Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/Z8cChkJdSPCDS7aon6LJWCEUZmg.roa
File: Z8cChkJdSPCDS7aon6LJWCEUZmg.roa (raw, json)
Hash identifier: UAk1nCsbW7JKIHVGYC28zNeP6d1qpxa8fqEHSuxhw8A=
Subject key identifier: 67:C7:02:86:42:5D:48:F0:83:4B:B6:A8:9F:A2:C9:58:21:14:66:68
Certificate issuer: /CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Certificate serial: 018CC56E2EE7DB9430E54D388405BF10372E
Authority key identifier: F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/Z8cChkJdSPCDS7aon6LJWCEUZmg.roa
Signing time: Mon 01 Jan 2024 14:29:41 +0000
ROA not before: Mon 01 Jan 2024 14:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204300
IP address blocks: 195.225.128.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 23 Nov 2024 11:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2e:e7:db:94:30:e5:4d:38:84:05:bf:10:37:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Validity
Not Before: Jan 1 14:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c70286425d48f0834bb6a89fa2c95821146668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:3e:9e:ed:6e:d7:66:49:fc:aa:a7:3f:0a:
0d:ab:32:36:d2:db:04:50:d2:e3:b7:fd:ee:a8:c4:
25:ed:5c:0a:54:cb:1d:1e:1f:f3:7b:f5:92:b6:90:
63:39:66:46:ef:76:22:ae:3e:4f:4a:a9:59:ec:92:
9a:43:4e:29:a5:6a:8d:c9:86:9f:a7:b3:36:48:d5:
8c:cc:7b:1a:4f:f1:ce:05:d7:c6:fd:c9:7d:e2:65:
63:80:e5:1f:09:d5:13:48:4c:19:f0:06:f5:1e:69:
10:5d:44:1c:e2:d8:9c:4c:85:40:5a:cb:3f:f5:9a:
43:85:e6:43:07:e3:48:fc:0c:bb:f4:05:63:46:d7:
c1:60:93:99:f1:a2:2a:23:08:75:71:0f:89:85:4c:
d5:d2:7a:d4:43:c7:a3:83:08:23:16:d0:45:5c:21:
b0:e2:29:89:98:ac:35:7f:f8:73:be:a0:50:aa:c2:
3f:07:b3:a3:11:88:ca:82:b4:5f:71:0c:52:03:32:
05:48:e7:21:d2:98:74:ae:d7:18:5b:ca:7a:aa:06:
d9:5a:ea:ce:f0:9e:0e:c5:8f:b5:92:67:67:e7:5d:
6b:32:af:49:95:5e:9f:62:0c:67:b6:aa:47:93:4a:
9f:e1:37:26:82:53:3d:5e:55:ee:73:de:cf:6b:c9:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C7:02:86:42:5D:48:F0:83:4B:B6:A8:9F:A2:C9:58:21:14:66:68
X509v3 Authority Key Identifier:
keyid:F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/Z8cChkJdSPCDS7aon6LJWCEUZmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/9EDl66L4v8j-j-VsyIpCiWUjkLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.128.0/23
Signature Algorithm: sha256WithRSAEncryption
39:64:34:7b:33:8c:3f:e1:3d:84:2b:cd:df:78:64:b6:06:03:
ee:87:8e:4a:66:a4:4b:34:3e:cc:c9:05:3d:3a:e6:60:e4:11:
f5:d9:1f:55:9d:f8:fb:48:97:bb:43:10:2f:f4:c3:ce:c8:db:
d3:97:1f:ac:86:0e:39:bf:29:44:cd:2b:2d:a9:32:17:c8:6c:
55:f0:36:a5:77:b4:63:35:18:aa:e4:ed:a9:85:2c:a9:90:61:
2f:08:90:97:59:b9:e4:9c:23:cf:6d:65:20:37:1b:18:e8:c4:
5f:05:45:aa:21:1a:06:29:e0:46:c5:33:4e:1b:7a:c5:cf:13:
27:9c:48:a2:fd:c0:8a:41:e4:ca:58:8a:b3:86:4f:60:a9:00:
30:88:cd:4f:f5:d1:fa:51:61:6b:05:89:ce:ed:af:89:e4:58:
c7:90:34:a6:9e:03:e7:ba:a2:f8:8a:1c:21:70:61:01:fa:f4:
8c:f2:a7:22:62:af:b4:41:58:e6:de:d0:2f:46:a4:14:d4:eb:
b9:e3:11:06:e0:95:0a:ce:15:16:87:19:b7:d2:bb:b4:bb:fd:
74:94:f3:96:08:9f:21:e9:d6:ba:32:68:c7:b7:58:eb:dd:a0:
15:20:5d:3f:95:a3:41:5e:c0:d8:00:0b:bf:c4:c3:47:bb:c0:
9f:5c:a9:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbi7n25Qw5U04hAW/EDcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDBlNWViYTJmOGJmYzhmZThmZTU2Y2M4OGE0Mjg5NjUy
MzkwYmEwHhcNMjQwMTAxMTQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2M3MDI4NjQyNWQ0OGYwODM0YmI2YTg5ZmEyYzk1ODIxMTQ2NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Yk+nu1u12ZJ/KqnPwoNqzI20tsE
UNLjt/3uqMQl7VwKVMsdHh/ze/WStpBjOWZG73Yirj5PSqlZ7JKaQ04ppWqNyYaf
p7M2SNWMzHsaT/HOBdfG/cl94mVjgOUfCdUTSEwZ8Ab1HmkQXUQc4ticTIVAWss/
9ZpDheZDB+NI/Ay79AVjRtfBYJOZ8aIqIwh1cQ+JhUzV0nrUQ8ejgwgjFtBFXCGw
4imJmKw1f/hzvqBQqsI/B7OjEYjKgrRfcQxSAzIFSOch0ph0rtcYW8p6qgbZWurO
8J4OxY+1kmdn511rMq9JlV6fYgxntqpHk0qf4TcmglM9XlXuc97Pa8m4RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfHAoZCXUjwg0u2qJ+iyVghFGZoMB8GA1UdIwQY
MBaAFPRA5eui+L/I/o/lbMiKQollI5C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2Yt
MDBiOTJjMWMxZWY0LzEvWjhjQ2hrSmRTUENEUzdhb242TEpXQ0VVWm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2YtMDBiOTJjMWMxZWY0
LzEvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+GAMA0G
CSqGSIb3DQEBCwUAA4IBAQA5ZDR7M4w/4T2EK83feGS2BgPuh45KZqRLND7MyQU9
OuZg5BH12R9Vnfj7SJe7QxAv9MPOyNvTlx+shg45vylEzSstqTIXyGxV8Dald7Rj
NRiq5O2phSypkGEvCJCXWbnknCPPbWUgNxsY6MRfBUWqIRoGKeBGxTNOG3rFzxMn
nEii/cCKQeTKWIqzhk9gqQAwiM1P9dH6UWFrBYnO7a+J5FjHkDSmngPnuqL4ihwh
cGEB+vSM8qciYq+0QVjm3tAvRqQU1Ou54xEG4JUKzhUWhxm30ru0u/10lPOWCJ8h
6da6MmjHt1jr3aAVIF0/laNBXsDYAAu/xMNHu8CfXKkx
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:56:46 2024 by rpki-client on console-ams.rpki-client.org