Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/9T3Kbnd0oN41l61eIYypb7x0M4I.roa
File: 9T3Kbnd0oN41l61eIYypb7x0M4I.roa (raw, json)
Hash identifier: jfTYhwVVaPVEWSZwpcaa6AB7Z9kFozqKQayXDHdIxOo=
Subject key identifier: F5:3D:CA:6E:77:74:A0:DE:35:97:AD:5E:21:8C:A9:6F:BC:74:33:82
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018BA64CD8BA6EA6FB0F5401016A4D7C815C
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/9T3Kbnd0oN41l61eIYypb7x0M4I.roa
Signing time: Mon 06 Nov 2023 20:22:15 +0000
ROA not before: Mon 06 Nov 2023 20:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.222.124.0/22 maxlen: 22
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Nov 2023 22:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:4c:d8:ba:6e:a6:fb:0f:54:01:01:6a:4d:7c:81:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Nov 6 20:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f53dca6e7774a0de3597ad5e218ca96fbc743382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:f3:a5:58:38:8a:a9:05:05:b8:55:9a:be:
02:7a:2e:ad:c9:ca:02:9e:92:87:dd:b2:e8:ec:c7:
8c:5a:fd:c6:e7:a9:02:fd:15:e1:5c:d6:22:9a:67:
ab:01:4c:92:53:bc:a7:9d:8f:0b:7e:ed:dd:1d:a2:
dc:d7:2c:24:7c:e9:a2:4d:18:6d:0b:f3:0f:3a:82:
f5:20:bc:42:63:1e:38:a6:c0:34:76:af:1d:4e:86:
60:4f:96:f1:0a:6b:7a:ca:c5:05:29:e1:4d:ef:3b:
27:8b:d5:b8:48:82:a5:ec:f9:64:29:e0:e5:b8:90:
45:c9:a0:a7:ea:b5:67:a2:6d:a6:b3:22:cf:0b:ff:
ff:d9:70:6b:26:70:e3:5a:4f:c0:6c:45:f4:0c:2a:
6d:72:69:04:f2:85:ba:6e:ce:72:17:e2:9d:96:bb:
8c:1e:57:4e:d1:3a:ca:20:a3:0f:cd:d9:be:71:21:
36:f9:77:06:63:b8:a4:bb:a2:d4:a7:44:c5:ee:4b:
74:c2:71:53:5b:7f:66:3c:13:e8:d6:12:d5:24:64:
de:bf:46:d6:b4:29:8b:a9:23:c1:3b:75:18:fd:b4:
81:ba:62:a8:5b:75:63:d2:ed:17:ef:25:07:d4:bc:
a1:ad:c5:80:ed:5b:e9:37:88:1f:3f:5c:ed:21:f1:
42:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3D:CA:6E:77:74:A0:DE:35:97:AD:5E:21:8C:A9:6F:BC:74:33:82
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/9T3Kbnd0oN41l61eIYypb7x0M4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
97:2c:b0:ef:2d:cf:ea:82:11:b8:a1:67:09:3d:a1:21:da:21:
36:b5:08:9c:29:91:58:0f:f0:a4:be:92:56:ea:0b:e6:52:f1:
fa:d4:b1:3c:ec:cd:7e:6e:6a:b4:d8:3f:25:a2:61:b0:05:d9:
66:07:3c:d6:ed:37:f1:c5:1e:66:ea:c2:38:da:0c:24:2b:4c:
8e:47:ca:72:08:29:10:0a:90:75:1f:37:19:a2:ea:49:04:c7:
94:c0:93:f7:ac:f6:ac:82:d0:59:60:bc:24:bb:9e:fa:43:f1:
df:1b:44:56:77:6b:0f:29:30:1a:02:cd:f4:fc:62:00:de:68:
31:91:eb:7d:fc:0d:9f:31:ab:2e:84:d6:54:a9:ed:81:5e:b1:
f8:e8:fc:10:2f:7e:58:6c:90:f3:b6:11:4d:46:e6:38:5f:54:
01:53:2f:ad:a5:b7:e1:79:80:7c:e4:16:61:7a:b0:0f:2b:5b:
25:a7:47:be:57:42:84:a8:e9:4c:6e:58:9c:0e:34:36:38:4b:
9a:d0:00:16:a6:56:20:d9:69:d4:16:d9:95:9a:d8:f5:c7:49:
d1:3b:cf:bc:bc:f7:58:7e:38:37:4f:18:29:27:66:7a:87:6f:
13:cf:be:1c:ab:b8:24:4a:c7:6c:15:e8:72:0c:eb:06:9c:04:
ed:b6:d2:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYumTNi6bqb7D1QBAWpNfIFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMTA2MjAyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNkY2E2ZTc3NzRhMGRlMzU5N2FkNWUyMThjYTk2ZmJjNzQzMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDrzpVg4iqkFBbhVmr4Cei6tycoC
npKH3bLo7MeMWv3G56kC/RXhXNYimmerAUySU7ynnY8Lfu3dHaLc1ywkfOmiTRht
C/MPOoL1ILxCYx44psA0dq8dToZgT5bxCmt6ysUFKeFN7zsni9W4SIKl7PlkKeDl
uJBFyaCn6rVnom2msyLPC///2XBrJnDjWk/AbEX0DCptcmkE8oW6bs5yF+KdlruM
HldO0TrKIKMPzdm+cSE2+XcGY7iku6LUp0TF7kt0wnFTW39mPBPo1hLVJGTev0bW
tCmLqSPBO3UY/bSBumKoW3Vj0u0X7yUH1LyhrcWA7VvpN4gfP1ztIfFCZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPU9ym53dKDeNZetXiGMqW+8dDOCMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvOVQzS2JuZDBvTjQxbDYxZUlZeXBiN3gwTTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwwV8AwQC
w958MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQCXLLDvLc/qghG4
oWcJPaEh2iE2tQicKZFYD/CkvpJW6gvmUvH61LE87M1+bmq02D8lomGwBdlmBzzW
7TfxxR5m6sI42gwkK0yOR8pyCCkQCpB1HzcZoupJBMeUwJP3rPasgtBZYLwku576
Q/HfG0RWd2sPKTAaAs30/GIA3mgxket9/A2fMasuhNZUqe2BXrH46PwQL35YbJDz
thFNRuY4X1QBUy+tpbfheYB85BZherAPK1slp0e+V0KEqOlMblicDjQ2OEua0AAW
plYg2WnUFtmVmtj1x0nRO8+8vPdYfjg3TxgpJ2Z6h28Tz74cq7gkSsdsFehyDOsG
nATtttJB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org