Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/eSzFdNMJyKOZ3P28aNzK9N1MApY.roa
File: eSzFdNMJyKOZ3P28aNzK9N1MApY.roa (raw, json)
Hash identifier: Pwdpn2bEUJh5GE6g2916ozwpRch1l1oE/JXXwH24xD8=
Subject key identifier: 79:2C:C5:74:D3:09:C8:A3:99:DC:FD:BC:68:DC:CA:F4:DD:4C:02:96
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 018CF99ACBDB3FA6E22D7A82FB4125D4DB49
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/eSzFdNMJyKOZ3P28aNzK9N1MApY.roa
Signing time: Thu 11 Jan 2024 17:38:40 +0000
ROA not before: Thu 11 Jan 2024 17:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48732
IP address blocks: 195.200.235.0/24 maxlen: 24
2a11:601:d000::/36 maxlen: 36
2a11:601:f000::/36 maxlen: 36
2a11:600:78::/48 maxlen: 48
2a11:600:150::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 18 Oct 2024 18:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:9a:cb:db:3f:a6:e2:2d:7a:82:fb:41:25:d4:db:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jan 11 17:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=792cc574d309c8a399dcfdbc68dccaf4dd4c0296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0d:f6:60:b9:a0:b2:c4:45:be:5d:92:11:fe:
de:af:f6:e0:f9:4e:42:63:a9:29:32:e8:19:82:52:
23:0e:09:70:98:9c:23:1d:4a:ce:6d:1b:28:72:3d:
b7:98:bc:76:25:88:d7:74:56:4c:cd:c4:e6:ec:77:
73:e0:8f:f7:00:e8:f7:07:f2:54:7f:93:f4:c0:60:
a1:ea:24:05:f6:b2:cc:1b:55:d8:7c:31:35:8e:c9:
25:b9:a8:8d:42:7b:65:69:e5:14:73:68:03:8d:06:
aa:2e:fd:d7:a8:9e:25:18:fa:c6:44:87:72:e7:4d:
c8:cd:1d:98:36:fd:1b:d1:2d:a7:04:a0:75:c2:05:
db:0a:e1:f9:fd:72:b4:2b:95:26:4f:e3:5d:a1:83:
85:f8:fc:ce:11:d7:91:3e:42:80:cc:5c:2d:b4:4c:
ea:df:8a:73:a7:93:0c:79:f6:2c:6b:4a:80:e5:9a:
5d:93:44:a8:ac:88:7a:9d:c7:f3:4d:69:91:f1:8c:
59:00:c8:0e:ca:68:6e:85:1e:6d:67:59:23:20:06:
20:15:14:6d:81:d3:73:a5:33:f5:0e:4d:88:fc:99:
65:8e:9b:28:ac:66:df:b4:14:4f:9a:5f:2a:3e:49:
37:5d:dd:24:c8:98:f0:6a:ee:44:f9:bd:e9:12:0e:
99:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2C:C5:74:D3:09:C8:A3:99:DC:FD:BC:68:DC:CA:F4:DD:4C:02:96
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/eSzFdNMJyKOZ3P28aNzK9N1MApY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.235.0/24
IPv6:
2a11:600:78::/48
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
55:4b:a2:46:74:39:b6:30:80:7a:33:23:b7:cc:47:a1:03:82:
5c:ef:d3:15:7e:a0:f7:0e:85:f3:19:3a:f6:2a:7a:75:f4:c4:
72:6e:1b:89:5f:99:0c:e3:37:67:2a:4e:18:f6:d6:ad:40:ea:
d0:c8:7d:71:b2:5d:85:d6:91:98:6c:26:ae:70:39:0e:8e:e1:
db:eb:2c:7e:3a:c0:25:1a:50:6b:fa:f4:38:bc:7b:77:cb:e1:
84:c5:aa:77:f6:90:d1:35:c9:e3:e3:f4:ff:04:b2:33:82:d0:
2f:19:d4:31:3b:31:1a:76:46:25:c3:af:4b:e9:46:ad:3b:cc:
f0:50:6c:be:1f:a5:c1:15:fc:bc:90:81:57:d5:43:01:31:8c:
91:5b:78:c6:d1:86:9c:10:f8:a8:6e:ce:dd:3e:83:43:5d:65:
b5:e0:66:ce:d3:50:33:30:a5:5c:35:85:8a:85:a5:20:7f:1c:
5d:ad:ff:23:dd:49:ba:fa:ba:4f:c2:1c:6d:22:b7:6b:5b:ca:
60:f7:1a:fc:78:21:5d:50:6f:1a:13:08:ba:b7:17:13:ab:71:
0c:4e:f3:11:50:b3:3e:96:60:83:83:17:5a:1d:c7:c8:d1:a1:
44:ea:19:a7:68:45:5e:04:c4:2f:ab:a9:60:58:6b:3f:de:4b:
c1:d5:5e:eb
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYz5msvbP6biLXqC+0El1NtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjQwMTExMTczODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJjYzU3NGQzMDljOGEzOTlkY2ZkYmM2OGRjY2FmNGRkNGMwMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA32YLmgssRFvl2SEf7er/bg+U5C
Y6kpMugZglIjDglwmJwjHUrObRsocj23mLx2JYjXdFZMzcTm7Hdz4I/3AOj3B/JU
f5P0wGCh6iQF9rLMG1XYfDE1jskluaiNQntlaeUUc2gDjQaqLv3XqJ4lGPrGRIdy
503IzR2YNv0b0S2nBKB1wgXbCuH5/XK0K5UmT+NdoYOF+PzOEdeRPkKAzFwttEzq
34pzp5MMefYsa0qA5Zpdk0SorIh6ncfzTWmR8YxZAMgOymhuhR5tZ1kjIAYgFRRt
gdNzpTP1Dk2I/JlljpsorGbftBRPml8qPkk3Xd0kyJjwau5E+b3pEg6Z7QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHksxXTTCcijmdz9vGjcyvTdTAKWMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvZVN6RmROTUp5S09aM1AyOGFOeks5TjFNQXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQAw8jrMCgE
AgACMCIDBwAqEQYAAHgDBwEqEQYAAVADBgQqEQYB0AMGBCoRBgHwMA0GCSqGSIb3
DQEBCwUAA4IBAQBVS6JGdDm2MIB6MyO3zEehA4Jc79MVfqD3DoXzGTr2Knp19MRy
bhuJX5kM4zdnKk4Y9tatQOrQyH1xsl2F1pGYbCaucDkOjuHb6yx+OsAlGlBr+vQ4
vHt3y+GExap39pDRNcnj4/T/BLIzgtAvGdQxOzEadkYlw69L6UatO8zwUGy+H6XB
Ffy8kIFX1UMBMYyRW3jG0YacEPiobs7dPoNDXWW14GbO01AzMKVcNYWKhaUgfxxd
rf8j3Um6+rpPwhxtIrdrW8pg9xr8eCFdUG8aEwi6txcTq3EMTvMRULM+lmCDgxda
HcfI0aFE6hmnaEVeBMQvq6lgWGs/3kvB1V7r
Generated at Fri Oct 18 21:52:54 2024 by rpki-client on console-ams.rpki-client.org