Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ka8EQx3m7W14BmBRI6ZKtOHsi_4.roa
File: Ka8EQx3m7W14BmBRI6ZKtOHsi_4.roa (raw, json)
Hash identifier: gZAVMr9aGwZ/boNreDMsMzOnyFZW++AuNQIkjgKT+S0=
Subject key identifier: 29:AF:04:43:1D:E6:ED:6D:78:06:60:51:23:A6:4A:B4:E1:EC:8B:FE
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0187037CDC1E082010A03055BCDFEAF85F5E
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ka8EQx3m7W14BmBRI6ZKtOHsi_4.roa
Signing time: Tue 21 Mar 2023 09:25:27 +0000
ROA not before: Tue 21 Mar 2023 09:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201976
IP address blocks: 195.53.40.0/24 maxlen: 24
195.53.40.0/23 maxlen: 23
195.53.41.0/24 maxlen: 24
195.53.43.0/24 maxlen: 24
195.53.42.0/23 maxlen: 23
195.53.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:7c:dc:1e:08:20:10:a0:30:55:bc:df:ea:f8:5f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 21 09:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29af04431de6ed6d7806605123a64ab4e1ec8bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b3:e8:57:59:24:ad:b1:e7:2b:66:98:37:10:
ec:34:81:83:4c:80:ca:8d:74:a8:08:f9:5e:18:9d:
37:99:69:49:4d:ce:c2:42:f1:46:7d:fd:c3:c4:e7:
5a:21:fd:c6:f1:98:3c:0e:21:27:a8:02:90:85:6e:
da:b0:eb:11:c6:06:69:a7:cf:9e:42:9d:0b:ab:80:
f4:87:62:30:94:5f:2b:6a:04:c1:ee:26:a6:80:99:
fb:97:6a:f8:0f:91:c0:68:f1:6e:cc:4e:dc:a5:11:
19:b8:0a:99:0b:6a:92:74:ee:53:af:be:28:68:e0:
9b:ab:f7:18:0c:28:fb:ed:d2:f4:97:1c:6a:12:73:
ab:1d:b1:51:48:84:d7:ca:67:c6:df:0b:b6:ad:be:
18:fb:90:42:52:f0:55:ff:60:28:e3:4e:74:0a:0c:
f0:f0:19:82:e6:6e:e2:aa:8e:42:23:72:51:66:47:
1f:10:3b:43:99:ed:49:25:7b:ea:c2:70:9c:f6:f0:
f6:63:76:62:ac:eb:44:fa:62:de:5b:36:bb:c0:7a:
7e:94:c1:23:eb:74:00:54:f2:6a:b4:39:44:d2:dd:
5f:a8:fc:27:78:f9:b3:a0:e1:96:d3:e8:b4:cc:39:
cb:50:f8:95:4e:0e:41:6e:38:27:98:42:de:de:58:
2c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AF:04:43:1D:E6:ED:6D:78:06:60:51:23:A6:4A:B4:E1:EC:8B:FE
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ka8EQx3m7W14BmBRI6ZKtOHsi_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:1d:c1:4a:0f:d7:16:f5:6f:08:9b:62:b4:14:e4:d4:48:45:
d9:68:7b:78:f8:f1:a3:b1:b1:42:5f:14:9e:d1:2f:ce:d9:44:
e7:f4:d2:be:19:18:4b:41:02:e5:4c:e8:67:b9:78:04:7b:37:
c3:5f:eb:8c:17:d6:8d:9c:67:8b:a4:a2:45:d1:91:da:a6:62:
ad:89:65:5e:00:17:80:33:1f:04:ca:e1:3e:34:3a:dc:e0:63:
47:f5:8e:25:e4:a2:f9:39:bd:87:24:e4:74:1e:d6:14:28:75:
7d:e0:a2:24:fe:d4:1e:b5:54:88:08:3d:4e:43:22:c3:1b:7f:
be:fe:c1:3d:37:35:2f:96:01:9c:60:eb:6d:da:56:f7:2b:3e:
af:34:45:4a:61:d0:2c:9d:08:c9:25:9f:e1:08:13:fd:5e:52:
22:22:74:60:73:6b:b6:01:a5:44:0d:b9:1b:dc:df:1e:6a:9b:
b5:e3:57:a9:19:b1:67:88:a6:e1:8b:96:4d:2a:da:8b:83:c2:
7f:9d:0a:5b:e4:ba:86:83:92:04:42:53:74:9c:37:7f:42:bc:
64:b2:fb:80:b3:a4:dd:44:2f:36:ce:23:24:75:25:a1:54:56:
36:f0:47:1f:3e:a6:ef:94:d2:0d:a4:2f:27:25:b3:c9:7e:5c:
c6:ec:47:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcDfNweCCAQoDBVvN/q+F9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzIxMDkyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFmMDQ0MzFkZTZlZDZkNzgwNjYwNTEyM2E2NGFiNGUxZWM4YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLPoV1kkrbHnK2aYNxDsNIGDTIDK
jXSoCPleGJ03mWlJTc7CQvFGff3DxOdaIf3G8Zg8DiEnqAKQhW7asOsRxgZpp8+e
Qp0Lq4D0h2IwlF8ragTB7iamgJn7l2r4D5HAaPFuzE7cpREZuAqZC2qSdO5Tr74o
aOCbq/cYDCj77dL0lxxqEnOrHbFRSITXymfG3wu2rb4Y+5BCUvBV/2Ao4050Cgzw
8BmC5m7iqo5CI3JRZkcfEDtDme1JJXvqwnCc9vD2Y3ZirOtE+mLeWza7wHp+lMEj
63QAVPJqtDlE0t1fqPwnePmzoOGW0+i0zDnLUPiVTg5BbjgnmELe3lgsXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmvBEMd5u1teAZgUSOmSrTh7Iv+MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvS2E4RVF4M203VzE0Qm1CUkk2Wkt0T0hzaV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzUoMA0G
CSqGSIb3DQEBCwUAA4IBAQCKHcFKD9cW9W8Im2K0FOTUSEXZaHt4+PGjsbFCXxSe
0S/O2UTn9NK+GRhLQQLlTOhnuXgEezfDX+uMF9aNnGeLpKJF0ZHapmKtiWVeABeA
Mx8EyuE+NDrc4GNH9Y4l5KL5Ob2HJOR0HtYUKHV94KIk/tQetVSICD1OQyLDG3++
/sE9NzUvlgGcYOtt2lb3Kz6vNEVKYdAsnQjJJZ/hCBP9XlIiInRgc2u2AaVEDbkb
3N8eapu141epGbFniKbhi5ZNKtqLg8J/nQpb5LqGg5IEQlN0nDd/QrxksvuAs6Td
RC82ziMkdSWhVFY28EcfPqbvlNINpC8nJbPJflzG7Efl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:13 2024 by rpki-client on console-ams.rpki-client.org