Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9sKCHeRJh31LzbXenebBqgxE7YM.roa
File: 9sKCHeRJh31LzbXenebBqgxE7YM.roa (raw, json)
Hash identifier: fXX8euuJ1r9VzDqOQvOSyB0Gxvf2u6Zkaiix46NYfDw=
Subject key identifier: F6:C2:82:1D:E4:49:87:7D:4B:CD:B5:DE:9D:E6:C1:AA:0C:44:ED:83
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83BD70B6CBEDDB3C2C3E4F0BF0159
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9sKCHeRJh31LzbXenebBqgxE7YM.roa
Signing time: Sun 01 Jan 2023 09:44:51 +0000
ROA not before: Sun 01 Jan 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12601
IP address blocks: 195.101.164.0/23 maxlen: 23
195.101.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3b:d7:0b:6c:be:dd:b3:c2:c3:e4:f0:bf:01:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6c2821de449877d4bcdb5de9de6c1aa0c44ed83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:69:73:f5:ef:1b:08:e4:42:e5:7c:73:df:35:
b9:3e:7a:c8:21:13:7a:d4:9a:d3:11:75:eb:ca:7f:
6a:81:95:27:78:fc:cf:31:59:1a:91:95:30:3c:c6:
b2:a0:b1:c8:fc:34:33:4d:af:a8:09:3f:3c:0c:a4:
9d:a5:93:32:9d:66:48:e0:31:8f:46:3b:55:d0:9d:
13:3d:2c:ae:57:9c:34:b6:2d:bf:ea:7f:a3:3b:64:
14:3f:f3:8f:13:15:4e:b6:85:56:2b:5c:fa:f7:06:
fc:ca:4c:41:45:62:dc:31:44:ca:43:d9:e9:f8:83:
54:75:cf:45:c9:9c:ae:dc:b9:a6:4b:4a:43:98:78:
22:46:30:b3:e3:2e:3b:6a:65:1f:11:9d:db:7a:cb:
ce:03:bc:36:79:9a:94:94:c4:bc:53:0b:ec:4c:25:
79:8a:f9:e0:96:b5:35:9a:6a:2b:a7:1b:9e:64:9c:
d8:06:08:11:a3:27:86:be:c0:ec:5f:a4:63:0b:30:
69:fa:be:36:fe:93:14:ee:80:14:1d:bf:3f:fa:bd:
0b:20:53:68:bb:bb:c9:8a:6c:dc:cc:5d:18:0e:09:
f0:cf:f7:4f:39:90:ce:f8:24:1c:c3:38:1a:78:cc:
9f:60:e8:16:bb:5b:ea:e4:c9:58:0b:21:1d:37:b1:
c1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C2:82:1D:E4:49:87:7D:4B:CD:B5:DE:9D:E6:C1:AA:0C:44:ED:83
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/9sKCHeRJh31LzbXenebBqgxE7YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.101.164.0/22
Signature Algorithm: sha256WithRSAEncryption
98:d4:87:ad:c4:a2:a2:59:91:6c:bf:b8:9c:8b:2a:10:07:32:
5a:bc:8d:4f:22:49:6f:45:0e:c2:50:f6:3d:61:7c:18:18:24:
ad:12:5b:c7:0c:73:12:2a:56:cb:3d:e9:ba:aa:cd:ab:7c:da:
46:39:30:8c:f4:6e:08:e9:23:01:50:a5:73:83:45:f8:1a:54:
43:a4:3a:b5:c0:d6:7d:76:41:7a:91:ac:a1:57:11:91:6d:80:
0c:40:54:79:85:79:f0:5c:ce:0c:48:81:4c:f6:af:7e:76:8e:
5b:62:d9:d7:9e:4e:16:bc:d1:20:e7:35:ed:19:99:87:1e:ce:
54:1f:d8:0d:5b:05:48:d6:6d:38:bd:c7:1e:e9:8a:40:43:c5:
c1:56:95:c8:09:9d:06:90:b9:d2:4a:df:67:19:00:8a:b0:99:
4d:9b:18:39:9d:53:40:d8:85:17:91:7c:64:9c:db:f1:6b:93:
57:45:ac:fc:62:86:eb:7c:21:43:a5:a9:bf:47:3f:a3:78:f2:
3d:eb:ed:fd:68:da:01:dc:5c:16:64:aa:49:fb:28:5e:4c:e3:
96:c2:84:4f:8e:69:ab:b0:45:92:57:d0:51:62:23:a9:a4:01:
61:8b:a0:d7:0b:dc:66:e8:e1:42:29:b9:59:ba:23:03:28:f6:
39:cb:97:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuDvXC2y+3bPCw+TwvwFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMyODIxZGU0NDk4NzdkNGJjZGI1ZGU5ZGU2YzFhYTBjNDRlZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2lz9e8bCORC5Xxz3zW5PnrIIRN6
1JrTEXXryn9qgZUnePzPMVkakZUwPMayoLHI/DQzTa+oCT88DKSdpZMynWZI4DGP
RjtV0J0TPSyuV5w0ti2/6n+jO2QUP/OPExVOtoVWK1z69wb8ykxBRWLcMUTKQ9np
+INUdc9FyZyu3LmmS0pDmHgiRjCz4y47amUfEZ3besvOA7w2eZqUlMS8UwvsTCV5
ivnglrU1mmorpxueZJzYBggRoyeGvsDsX6RjCzBp+r42/pMU7oAUHb8/+r0LIFNo
u7vJimzczF0YDgnwz/dPOZDO+CQcwzgaeMyfYOgWu1vq5MlYCyEdN7HBwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbCgh3kSYd9S8213p3mwaoMRO2DMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvOXNLQ0hlUkpoMzFMemJYZW5lYkJxZ3hFN1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw2WkMA0G
CSqGSIb3DQEBCwUAA4IBAQCY1IetxKKiWZFsv7iciyoQBzJavI1PIklvRQ7CUPY9
YXwYGCStElvHDHMSKlbLPem6qs2rfNpGOTCM9G4I6SMBUKVzg0X4GlRDpDq1wNZ9
dkF6kayhVxGRbYAMQFR5hXnwXM4MSIFM9q9+do5bYtnXnk4WvNEg5zXtGZmHHs5U
H9gNWwVI1m04vcce6YpAQ8XBVpXICZ0GkLnSSt9nGQCKsJlNmxg5nVNA2IUXkXxk
nNvxa5NXRaz8YobrfCFDpam/Rz+jePI96+39aNoB3FwWZKpJ+yheTOOWwoRPjmmr
sEWSV9BRYiOppAFhi6DXC9xm6OFCKblZuiMDKPY5y5ch
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org