Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/R2LxgUGji9O_JIvEmDDzp1EGyJs.roa
File: R2LxgUGji9O_JIvEmDDzp1EGyJs.roa (raw, json)
Hash identifier: Fuhf8xQbezIDJNkD9HZLg/XGiiaRBd4F9dgteLMMsHk=
Subject key identifier: 47:62:F1:81:41:A3:8B:D3:BF:24:8B:C4:98:30:F3:A7:51:06:C8:9B
Certificate issuer: /CN=66d8a84f0e8cf755137a9680ebcc4fccd20a34b2
Certificate serial: 018571BA10C2C4A824B6D97D9D28A625CC17
Authority key identifier: 66:D8:A8:4F:0E:8C:F7:55:13:7A:96:80:EB:CC:4F:CC:D2:0A:34:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtioTw6M91UTepaA68xPzNIKNLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/R2LxgUGji9O_JIvEmDDzp1EGyJs.roa
Signing time: Mon 02 Jan 2023 09:04:57 +0000
ROA not before: Mon 02 Jan 2023 09:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205804
IP address blocks: 195.246.200.0/22 maxlen: 24
2a0d:12c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:10:c2:c4:a8:24:b6:d9:7d:9d:28:a6:25:cc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d8a84f0e8cf755137a9680ebcc4fccd20a34b2
Validity
Not Before: Jan 2 09:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4762f18141a38bd3bf248bc49830f3a75106c89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:a7:58:91:0c:75:f5:d0:91:7d:0e:47:79:
8f:96:7f:2a:d7:9e:98:d0:00:b1:a3:d6:c2:b2:27:
83:57:1a:b8:bf:9c:3d:58:6e:57:cd:cd:5c:24:80:
46:ac:a7:94:ae:ba:26:7e:6e:89:67:fa:10:93:0a:
c4:7b:a4:16:6c:08:bd:48:f8:e9:f2:09:6d:f3:9a:
31:94:0b:e1:55:28:ec:1d:31:cd:71:56:08:7b:e0:
58:51:a6:3e:f9:28:ec:e9:e7:64:29:72:4d:a1:69:
ea:2e:94:b9:68:5e:2f:ce:5e:35:c9:a5:fd:9d:f8:
bd:a1:e1:27:cb:f2:8b:f6:b5:bf:e2:40:26:30:df:
07:8c:76:15:30:1b:b0:bd:da:9f:d0:4a:4f:11:15:
6d:8f:fe:27:c9:eb:58:60:fb:7a:d3:8d:28:dc:c4:
62:44:b0:19:63:70:7b:c6:7a:f3:f6:0a:99:bf:83:
59:a9:25:e5:ce:74:ce:7d:a2:07:3c:35:7b:04:ff:
49:e5:7b:22:59:1d:14:2a:df:6c:1b:61:72:04:ed:
bb:fb:2d:72:f5:2a:73:38:3e:64:69:16:7d:e3:05:
e6:f3:a8:75:13:28:de:2f:74:eb:df:63:e2:ce:13:
99:b3:bd:b2:66:19:ad:6a:30:59:a5:85:c7:af:58:
b9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:62:F1:81:41:A3:8B:D3:BF:24:8B:C4:98:30:F3:A7:51:06:C8:9B
X509v3 Authority Key Identifier:
keyid:66:D8:A8:4F:0E:8C:F7:55:13:7A:96:80:EB:CC:4F:CC:D2:0A:34:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtioTw6M91UTepaA68xPzNIKNLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/R2LxgUGji9O_JIvEmDDzp1EGyJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/ZtioTw6M91UTepaA68xPzNIKNLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.200.0/22
IPv6:
2a0d:12c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:5a:14:60:18:6c:63:0c:04:0b:34:4a:c2:f1:c4:27:2f:39:
37:a2:b8:ec:7f:98:13:aa:9a:ed:0c:96:5f:67:5e:ea:e6:c6:
81:ef:c3:e3:66:33:18:61:98:42:47:60:63:ba:49:3f:b9:30:
7a:36:cb:8d:cd:59:f2:11:57:09:c7:29:3f:39:b8:3d:b7:48:
0e:1f:24:62:56:1e:49:1e:2f:9b:6d:08:c0:30:8f:10:57:7b:
ca:7d:af:33:c7:e3:26:fb:0e:98:c8:bf:09:59:b3:c1:2c:ed:
e3:b4:e9:f8:9b:ad:de:1e:d0:e6:49:94:01:28:a9:f8:fc:b0:
fa:91:2d:ea:57:e9:26:9d:49:bc:6d:99:fc:b4:ee:e3:81:2e:
43:25:9f:5c:89:5e:06:57:a8:42:97:42:02:e5:4c:15:9d:15:
08:ce:98:99:ac:bd:f9:15:8e:1d:91:fa:54:9e:5c:1b:b0:d2:
f5:fd:c4:f5:47:8f:8f:e5:6d:87:52:ae:9c:f9:55:5e:9a:c0:
3f:08:78:a5:5a:de:51:2d:81:a6:f5:32:37:9f:41:f4:56:cb:
13:5e:93:a8:db:db:f3:39:eb:08:ff:51:49:a7:f3:8a:db:24:
84:7c:01:0e:fa:cf:46:f7:c9:a7:88:51:94:03:dd:6d:50:c9:
71:e2:04:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxuhDCxKgkttl9nSimJcwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDhhODRmMGU4Y2Y3NTUxMzdhOTY4MGViY2M0ZmNjZDIw
YTM0YjIwHhcNMjMwMTAyMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzYyZjE4MTQxYTM4YmQzYmYyNDhiYzQ5ODMwZjNhNzUxMDZjODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUmnWJEMdfXQkX0OR3mPln8q156Y
0ACxo9bCsieDVxq4v5w9WG5Xzc1cJIBGrKeUrromfm6JZ/oQkwrEe6QWbAi9SPjp
8glt85oxlAvhVSjsHTHNcVYIe+BYUaY++Sjs6edkKXJNoWnqLpS5aF4vzl41yaX9
nfi9oeEny/KL9rW/4kAmMN8HjHYVMBuwvdqf0EpPERVtj/4nyetYYPt6040o3MRi
RLAZY3B7xnrz9gqZv4NZqSXlznTOfaIHPDV7BP9J5XsiWR0UKt9sG2FyBO27+y1y
9SpzOD5kaRZ94wXm86h1EyjeL3Tr32PizhOZs72yZhmtajBZpYXHr1i5hwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEdi8YFBo4vTvySLxJgw86dRBsibMB8GA1UdIwQY
MBaAFGbYqE8OjPdVE3qWgOvMT8zSCjSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRpb1R3Nk05MVVUZXBhQTY4eFB6TklLTkxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81ZDVjYzUtOWQ5OC00MTVhLWFiMGUt
YWExNDgxZjBjMTNhLzEvUjJMeGdVR2ppOU9fSkl2RW1ERHpwMUVHeUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81ZDVjYzUtOWQ5OC00MTVhLWFiMGUtYWExNDgxZjBjMTNh
LzEvWnRpb1R3Nk05MVVUZXBhQTY4eFB6TklLTkxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCw/bIMA0E
AgACMAcDBQAqDRLAMA0GCSqGSIb3DQEBCwUAA4IBAQCvWhRgGGxjDAQLNErC8cQn
Lzk3orjsf5gTqprtDJZfZ17q5saB78PjZjMYYZhCR2Bjukk/uTB6NsuNzVnyEVcJ
xyk/Obg9t0gOHyRiVh5JHi+bbQjAMI8QV3vKfa8zx+Mm+w6YyL8JWbPBLO3jtOn4
m63eHtDmSZQBKKn4/LD6kS3qV+kmnUm8bZn8tO7jgS5DJZ9ciV4GV6hCl0IC5UwV
nRUIzpiZrL35FY4dkfpUnlwbsNL1/cT1R4+P5W2HUq6c+VVemsA/CHilWt5RLYGm
9TI3n0H0VssTXpOo29vzOesI/1FJp/OK2ySEfAEO+s9G98mniFGUA91tUMlx4gSW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:27 2024 by rpki-client on console-ams.rpki-client.org