62:53:4d:
44:66:4a:94:51:c2:07:a3:3c:23:80:df:49:c5:3a:49:94:fa:
14:e3:21:7f:b6:51:21:12:cf:31:97:aa:98:da:09:e5:0c:b1:
42:9b:ba:9e:d0:64:dd:5d:3d:0d:68:2e:15:a3:13:e0:90:e7:
d2:95:ba:06:4c:ea:d7:6d:c2:18:35:cc:49:11:57:01:6d:ba:
80:4b:1d:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKq8G6M5OcoEYD8C7Aa0OYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA1MDgyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE3MTE2MGE2NDVkZmU2Y2U1ZjAwMmJmMmIyMmVhOTEzY2U0YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOkziU92rCt5uPXjFWaFM1Mz3We9
2yhfwb2fpknPsfWzn+lVzfvvbaKoupDLYHsaLzFQyAJGZyGG3pdDJH08MM+GSa9w
CKuCiZ3YutlsGLNqu8j7Xsi2N0XTxgakDIKde4D8tK709jBS7LOM2LDZgjh9IGYk
MbX5HtomFiOaVcGr0scWH730udjsVlHUNP9Uoxi7PKKhD2QqxWb4HVnu008gL7Eq
fz9nfEID/6oEjuPanzzO691LO0RVBgUM1nNHtiv26bC9PSc/lEe9+z1xbg8vQSZU
nYYDfP9OsNusekPq1QWfCtsWcPM5hEySTLJwq76ZiSGDw+EUt3pexMiiNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM4XEWCmRd/mzl8AK/KyLqkTzkp4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvemhjUllLWkYzLWJPWHdBcjhySXVxUlBPU25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VNAwQA
w4VWMA0GCSqGSIb3DQEBCwUAA4IBAQBopjXtTYibKk0fqSWWtIkR0dkZ/N38QQ7Y
IpggdLbxJhhsE9xNnPJllVsnfCVGXKEqty44uCy43hNaUTavAQh1ZsFC3dqN5+g3
hquPfC3EU+/GjOS1m0V2OjKhr07GcdppSvQOXYp35+fN4hlVfZhnuetviqqbHNYQ
mRruwPOgVNc9r3Q1j7E5MgRgyvk7KB5/3vZx8c2ZD8xkQVHVb1TnEWF8uQifEzfu
PzuEOIHt1TpiU01EZkqUUcIHozwjgN9JxTpJlPoU4yF/tlEhEs8xl6qY2gnlDLFC
m7qe0GTdXT0NaC4VoxPgkOfSlboGTOrXbcIYNcxJEVcBbbqASx1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org