Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/KWPhk-cNGJ0MGH3ok4a1llpbzHw.roa
File: KWPhk-cNGJ0MGH3ok4a1llpbzHw.roa (raw, json)
Hash identifier: Wn//jcx33VYNWSaZTrsFiylu/UDoV4p+z1wjyIbRVF8=
Subject key identifier: 29:63:E1:93:E7:0D:18:9D:0C:18:7D:E8:93:86:B5:96:5A:5B:CC:7C
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018C2291AE9C419602200D038137685BE023
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/KWPhk-cNGJ0MGH3ok4a1llpbzHw.roa
Signing time: Thu 30 Nov 2023 23:30:21 +0000
ROA not before: Thu 30 Nov 2023 23:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216050
IP address blocks: 195.222.124.0/24 maxlen: 24
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:22:91:ae:9c:41:96:02:20:0d:03:81:37:68:5b:e0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Nov 30 23:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2963e193e70d189d0c187de89386b5965a5bcc7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:28:ed:39:44:1c:91:3c:50:70:a6:ab:12:49:
77:63:6d:ef:e1:c3:b5:a9:57:4f:fa:15:af:0c:a3:
c9:78:20:b0:01:1f:20:75:6e:e0:3e:d3:d6:6e:5a:
13:d9:63:1d:97:49:ed:82:a5:3f:cc:77:ef:75:86:
e4:72:15:49:cc:41:52:ea:57:62:92:8e:aa:a7:cf:
cd:d0:f5:99:fa:8c:8d:6e:33:87:c1:00:c1:22:44:
0b:89:48:50:1e:be:24:39:25:f7:8d:63:d6:c3:a3:
5b:68:40:cc:14:26:fa:b8:99:62:f3:b3:9e:a9:37:
ad:03:9d:2e:41:48:33:aa:88:de:1e:14:f1:60:8d:
86:c4:ae:4c:a4:b1:b2:ca:6d:eb:7f:bb:85:19:45:
ec:31:93:3d:75:01:3f:54:71:00:bd:bd:d3:f4:de:
b7:16:b6:08:7e:dd:15:a5:bd:96:01:7f:7c:80:65:
a8:3f:c8:62:20:9e:ac:88:44:86:26:2c:55:74:c7:
e7:de:e2:a1:8b:a3:6f:eb:07:4a:20:12:f0:fc:fd:
84:0b:07:08:d5:f2:8f:64:d3:52:44:3b:cf:71:2e:
87:d1:2a:07:96:38:0b:72:a3:0b:26:78:3d:ea:23:
19:b9:d9:ae:b7:c8:ef:46:53:c7:2c:75:88:77:d9:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:63:E1:93:E7:0D:18:9D:0C:18:7D:E8:93:86:B5:96:5A:5B:CC:7C
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/KWPhk-cNGJ0MGH3ok4a1llpbzHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.222.124.0-195.222.126.255
Signature Algorithm: sha256WithRSAEncryption
26:09:9c:62:6f:1c:6b:6b:c4:3e:53:54:45:36:f0:90:ea:e9:
71:b9:54:0b:7d:8f:72:20:6a:47:0c:7b:09:f8:46:d7:2b:64:
f9:ff:b5:25:dc:dc:f7:40:e5:e9:43:0b:75:44:75:2a:12:29:
2b:e1:ad:0e:92:d6:e2:1c:2c:bb:1f:44:4a:f8:1a:82:68:b7:
f8:b6:cf:73:03:b1:c5:e0:03:fd:ba:91:df:65:2b:64:0c:01:
08:bf:6b:19:9a:bf:83:44:6d:8d:36:62:76:1d:25:8c:4f:6e:
0e:b0:ef:d7:ec:e9:83:45:5f:9d:dc:da:9e:85:9f:64:d3:ab:
73:0f:ba:5d:db:a8:22:4c:6c:57:5e:20:f5:2a:41:3e:b0:a9:
e8:90:ce:11:31:09:df:e9:9a:f8:20:f1:c0:b3:f3:fd:4c:d7:
9c:d0:4d:26:0e:7b:3f:0a:93:9a:35:2d:33:6c:d2:1b:86:19:
42:11:e2:3b:8f:fb:b5:15:c5:d9:4d:d1:de:ea:4b:b2:27:97:
64:8d:85:b2:8b:2c:56:54:1b:73:c1:3d:6d:4e:b8:34:42:9a:
cc:61:30:e4:16:5f:dc:8c:b8:a9:1a:15:f2:c4:10:56:70:14:
65:38:43:2a:2f:79:14:4f:8c:7b:82:3b:95:53:85:50:2a:62:
b7:ac:78:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYwika6cQZYCIA0DgTdoW+AjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMTMwMjMzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYzZTE5M2U3MGQxODlkMGMxODdkZTg5Mzg2YjU5NjVhNWJjYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCjtOUQckTxQcKarEkl3Y23v4cO1
qVdP+hWvDKPJeCCwAR8gdW7gPtPWbloT2WMdl0ntgqU/zHfvdYbkchVJzEFS6ldi
ko6qp8/N0PWZ+oyNbjOHwQDBIkQLiUhQHr4kOSX3jWPWw6NbaEDMFCb6uJli87Oe
qTetA50uQUgzqojeHhTxYI2GxK5MpLGyym3rf7uFGUXsMZM9dQE/VHEAvb3T9N63
FrYIft0Vpb2WAX98gGWoP8hiIJ6siESGJixVdMfn3uKhi6Nv6wdKIBLw/P2ECwcI
1fKPZNNSRDvPcS6H0SoHljgLcqMLJng96iMZudmut8jvRlPHLHWId9lVjQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFClj4ZPnDRidDBh96JOGtZZaW8x8MB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvS1dQaGstY05HSjBNR0gzb2s0YTFsbHBiekh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALD3nwD
BADD3n4wDQYJKoZIhvcNAQELBQADggEBACYJnGJvHGtrxD5TVEU28JDq6XG5VAt9
j3IgakcMewn4RtcrZPn/tSXc3PdA5elDC3VEdSoSKSvhrQ6S1uIcLLsfREr4GoJo
t/i2z3MDscXgA/26kd9lK2QMAQi/axmav4NEbY02YnYdJYxPbg6w79fs6YNFX53c
2p6Fn2TTq3MPul3bqCJMbFdeIPUqQT6wqeiQzhExCd/pmvgg8cCz8/1M15zQTSYO
ez8Kk5o1LTNs0huGGUIR4juP+7UVxdlN0d7qS7Inl2SNhbKLLFZUG3PBPW1OuDRC
msxhMOQWX9yMuKkaFfLEEFZwFGU4QyoveRRPjHuCO5VThVAqYreseBw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org