Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/mZuxEpZU7CiW-ihNd6P-M--GUgA.roa
File: mZuxEpZU7CiW-ihNd6P-M--GUgA.roa (raw, json)
Hash identifier: vWWxw93OEAYz4ukUDIucIJA2GmuveeX7xzaDMraITmM=
Subject key identifier: 99:9B:B1:12:96:54:EC:28:96:FA:28:4D:77:A3:FE:33:EF:86:52:00
Certificate issuer: /CN=1c242f2e945c6a72ee28f8c80e80d488433e37a3
Certificate serial: 0186E4B97FE12A775B63A2745AD59F577FAF
Authority key identifier: 1C:24:2F:2E:94:5C:6A:72:EE:28:F8:C8:0E:80:D4:88:43:3E:37:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCQvLpRcanLuKPjIDoDUiEM-N6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/mZuxEpZU7CiW-ihNd6P-M--GUgA.roa
Signing time: Wed 15 Mar 2023 10:03:27 +0000
ROA not before: Wed 15 Mar 2023 10:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207024
IP address blocks: 195.14.104.0/24 maxlen: 24
2a12:b1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:b9:7f:e1:2a:77:5b:63:a2:74:5a:d5:9f:57:7f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c242f2e945c6a72ee28f8c80e80d488433e37a3
Validity
Not Before: Mar 15 10:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=999bb1129654ec2896fa284d77a3fe33ef865200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:3e:5b:4b:b8:62:1a:dc:3e:94:01:ae:fc:
00:c3:a0:a1:26:6f:02:ab:4a:c8:6b:49:9f:8e:d4:
1d:cb:7e:3d:40:d1:d3:b4:0a:b4:a9:fa:07:51:d9:
5d:d1:f7:98:b0:c9:e1:20:e5:a6:81:b4:12:92:95:
bd:b5:60:d8:78:55:08:e3:bf:d7:94:d7:9f:e1:cd:
1e:b7:ef:f9:8c:ae:8d:37:e1:62:c0:6e:c7:bc:41:
3d:7e:91:3a:b3:0d:09:a7:1b:fd:4b:e6:c6:9d:0b:
84:d6:48:a4:7d:e2:52:17:d9:b1:ab:3c:bf:eb:5e:
64:0b:80:62:1c:af:6c:8c:e7:23:58:6f:07:64:76:
68:5a:53:dd:80:60:aa:e5:18:40:ac:c8:ef:87:b0:
08:2a:00:4b:f9:e0:04:25:87:4d:32:49:de:26:40:
fd:f6:33:f1:89:69:98:56:55:b0:82:f7:41:42:56:
c9:29:2c:ac:25:99:08:b2:7d:e5:0e:c8:45:5e:51:
f3:f4:dc:11:c3:19:46:1e:d4:0a:a2:20:be:89:c4:
e8:20:f7:71:91:41:f4:09:ce:5f:6d:11:1c:b1:ec:
42:6f:a2:cc:8a:b4:8f:7c:02:70:44:af:9d:02:21:
24:d2:90:90:ca:02:58:50:31:c2:aa:1d:71:17:10:
39:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9B:B1:12:96:54:EC:28:96:FA:28:4D:77:A3:FE:33:EF:86:52:00
X509v3 Authority Key Identifier:
keyid:1C:24:2F:2E:94:5C:6A:72:EE:28:F8:C8:0E:80:D4:88:43:3E:37:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCQvLpRcanLuKPjIDoDUiEM-N6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/mZuxEpZU7CiW-ihNd6P-M--GUgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/HCQvLpRcanLuKPjIDoDUiEM-N6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.104.0/24
IPv6:
2a12:b1c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:1c:fc:5a:2b:d5:57:ba:3b:cd:7a:e2:ff:94:37:c0:82:5c:
ba:da:38:e0:b5:a1:16:a8:0e:1d:d5:6e:63:ae:ab:b0:af:c8:
c4:ef:ff:4f:35:52:0a:5b:7b:c2:00:a5:34:74:57:3d:b6:2e:
fe:10:1a:49:d6:65:b8:5f:0b:65:eb:99:e8:31:01:c8:5f:d9:
cb:2a:5e:70:6b:c6:13:17:92:5f:e5:da:b6:aa:8e:ac:f0:62:
13:a0:3d:c6:47:8e:3e:72:7f:87:7d:c3:63:e6:ee:8a:90:e0:
c3:26:39:19:8b:46:52:37:05:8a:ef:68:b5:26:94:3b:e3:ad:
76:b5:63:ba:e8:e5:74:94:cc:77:4b:26:61:9a:2d:65:e4:70:
fa:d5:e5:7d:9e:af:77:0b:0e:4d:4c:be:d1:8a:7a:0f:b0:f5:
8f:4f:3a:95:2f:bd:22:34:c9:72:a8:a3:44:3c:45:9c:7d:28:
90:35:1e:f2:5f:b9:04:6c:0e:35:4a:3b:21:d8:6b:88:23:e0:
63:51:c0:d3:c4:90:b1:bc:eb:6f:c8:aa:cd:76:29:04:99:7c:
9f:71:f4:23:e7:82:ed:a5:2d:ea:fd:25:d2:ce:d8:bd:b2:bf:
85:4d:16:f7:e5:ee:3a:fe:03:d6:3c:84:c1:5b:dd:0e:02:d5:
2a:fd:07:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbkuX/hKndbY6J0WtWfV3+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjQyZjJlOTQ1YzZhNzJlZTI4ZjhjODBlODBkNDg4NDMz
ZTM3YTMwHhcNMjMwMzE1MTAwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTliYjExMjk2NTRlYzI4OTZmYTI4NGQ3N2EzZmUzM2VmODY1MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzY+W0u4YhrcPpQBrvwAw6ChJm8C
q0rIa0mfjtQdy349QNHTtAq0qfoHUdld0feYsMnhIOWmgbQSkpW9tWDYeFUI47/X
lNef4c0et+/5jK6NN+FiwG7HvEE9fpE6sw0Jpxv9S+bGnQuE1kikfeJSF9mxqzy/
615kC4BiHK9sjOcjWG8HZHZoWlPdgGCq5RhArMjvh7AIKgBL+eAEJYdNMkneJkD9
9jPxiWmYVlWwgvdBQlbJKSysJZkIsn3lDshFXlHz9NwRwxlGHtQKoiC+icToIPdx
kUH0Cc5fbREcsexCb6LMirSPfAJwRK+dAiEk0pCQygJYUDHCqh1xFxA5YQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJmbsRKWVOwolvooTXej/jPvhlIAMB8GA1UdIwQY
MBaAFBwkLy6UXGpy7ij4yA6A1IhDPjejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENRdkxwUmNhbkx1S1BqSURvRFVpRU0tTjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMzQ0OWItMjdjYi00MGQxLWI3YWEt
Y2E3OGVmNTgyNmNhLzEvbVp1eEVwWlU3Q2lXLWloTmQ2UC1NLS1HVWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMzQ0OWItMjdjYi00MGQxLWI3YWEtY2E3OGVmNTgyNmNh
LzEvSENRdkxwUmNhbkx1S1BqSURvRFVpRU0tTjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAww5oMA0E
AgACMAcDBQMqErHAMA0GCSqGSIb3DQEBCwUAA4IBAQBGHPxaK9VXujvNeuL/lDfA
gly62jjgtaEWqA4d1W5jrquwr8jE7/9PNVIKW3vCAKU0dFc9ti7+EBpJ1mW4Xwtl
65noMQHIX9nLKl5wa8YTF5Jf5dq2qo6s8GIToD3GR44+cn+HfcNj5u6KkODDJjkZ
i0ZSNwWK72i1JpQ74612tWO66OV0lMx3SyZhmi1l5HD61eV9nq93Cw5NTL7RinoP
sPWPTzqVL70iNMlyqKNEPEWcfSiQNR7yX7kEbA41Sjsh2GuII+BjUcDTxJCxvOtv
yKrNdikEmXyfcfQj54LtpS3q/SXSzti9sr+FTRb35e46/gPWPITBW90OAtUq/Qf3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org