Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/RiCJi8zj5ERJLoSJTx7F0gCkNO8.roa
File: RiCJi8zj5ERJLoSJTx7F0gCkNO8.roa (raw, json)
Hash identifier: jdFsI4iR/VP9d8BBh1SgD6aEsAp+gtH/PXsM5ehWFAU=
Subject key identifier: 46:20:89:8B:CC:E3:E4:44:49:2E:84:89:4F:1E:C5:D2:00:A4:34:EF
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 01856C6F225305F4B1EC5FDE7FF26DEC353F
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/RiCJi8zj5ERJLoSJTx7F0gCkNO8.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34136
IP address blocks: 195.234.76.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:22:53:05:f4:b1:ec:5f:de:7f:f2:6d:ec:35:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4620898bcce3e444492e84894f1ec5d200a434ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:6a:22:ec:ca:19:3f:d9:46:db:c3:3c:99:
a4:90:2b:d4:e3:7f:84:f2:20:21:c8:c3:3b:07:c0:
77:83:c2:38:d4:a5:0f:bb:2f:2f:b2:96:84:b0:5d:
db:7e:c6:c0:a0:cd:58:46:be:8c:0e:6e:ac:11:41:
3e:b7:04:7f:c7:9b:b0:ee:45:17:58:27:ed:c1:88:
20:a5:8d:3c:f6:e1:42:8f:5a:47:03:c7:30:2d:77:
d0:46:fa:d6:06:b5:1b:be:4b:52:0f:30:9c:c8:cb:
ee:bb:df:d5:dd:73:c1:fc:fa:f1:4d:70:d3:46:3c:
99:f0:d2:eb:c5:f3:cb:0c:53:9a:d7:ad:3c:3f:e3:
75:38:d8:2d:e0:4f:a7:e4:8d:05:48:13:4b:df:4e:
fc:ec:4e:b3:a9:35:9d:32:c3:01:92:36:f1:c0:12:
85:76:60:d3:92:64:00:0a:bc:02:e1:f1:6e:66:9e:
46:b4:11:ff:70:69:dc:ae:9b:21:8d:87:a0:fa:83:
6d:11:c9:34:76:2d:d4:49:7d:83:f2:8f:ad:25:5b:
5d:99:e7:33:23:42:b6:97:25:6c:db:64:87:65:94:
d1:7a:27:f4:1c:29:8b:d8:42:a6:63:0a:b9:43:05:
4a:59:4a:e1:4c:ea:49:45:6d:a5:d3:38:20:55:bd:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:20:89:8B:CC:E3:E4:44:49:2E:84:89:4F:1E:C5:D2:00:A4:34:EF
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/RiCJi8zj5ERJLoSJTx7F0gCkNO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.76.0/22
Signature Algorithm: sha256WithRSAEncryption
68:5a:6f:35:2e:95:14:be:94:2e:82:e1:b7:2e:11:79:7c:42:
f8:28:2c:11:53:8e:59:1a:0f:6b:41:4b:b9:7b:90:d1:25:d0:
98:e5:56:8b:f2:87:fc:e7:93:9b:e4:77:e5:d7:d7:54:ca:f6:
b9:6c:34:fb:20:3a:e5:94:62:f6:ea:3d:63:e4:97:1d:2b:3c:
1f:28:e0:0d:77:94:c7:5d:82:4b:39:ca:f1:27:a9:ba:23:54:
2f:8e:c5:8f:be:4c:a8:55:3a:fd:5b:b8:aa:45:18:90:8d:15:
be:9f:9e:f8:6b:6d:94:33:28:1c:05:23:af:ea:9c:35:32:f9:
f1:05:96:8e:65:fe:76:e4:c9:43:15:3a:80:84:3a:42:83:b4:
86:78:79:a4:c0:b6:06:06:78:c0:d5:0f:4c:52:6c:76:df:42:
a8:c1:7e:f2:88:d8:b6:97:36:7d:ae:3a:49:4c:f0:59:90:8f:
f2:6c:03:aa:dd:71:f1:94:35:a9:91:bd:71:8a:33:fa:2c:8a:
44:ae:f8:a8:83:88:f1:60:aa:f8:72:7c:d7:21:9e:4e:f0:56:
06:37:a3:55:9c:f8:fe:47:df:1d:08:0e:be:73:a6:8a:0a:1b:
39:99:7f:08:c9:9f:a6:ac:47:e2:4e:14:bb:6a:e2:f6:9a:53:
0f:5f:fa:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbyJTBfSx7F/ef/Jt7DU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjIwODk4YmNjZTNlNDQ0NDkyZTg0ODk0ZjFlYzVkMjAwYTQzNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJZqIuzKGT/ZRtvDPJmkkCvU43+E
8iAhyMM7B8B3g8I41KUPuy8vspaEsF3bfsbAoM1YRr6MDm6sEUE+twR/x5uw7kUX
WCftwYggpY089uFCj1pHA8cwLXfQRvrWBrUbvktSDzCcyMvuu9/V3XPB/PrxTXDT
RjyZ8NLrxfPLDFOa1608P+N1ONgt4E+n5I0FSBNL30787E6zqTWdMsMBkjbxwBKF
dmDTkmQACrwC4fFuZp5GtBH/cGncrpshjYeg+oNtEck0di3USX2D8o+tJVtdmecz
I0K2lyVs22SHZZTReif0HCmL2EKmYwq5QwVKWUrhTOpJRW2l0zggVb2kcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYgiYvM4+RESS6EiU8exdIApDTvMB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvUmlDSmk4emo1RVJKTG9TSlR4N0YwZ0NrTk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+pMMA0G
CSqGSIb3DQEBCwUAA4IBAQBoWm81LpUUvpQuguG3LhF5fEL4KCwRU45ZGg9rQUu5
e5DRJdCY5VaL8of855Ob5Hfl19dUyva5bDT7IDrllGL26j1j5JcdKzwfKOANd5TH
XYJLOcrxJ6m6I1QvjsWPvkyoVTr9W7iqRRiQjRW+n574a22UMygcBSOv6pw1Mvnx
BZaOZf525MlDFTqAhDpCg7SGeHmkwLYGBnjA1Q9MUmx230KowX7yiNi2lzZ9rjpJ
TPBZkI/ybAOq3XHxlDWpkb1xijP6LIpErviog4jxYKr4cnzXIZ5O8FYGN6NVnPj+
R98dCA6+c6aKChs5mX8IyZ+mrEfiThS7auL2mlMPX/rU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:51 2024 by rpki-client on console-ams.rpki-client.org