Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CgKneuFEz1IaKk6FEQCYmBQdPdM.roa
File: CgKneuFEz1IaKk6FEQCYmBQdPdM.roa (raw, json)
Hash identifier: vE72y9htBZiTxP5EiX5VM++K8tcxb/YItHMockolZqE=
Subject key identifier: 0A:02:A7:7A:E1:44:CF:52:1A:2A:4E:85:11:00:98:98:14:1D:3D:D3
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 018571B0C1994359FB78BC33C7CD353D9ECC
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CgKneuFEz1IaKk6FEQCYmBQdPdM.roa
Signing time: Mon 02 Jan 2023 08:54:47 +0000
ROA not before: Mon 02 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5459
IP address blocks: 195.66.224.0/19 maxlen: 19
195.66.232.0/22 maxlen: 22
195.66.240.0/22 maxlen: 22
195.66.248.0/22 maxlen: 22
2a01:40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jul 2023 08:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c1:99:43:59:fb:78:bc:33:c7:cd:35:3d:9e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jan 2 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a02a77ae144cf521a2a4e8511009898141d3dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ef:db:19:1d:df:56:d4:ae:a8:0e:a4:50:5a:
f8:76:19:3b:02:e9:d0:15:5f:db:f2:78:7a:eb:49:
36:8f:7c:93:83:a9:9e:6d:92:d0:ba:5c:50:4d:eb:
64:90:f0:56:2a:fa:c1:7c:4b:8a:e8:e2:8a:d5:be:
57:cf:f6:a9:ab:48:9c:9e:fb:c2:f5:6f:c6:37:9f:
75:5c:b5:d1:08:60:cc:9b:30:34:6f:a0:c4:fe:f2:
6f:31:d1:1e:95:49:ee:b9:b0:1e:b3:43:87:7a:11:
a4:a2:b5:14:18:2a:36:e3:05:b9:d7:0f:1f:fe:20:
02:90:a1:0c:8a:50:eb:48:54:95:81:61:06:8d:26:
32:c3:98:2d:db:96:0b:bd:f3:49:63:32:cb:82:2a:
37:15:82:ad:70:31:61:f1:4d:bc:f5:a5:fc:2d:c6:
e2:11:22:85:9f:2b:f4:66:42:53:d7:b2:b3:98:54:
90:16:6a:bd:a0:72:0e:76:d9:3a:8e:65:ae:93:f9:
a9:fa:6b:8a:60:20:ea:cd:6d:04:7c:6c:45:41:94:
23:77:17:c9:d2:b7:c4:0b:43:3d:f6:a6:40:e0:11:
4e:89:03:af:2f:ab:fc:de:d8:dd:87:3b:4b:5e:fb:
de:fb:bd:1f:52:16:02:bb:e3:d0:fd:03:37:f0:f8:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:02:A7:7A:E1:44:CF:52:1A:2A:4E:85:11:00:98:98:14:1D:3D:D3
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/CgKneuFEz1IaKk6FEQCYmBQdPdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.224.0/19
IPv6:
2a01:40::/32
Signature Algorithm: sha256WithRSAEncryption
1e:b9:ec:51:7a:6c:3c:c9:91:44:18:bb:ef:9b:b0:62:aa:59:
52:04:bf:e6:12:e6:8a:e3:7e:02:6a:63:e8:27:69:7d:fb:42:
9a:2c:83:05:9a:f4:de:68:2d:f7:06:a9:41:95:80:52:1d:40:
4e:cb:97:57:94:ad:16:35:d7:30:f9:1f:90:be:ec:a9:31:a8:
88:8e:1e:8b:a6:36:46:71:4e:b6:b4:f6:f2:ec:b2:c1:74:22:
8e:de:d6:4b:75:e6:5b:28:e8:71:f0:32:0d:20:9a:b8:ea:a6:
f6:6d:f4:02:5d:52:0b:1b:6b:21:6a:d5:fd:a5:8a:09:4a:52:
2d:8e:56:44:f2:03:2f:4d:94:a3:20:ad:4b:dc:17:7a:78:f4:
f3:21:ac:26:7a:7e:52:d8:d6:fb:b5:39:17:28:32:74:b8:67:
bc:5a:7d:c2:a2:a7:72:32:06:42:1e:2e:d6:5f:ae:30:1a:d7:
5c:7f:2a:f8:36:3f:9f:ee:7a:68:66:c4:c3:9f:b4:fb:43:a2:
a0:c6:35:49:6a:f0:ad:bb:1a:38:a7:db:93:b8:f1:c4:54:00:
b1:59:30:f0:5b:c5:f5:9d:21:ef:28:26:7d:23:e2:c3:14:74:
6c:73:31:89:93:83:84:f2:d2:25:58:ff:35:d6:9c:d7:05:01:
e8:43:66:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsMGZQ1n7eLwzx801PZ7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwMTAyMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAyYTc3YWUxNDRjZjUyMWEyYTRlODUxMTAwOTg5ODE0MWQzZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku/bGR3fVtSuqA6kUFr4dhk7AunQ
FV/b8nh660k2j3yTg6mebZLQulxQTetkkPBWKvrBfEuK6OKK1b5Xz/apq0icnvvC
9W/GN591XLXRCGDMmzA0b6DE/vJvMdEelUnuubAes0OHehGkorUUGCo24wW51w8f
/iACkKEMilDrSFSVgWEGjSYyw5gt25YLvfNJYzLLgio3FYKtcDFh8U289aX8Lcbi
ESKFnyv0ZkJT17KzmFSQFmq9oHIOdtk6jmWuk/mp+muKYCDqzW0EfGxFQZQjdxfJ
0rfEC0M99qZA4BFOiQOvL6v83tjdhztLXvve+70fUhYCu+PQ/QM38PjmbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAoCp3rhRM9SGipOhREAmJgUHT3TMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvQ2dLbmV1RkV6MUlhS2s2RkVRQ1ltQlFkUGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFw0LgMA0E
AgACMAcDBQAqAQBAMA0GCSqGSIb3DQEBCwUAA4IBAQAeuexRemw8yZFEGLvvm7Bi
qllSBL/mEuaK434CamPoJ2l9+0KaLIMFmvTeaC33BqlBlYBSHUBOy5dXlK0WNdcw
+R+QvuypMaiIjh6LpjZGcU62tPby7LLBdCKO3tZLdeZbKOhx8DINIJq46qb2bfQC
XVILG2shatX9pYoJSlItjlZE8gMvTZSjIK1L3Bd6ePTzIawmen5S2Nb7tTkXKDJ0
uGe8Wn3CoqdyMgZCHi7WX64wGtdcfyr4Nj+f7npoZsTDn7T7Q6KgxjVJavCtuxo4
p9uTuPHEVACxWTDwW8X1nSHvKCZ9I+LDFHRsczGJk4OE8tIlWP811pzXBQHoQ2bx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:37 2024 by rpki-client on console-ams.rpki-client.org