Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2a57be-be77-4428-8e93-ba5201ea5f83/1/_JTnPXBYoVYthCb0L5dW9s58-bM.roa
File: _JTnPXBYoVYthCb0L5dW9s58-bM.roa (raw, json)
Hash identifier: QNuZHFkxEG4RTasiMZnU/cIP73MCRKOGBADkHfWoxyQ=
Subject key identifier: FC:94:E7:3D:70:58:A1:56:2D:84:26:F4:2F:97:56:F6:CE:7C:F9:B3
Certificate issuer: /CN=a4b65da1753fb4eeedb86fda87dd3afa69d862d0
Certificate serial: 01866647F4C52BEB9FCCE03573DBC7730C8C
Authority key identifier: A4:B6:5D:A1:75:3F:B4:EE:ED:B8:6F:DA:87:DD:3A:FA:69:D8:62:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZdoXU_tO7tuG_ah906-mnYYtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2a57be-be77-4428-8e93-ba5201ea5f83/1/_JTnPXBYoVYthCb0L5dW9s58-bM.roa
Signing time: Sat 18 Feb 2023 20:47:17 +0000
ROA not before: Sat 18 Feb 2023 20:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44544
IP address blocks: 195.216.223.0/24 maxlen: 24
195.216.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:66:47:f4:c5:2b:eb:9f:cc:e0:35:73:db:c7:73:0c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b65da1753fb4eeedb86fda87dd3afa69d862d0
Validity
Not Before: Feb 18 20:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc94e73d7058a1562d8426f42f9756f6ce7cf9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0d:97:17:5f:4f:7e:f9:7d:45:65:89:60:ac:
ae:48:71:7b:b9:42:e0:1d:7f:dd:24:b6:c4:f5:6a:
9c:c1:53:a5:f8:98:d2:09:9d:47:23:4e:70:9e:fd:
87:38:73:98:ed:15:8f:8c:00:ce:ad:63:4d:d7:e1:
53:dd:62:ba:49:28:e5:8c:01:fc:28:62:a0:92:a0:
13:0a:49:c3:3c:00:c1:17:f9:80:f2:ea:3d:36:67:
53:8b:a4:3b:b9:f2:05:e0:2e:25:35:32:40:7c:fc:
8a:af:8e:56:3d:86:cd:76:f6:d9:5d:2b:8d:e8:df:
0c:a6:99:7e:ac:15:ee:eb:b5:4a:d4:c3:dd:c1:f6:
d4:59:4d:ef:2c:ad:f6:37:f6:51:d6:a7:2b:46:64:
d6:3b:b0:6c:db:b1:ff:ac:0d:74:4a:7b:b3:9b:8e:
bd:22:2a:3e:04:2b:d8:79:6a:0d:85:bc:fd:66:76:
ce:a3:e5:04:6d:a4:1d:16:56:28:11:71:16:dd:f8:
1a:cf:a4:72:ee:92:58:fa:3d:a8:8b:cd:aa:a2:b0:
a9:6e:92:9c:cb:b2:17:7a:0d:2b:c3:5e:37:dc:09:
05:fb:d8:a4:66:79:94:dc:ff:14:50:a6:52:84:d5:
3c:38:40:e4:db:2c:1d:c4:70:b9:b3:f7:81:91:6c:
fa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:94:E7:3D:70:58:A1:56:2D:84:26:F4:2F:97:56:F6:CE:7C:F9:B3
X509v3 Authority Key Identifier:
keyid:A4:B6:5D:A1:75:3F:B4:EE:ED:B8:6F:DA:87:DD:3A:FA:69:D8:62:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZdoXU_tO7tuG_ah906-mnYYtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2a57be-be77-4428-8e93-ba5201ea5f83/1/_JTnPXBYoVYthCb0L5dW9s58-bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2a57be-be77-4428-8e93-ba5201ea5f83/1/pLZdoXU_tO7tuG_ah906-mnYYtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.222.0/23
Signature Algorithm: sha256WithRSAEncryption
75:d3:73:98:df:d0:f5:99:67:89:eb:9c:f3:ff:82:ca:c4:0e:
f4:00:0b:81:01:2d:3f:f9:98:7f:cd:59:48:37:bb:4e:6c:08:
5b:d2:28:fb:df:3e:9e:df:11:28:f0:90:8d:a0:c7:a3:54:9c:
b1:62:01:dc:84:70:e9:9a:34:7d:75:35:5f:6f:5c:1d:48:4a:
54:21:e9:4f:1d:ac:a8:ad:98:7f:89:4a:1d:43:27:90:b8:71:
28:fc:d0:77:43:83:eb:b1:01:55:fd:41:bd:44:87:b3:4a:9e:
b8:7e:7d:76:5b:7c:4a:bb:f7:a5:b2:86:e0:58:9f:81:3d:15:
2f:b2:9f:d9:c3:74:94:97:7c:55:a5:5e:40:1e:89:02:41:12:
63:12:6f:f6:e6:c6:27:1e:b5:e0:72:f0:01:66:b6:58:a7:35:
e3:0a:a9:f1:b2:2d:c3:f6:e1:9d:17:af:4e:b9:51:a0:21:dc:
a2:12:32:04:46:dd:d8:74:65:95:39:c5:41:89:58:7c:ef:79:
17:ed:b0:56:c7:c5:cc:af:68:af:df:b8:f8:45:f8:51:f9:6f:
07:b8:9b:7e:bf:2c:a3:35:63:92:6f:89:c5:e2:8d:38:90:06:
3b:cc:6e:6b:5a:4f:b0:50:96:ce:ea:5a:69:69:a8:29:a6:90:
70:20:0b:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZmR/TFK+ufzOA1c9vHcwyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY1ZGExNzUzZmI0ZWVlZGI4NmZkYTg3ZGQzYWZhNjlk
ODYyZDAwHhcNMjMwMjE4MjA0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk0ZTczZDcwNThhMTU2MmQ4NDI2ZjQyZjk3NTZmNmNlN2NmOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA2XF19Pfvl9RWWJYKyuSHF7uULg
HX/dJLbE9WqcwVOl+JjSCZ1HI05wnv2HOHOY7RWPjADOrWNN1+FT3WK6SSjljAH8
KGKgkqATCknDPADBF/mA8uo9NmdTi6Q7ufIF4C4lNTJAfPyKr45WPYbNdvbZXSuN
6N8Mppl+rBXu67VK1MPdwfbUWU3vLK32N/ZR1qcrRmTWO7Bs27H/rA10Snuzm469
Iio+BCvYeWoNhbz9ZnbOo+UEbaQdFlYoEXEW3fgaz6Ry7pJY+j2oi82qorCpbpKc
y7IXeg0rw1433AkF+9ikZnmU3P8UUKZShNU8OEDk2ywdxHC5s/eBkWz6EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPyU5z1wWKFWLYQm9C+XVvbOfPmzMB8GA1UdIwQY
MBaAFKS2XaF1P7Tu7bhv2ofdOvpp2GLQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExaZG9YVV90Tzd0dUdfYWg5MDYtbW5ZWXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yYTU3YmUtYmU3Ny00NDI4LThlOTMt
YmE1MjAxZWE1ZjgzLzEvX0pUblBYQllvVll0aENiMEw1ZFc5czU4LWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yYTU3YmUtYmU3Ny00NDI4LThlOTMtYmE1MjAxZWE1Zjgz
LzEvcExaZG9YVV90Tzd0dUdfYWg5MDYtbW5ZWXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9jeMA0G
CSqGSIb3DQEBCwUAA4IBAQB103OY39D1mWeJ65zz/4LKxA70AAuBAS0/+Zh/zVlI
N7tObAhb0ij73z6e3xEo8JCNoMejVJyxYgHchHDpmjR9dTVfb1wdSEpUIelPHayo
rZh/iUodQyeQuHEo/NB3Q4PrsQFV/UG9RIezSp64fn12W3xKu/elsobgWJ+BPRUv
sp/Zw3SUl3xVpV5AHokCQRJjEm/25sYnHrXgcvABZrZYpzXjCqnxsi3D9uGdF69O
uVGgIdyiEjIERt3YdGWVOcVBiVh873kX7bBWx8XMr2iv37j4RfhR+W8HuJt+vyyj
NWOSb4nF4o04kAY7zG5rWk+wUJbO6lppaagpppBwIAu9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org