Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/o1rg9ol04UssAByRYuxv67FqJZo.roa
File: o1rg9ol04UssAByRYuxv67FqJZo.roa (raw, json)
Hash identifier: KxVwfPdhAZzaFpBhVt9dsLxJf9W26rSkd1CHgeezUpE=
Subject key identifier: A3:5A:E0:F6:89:74:E1:4B:2C:00:1C:91:62:EC:6F:EB:B1:6A:25:9A
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018C2296408AD33CDC9E29332BC96E1FC38E
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/o1rg9ol04UssAByRYuxv67FqJZo.roa
Signing time: Thu 30 Nov 2023 23:35:21 +0000
ROA not before: Thu 30 Nov 2023 23:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:22:96:40:8a:d3:3c:dc:9e:29:33:2b:c9:6e:1f:c3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Nov 30 23:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a35ae0f68974e14b2c001c9162ec6febb16a259a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3b:6d:1e:dc:e1:08:52:a4:49:cb:4a:99:80:
3e:b4:5f:4c:01:38:38:3b:f1:73:ab:f2:0b:b4:bc:
66:06:e4:21:78:d9:c9:d3:d5:60:7d:63:4f:27:ea:
58:ae:7a:47:3a:b8:39:23:2f:3e:d8:8d:82:61:27:
46:33:3d:3d:b1:6b:89:dc:d8:77:66:8e:6a:ff:b1:
93:36:da:37:c6:ba:4d:41:29:3a:a3:86:ce:1b:de:
7b:1c:00:87:21:12:de:d3:5f:9b:d2:25:19:27:1b:
ad:9d:ae:26:88:15:f9:c7:5f:2e:3e:e7:c2:9c:54:
de:89:5d:b5:ab:3f:50:fb:9d:57:f9:67:67:ba:d2:
ee:f7:c7:a0:80:6e:ea:29:ce:38:9d:ae:f5:0e:a3:
29:f2:e2:95:aa:86:bb:c4:cc:4d:bb:65:c7:9b:25:
95:a8:8b:d8:f2:23:a9:45:d0:95:f7:4e:ab:4d:07:
13:18:fb:6f:c2:c5:f8:82:50:d9:95:dd:b7:d8:23:
0d:d4:bb:59:a3:1d:12:3e:12:b7:02:e9:ec:37:b6:
25:39:da:fb:8c:78:06:5e:d3:72:ac:90:ef:6c:8f:
24:8d:43:2e:55:54:bf:f6:78:27:47:78:51:03:0e:
00:0a:3c:aa:1d:fb:ec:74:51:94:cd:a5:7e:48:7e:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:E0:F6:89:74:E1:4B:2C:00:1C:91:62:EC:6F:EB:B1:6A:25:9A
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/o1rg9ol04UssAByRYuxv67FqJZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:f6:85:86:ae:62:15:00:9f:fb:d0:e3:39:b0:17:6f:60:f5:
ac:42:a6:12:6b:1d:de:2e:18:8a:91:45:42:ad:5f:5a:a0:c7:
01:49:5f:b0:d7:05:f2:81:56:54:9f:df:e5:2f:e1:6c:ec:72:
a1:a5:55:2d:e6:a5:bb:cd:18:7f:15:6c:a4:f5:cf:ab:f2:0c:
10:92:33:0a:ac:2a:e3:8a:15:81:03:60:90:db:85:a0:40:8b:
13:35:49:82:ce:f9:43:2e:46:f6:4b:b6:c9:8c:cf:40:11:4c:
d4:62:64:e9:4c:22:24:65:49:6f:5e:00:cc:17:e2:de:2d:85:
b6:2d:4c:38:9d:da:99:e3:81:72:7e:ad:e8:9f:42:04:03:c8:
fa:bf:6b:6e:11:93:19:56:a1:24:a5:0d:c6:80:53:c7:b3:11:
b0:4a:c5:6a:70:e6:62:f7:57:c6:0d:c5:d4:80:7e:8e:83:a9:
a8:ef:a9:91:e7:0f:55:43:96:cd:a7:b5:5b:ef:ac:6a:a1:cb:
c4:a1:66:01:48:4a:77:41:15:e4:72:01:ac:1f:a7:6f:3f:d2:
5a:5c:d5:a6:4b:d0:73:f6:40:c7:67:15:bf:04:7b:be:01:e1:
d7:38:2c:b7:2c:cd:e5:d4:8a:96:2e:61:a9:c6:de:5d:5d:86:
75:ee:7b:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwilkCK0zzcnikzK8luH8OOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMTMwMjMzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVhZTBmNjg5NzRlMTRiMmMwMDFjOTE2MmVjNmZlYmIxNmEyNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzttHtzhCFKkSctKmYA+tF9MATg4
O/Fzq/ILtLxmBuQheNnJ09VgfWNPJ+pYrnpHOrg5Iy8+2I2CYSdGMz09sWuJ3Nh3
Zo5q/7GTNto3xrpNQSk6o4bOG957HACHIRLe01+b0iUZJxutna4miBX5x18uPufC
nFTeiV21qz9Q+51X+WdnutLu98eggG7qKc44na71DqMp8uKVqoa7xMxNu2XHmyWV
qIvY8iOpRdCV906rTQcTGPtvwsX4glDZld232CMN1LtZox0SPhK3AunsN7YlOdr7
jHgGXtNyrJDvbI8kjUMuVVS/9ngnR3hRAw4ACjyqHfvsdFGUzaV+SH4YYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKNa4PaJdOFLLAAckWLsb+uxaiWaMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvbzFyZzlvbDA0VXNzQUJ5Ull1eHY2N0ZxSlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwwV8MA0E
AgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQBv9oWGrmIVAJ/70OM5sBdv
YPWsQqYSax3eLhiKkUVCrV9aoMcBSV+w1wXygVZUn9/lL+Fs7HKhpVUt5qW7zRh/
FWyk9c+r8gwQkjMKrCrjihWBA2CQ24WgQIsTNUmCzvlDLkb2S7bJjM9AEUzUYmTp
TCIkZUlvXgDMF+LeLYW2LUw4ndqZ44Fyfq3on0IEA8j6v2tuEZMZVqEkpQ3GgFPH
sxGwSsVqcOZi91fGDcXUgH6Og6mo76mR5w9VQ5bNp7Vb76xqocvEoWYBSEp3QRXk
cgGsH6dvP9JaXNWmS9Bz9kDHZxW/BHu+AeHXOCy3LM3l1IqWLmGpxt5dXYZ17nsX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org