Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/XzJHnk5EgTjEZcHq5FxunUS6YBs.roa
File: XzJHnk5EgTjEZcHq5FxunUS6YBs.roa (raw, json)
Hash identifier: XvaYh8Dq83oj+qN35WENG/9UiGkGUc97rZaptnX/Npg=
Subject key identifier: 5F:32:47:9E:4E:44:81:38:C4:65:C1:EA:E4:5C:6E:9D:44:BA:60:1B
Certificate issuer: /CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Certificate serial: 018CC6B9280DDD744C94DE6A5318BAEE724A
Authority key identifier: 4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/XzJHnk5EgTjEZcHq5FxunUS6YBs.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199417
IP address blocks: 195.10.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 23:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:28:0d:dd:74:4c:94:de:6a:53:18:ba:ee:72:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f32479e4e448138c465c1eae45c6e9d44ba601b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:43:de:46:b7:21:18:ca:a4:9c:62:aa:4d:
41:e8:e3:73:cd:a7:c1:3e:24:e6:d6:c5:04:1b:e0:
d3:53:f9:bd:1e:7e:b0:4f:2b:0c:6f:07:64:e6:c3:
41:56:e0:3e:ed:d9:c3:8c:10:32:ae:8f:c8:83:3a:
dc:c2:88:ee:d8:a0:fd:73:bc:c7:33:65:7b:e0:73:
cd:7e:d6:1a:6e:82:01:7a:97:2c:92:9f:ef:ef:9f:
1c:67:d1:14:bf:cb:46:27:61:25:85:03:fa:25:b3:
d0:6a:97:8b:8a:72:57:45:53:5c:fb:72:23:8c:b3:
fb:2a:b2:ea:88:e9:4b:49:4c:65:82:b3:df:cb:2e:
b2:31:86:f9:ad:ca:ba:c1:a6:b0:13:53:26:1d:96:
a1:68:0f:95:9a:b2:29:a1:d1:82:65:e5:f6:cc:b8:
9a:cf:58:51:e0:e8:54:5a:a5:a4:f7:8b:1d:02:40:
c3:2a:e8:c4:b9:28:8e:78:0b:a4:8e:e0:d6:c0:92:
cd:af:61:cf:18:0a:2d:de:3c:91:07:bc:bf:0d:f3:
0d:ce:74:ca:0f:b7:a5:15:a2:80:1f:25:51:b5:d1:
b4:cc:81:dd:79:fd:0e:8d:d2:e5:ad:70:c2:7e:cf:
90:3f:6d:98:53:40:25:48:29:7f:c4:10:5d:a7:6a:
15:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:32:47:9E:4E:44:81:38:C4:65:C1:EA:E4:5C:6E:9D:44:BA:60:1B
X509v3 Authority Key Identifier:
keyid:4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/XzJHnk5EgTjEZcHq5FxunUS6YBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:fc:1a:51:de:f2:e0:5a:1e:59:5f:01:27:19:21:00:2c:37:
96:bf:7c:a4:b2:57:b7:3a:94:5b:a1:fb:19:4f:be:a3:e4:76:
de:b2:27:7e:c2:d8:21:46:9d:5e:c3:ed:11:ba:b1:28:e2:f1:
d4:e6:b3:ea:a7:2d:aa:ab:ec:d5:0e:fd:44:52:b1:3d:81:8b:
87:b3:eb:35:bc:b8:c7:a2:52:70:ab:a9:3d:fd:b2:a2:65:fe:
57:0f:5e:73:a8:4f:03:97:d7:eb:5d:b0:92:dd:66:33:7c:28:
6a:3e:d8:f8:2d:a5:7b:98:3f:a1:64:1f:39:af:fe:96:e9:18:
94:4e:29:9f:3a:e4:d8:55:4e:0d:ea:5c:95:84:78:4a:1b:9e:
f4:f2:95:35:72:2d:c5:7a:37:a0:66:f0:0e:2e:d3:23:9c:b8:
90:09:8a:11:e1:16:e0:72:f3:26:8d:e1:5a:b2:54:32:3e:d6:
2b:85:d7:47:7f:f3:b7:c6:3a:49:ae:e8:90:d3:a3:47:21:0a:
b8:6c:41:b2:d0:37:43:cc:0c:cf:fa:ac:16:fb:2d:46:74:c8:
d4:22:02:54:55:6f:68:f3:1c:f5:71:e8:e2:c4:8e:d1:d6:e2:
77:f2:e8:c5:1d:cd:45:6e:b2:b9:e6:6a:b6:e3:71:50:bd:1f:
a6:6f:b7:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSgN3XRMlN5qUxi67nJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmQzMGIwMTVlYzRlZjFiMGQzYzY0MzQ3YzhkMWI1OTgy
OTNmODEwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMyNDc5ZTRlNDQ4MTM4YzQ2NWMxZWFlNDVjNmU5ZDQ0YmE2MDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqVD3ka3IRjKpJxiqk1B6ONzzafB
PiTm1sUEG+DTU/m9Hn6wTysMbwdk5sNBVuA+7dnDjBAyro/Igzrcwoju2KD9c7zH
M2V74HPNftYaboIBepcskp/v758cZ9EUv8tGJ2ElhQP6JbPQapeLinJXRVNc+3Ij
jLP7KrLqiOlLSUxlgrPfyy6yMYb5rcq6waawE1MmHZahaA+VmrIpodGCZeX2zLia
z1hR4OhUWqWk94sdAkDDKujEuSiOeAukjuDWwJLNr2HPGAot3jyRB7y/DfMNznTK
D7elFaKAHyVRtdG0zIHdef0OjdLlrXDCfs+QP22YU0AlSCl/xBBdp2oVXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8yR55ORIE4xGXB6uRcbp1EumAbMB8GA1UdIwQY
MBaAFE8tMLAV7E7xsNPGQ0fI0bWYKT+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjkt
NDM1MWJiZjc0YzBjLzEvWHpKSG5rNUVnVGpFWmNIcTVGeHVuVVM2WUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjktNDM1MWJiZjc0YzBj
LzEvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrNMA0G
CSqGSIb3DQEBCwUAA4IBAQCM/BpR3vLgWh5ZXwEnGSEALDeWv3yksle3OpRbofsZ
T76j5Hbesid+wtghRp1ew+0RurEo4vHU5rPqpy2qq+zVDv1EUrE9gYuHs+s1vLjH
olJwq6k9/bKiZf5XD15zqE8Dl9frXbCS3WYzfChqPtj4LaV7mD+hZB85r/6W6RiU
TimfOuTYVU4N6lyVhHhKG5708pU1ci3FejegZvAOLtMjnLiQCYoR4RbgcvMmjeFa
slQyPtYrhddHf/O3xjpJruiQ06NHIQq4bEGy0DdDzAzP+qwW+y1GdMjUIgJUVW9o
8xz1cejixI7R1uJ38ujFHc1FbrK55mq243FQvR+mb7c0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org