Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/pEOJnnQiKb6qOdYP4iowJc06bEg.roa
File: pEOJnnQiKb6qOdYP4iowJc06bEg.roa (raw, json)
Hash identifier: fLaZo7YBr6wceW5efHc6atpn2w5k+3W1aUN5fgPnhT0=
Subject key identifier: A4:43:89:9E:74:22:29:BE:AA:39:D6:0F:E2:2A:30:25:CD:3A:6C:48
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018CC64B68C683602E8CF0DBF0005D5981FF
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/pEOJnnQiKb6qOdYP4iowJc06bEg.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39130
IP address blocks: 195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 09 May 2024 16:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:68:c6:83:60:2e:8c:f0:db:f0:00:5d:59:81:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a443899e742229beaa39d60fe22a3025cd3a6c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:01:c5:d7:c6:23:b9:1a:28:84:b1:b0:4d:92:
44:94:e2:fc:9b:37:4a:93:c3:29:40:f3:21:51:ef:
60:a7:1f:4f:cd:2a:28:16:1f:95:1f:15:7e:a4:ba:
38:46:7a:0b:2e:ce:89:aa:c1:54:4f:cf:93:d8:fc:
d9:52:1d:c2:3e:3b:81:49:79:ad:e9:14:5a:78:bb:
ac:0f:77:4a:5b:2a:98:78:01:e6:e3:ff:ae:e4:a2:
bb:ad:9b:1e:f7:ab:4c:53:58:c9:84:22:43:36:08:
f8:dd:47:81:ad:3d:41:74:98:2d:dc:ae:06:f8:4b:
12:44:20:be:28:ef:05:80:e7:86:27:de:d2:da:c1:
75:1d:05:8f:17:20:18:cb:20:55:fb:0f:3f:8e:19:
5d:6e:17:52:48:e1:70:d8:5b:26:41:b2:07:b5:07:
a9:6b:24:5d:fd:bd:f9:bb:a9:80:47:44:88:82:bc:
72:26:73:8e:df:e8:5e:8b:e8:e3:51:ef:a1:02:9e:
61:ec:a7:f2:8a:af:75:dc:35:f0:be:8e:b1:35:fa:
03:f1:6b:e6:90:ad:4f:49:44:2c:b5:e9:48:54:b3:
7f:9d:c4:99:14:e2:ab:8c:23:95:a9:27:1b:b5:23:
39:82:68:99:d5:18:23:1c:ca:91:e1:96:ae:4a:c7:
4c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:43:89:9E:74:22:29:BE:AA:39:D6:0F:E2:2A:30:25:CD:3A:6C:48
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/pEOJnnQiKb6qOdYP4iowJc06bEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
28:73:78:4b:43:4e:40:4c:e1:0f:10:02:e3:b0:dc:d9:ca:45:
ef:15:78:a8:a7:d5:1a:d3:22:ad:45:49:e6:9c:b6:29:7e:56:
c6:47:07:c5:65:a1:b9:89:df:63:e3:1d:6e:35:08:48:b6:4b:
67:11:59:54:6f:96:7a:b2:13:55:cc:1b:5a:9b:a3:a0:87:96:
ac:17:05:65:17:64:2d:2c:2b:2b:3e:a2:e4:5f:12:4d:62:0e:
6f:de:e3:e3:3c:a0:37:17:3d:f4:ec:74:06:7c:6b:52:0f:e4:
ef:9c:cd:9b:8f:9e:77:fc:5b:a1:e8:c3:d0:ef:cd:55:45:ca:
bd:58:37:ac:d8:db:6f:22:33:ac:2f:8c:5f:51:fb:75:c4:81:
91:8d:0c:c7:3d:a5:ff:ae:90:c0:06:36:4e:4a:8f:1d:ef:59:
91:eb:ff:18:ad:75:a7:3d:65:63:23:e8:32:b0:91:db:38:27:
c3:87:57:08:fb:5b:44:6d:c8:cb:85:0e:2c:07:59:95:db:55:
23:6d:bf:5a:05:9c:b6:c3:5a:8e:5a:e8:c6:97:f6:4f:0f:0b:
e7:2c:5e:e0:73:53:2b:e4:56:5e:9d:8f:3d:77:a6:d8:1b:d5:
90:e0:7b:36:20:22:68:a2:1c:85:4b:0e:bc:9f:5d:6a:6c:eb:
73:49:fe:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS2jGg2AujPDb8ABdWYH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQzODk5ZTc0MjIyOWJlYWEzOWQ2MGZlMjJhMzAyNWNkM2E2YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gHF18YjuRoohLGwTZJElOL8mzdK
k8MpQPMhUe9gpx9PzSooFh+VHxV+pLo4RnoLLs6JqsFUT8+T2PzZUh3CPjuBSXmt
6RRaeLusD3dKWyqYeAHm4/+u5KK7rZse96tMU1jJhCJDNgj43UeBrT1BdJgt3K4G
+EsSRCC+KO8FgOeGJ97S2sF1HQWPFyAYyyBV+w8/jhldbhdSSOFw2FsmQbIHtQep
ayRd/b35u6mAR0SIgrxyJnOO3+hei+jjUe+hAp5h7Kfyiq913DXwvo6xNfoD8Wvm
kK1PSUQstelIVLN/ncSZFOKrjCOVqScbtSM5gmiZ1RgjHMqR4ZauSsdMBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKRDiZ50Iim+qjnWD+IqMCXNOmxIMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvcEVPSm5uUWlLYjZxT2RZUDRpb3dKYzA2YkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwwV8MA0E
AgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQAoc3hLQ05ATOEPEALjsNzZ
ykXvFXiop9Ua0yKtRUnmnLYpflbGRwfFZaG5id9j4x1uNQhItktnEVlUb5Z6shNV
zBtam6Ogh5asFwVlF2QtLCsrPqLkXxJNYg5v3uPjPKA3Fz307HQGfGtSD+TvnM2b
j553/Fuh6MPQ781VRcq9WDes2NtvIjOsL4xfUft1xIGRjQzHPaX/rpDABjZOSo8d
71mR6/8YrXWnPWVjI+gysJHbOCfDh1cI+1tEbcjLhQ4sB1mV21Ujbb9aBZy2w1qO
WujGl/ZPDwvnLF7gc1Mr5FZenY89d6bYG9WQ4Hs2ICJoohyFSw68n11qbOtzSf5K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org