Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0k4qT5rys3a3S0cdTO81UWlC5Kw.roa
File: 0k4qT5rys3a3S0cdTO81UWlC5Kw.roa (raw, json)
Hash identifier: Okqf4/6Kq+c6r2UxDiKxAMbSxA7EUMnXDJ6KWhxapgI=
Subject key identifier: D2:4E:2A:4F:9A:F2:B3:76:B7:4B:47:1D:4C:EF:35:51:69:42:E4:AC
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 0185700282236B45FDEF4376EAE117C9E9D9
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0k4qT5rys3a3S0cdTO81UWlC5Kw.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43331
IP address blocks: 195.87.212.0/22 maxlen: 22
195.87.237.0/24 maxlen: 24
195.87.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:82:23:6b:45:fd:ef:43:76:ea:e1:17:c9:e9:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d24e2a4f9af2b376b74b471d4cef35516942e4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:36:38:7e:66:fa:0b:d0:08:9c:d4:3f:9e:
6b:b1:b1:5c:d6:99:3b:1c:49:5a:48:c4:ca:95:f0:
1e:c7:13:9d:52:9f:12:15:78:bc:ee:90:58:18:02:
b5:c6:fc:fe:79:37:67:84:8e:88:b3:1a:8a:2b:49:
1b:4f:5e:16:83:d1:b3:39:ac:7e:7c:06:80:69:18:
61:f3:6a:6c:76:d4:b0:ea:ad:be:ff:74:24:a6:01:
d3:ab:22:5e:33:d1:2c:9f:ef:f8:43:0a:7c:38:66:
c9:ed:0f:56:d3:09:83:f0:62:fa:bb:7a:97:29:58:
e1:73:7e:66:5f:f3:86:81:eb:26:df:02:e1:53:0e:
96:ab:cd:50:92:b8:9f:84:42:84:3d:b1:7e:fe:11:
eb:ba:5b:83:39:e1:0a:a8:f8:c0:d9:31:f8:4e:ae:
79:b9:9c:fa:79:c3:b0:0d:c8:fa:5a:e1:ab:19:55:
4b:2d:77:8b:d0:2f:33:7e:3c:5b:a9:0f:d7:70:73:
2d:4d:b8:ca:1a:46:1e:16:e8:4d:3f:81:f9:2a:5e:
69:29:76:41:a3:71:20:91:22:b2:ae:2e:83:85:a2:
a5:f9:f1:ac:bd:9d:22:c2:d3:cf:be:18:c4:f4:26:
11:50:83:24:4d:ce:d8:b3:e6:41:02:e0:0e:f5:46:
2e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4E:2A:4F:9A:F2:B3:76:B7:4B:47:1D:4C:EF:35:51:69:42:E4:AC
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0k4qT5rys3a3S0cdTO81UWlC5Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.87.22.0/24
195.87.212.0/22
195.87.237.0/24
Signature Algorithm: sha256WithRSAEncryption
82:36:bd:1b:22:b2:c6:c3:c1:17:eb:1b:a7:e3:e4:f3:91:9e:
82:ce:92:98:b5:5a:ee:5d:e3:25:8d:3b:fc:88:4f:24:1b:5d:
c7:7f:fb:10:5f:dd:30:9b:21:72:a9:6f:12:ff:f1:ee:64:f1:
73:16:3c:0e:e4:a2:96:2a:5f:b3:1c:d7:af:16:bb:ed:1a:19:
c5:a0:9d:cf:c5:53:f0:79:7d:cc:9c:35:24:93:ed:88:8d:e3:
89:d8:55:08:b5:68:52:94:07:fc:e2:55:e9:21:80:3f:a4:a3:
de:30:85:f2:20:46:29:30:c0:c3:a7:f7:14:71:40:04:31:ca:
a7:c1:87:ff:1a:2a:74:fd:e6:84:6e:61:fb:5e:96:e9:c7:60:
f5:82:0d:ca:10:89:39:97:58:7c:75:3a:03:b9:36:ed:1e:0c:
ad:bb:87:ca:ab:a5:f5:be:7e:17:06:b9:4f:84:eb:36:23:35:
77:dd:50:fe:67:b2:e4:6c:1e:cc:49:91:c2:a7:53:db:fd:6d:
4f:23:e6:92:45:f6:c5:51:9a:75:f4:69:13:ee:24:f6:e5:02:
c3:d6:61:65:2c:8f:dd:57:84:4b:87:df:00:b8:e9:b2:e8:f8:
80:c6:4c:d5:9d:25:d1:ff:5c:0b:5c:62:14:5f:90:ff:22:ce:
39:d8:9b:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwAoIja0X970N26uEXyenZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjRlMmE0ZjlhZjJiMzc2Yjc0YjQ3MWQ0Y2VmMzU1MTY5NDJlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqQ2OH5m+gvQCJzUP55rsbFc1pk7
HElaSMTKlfAexxOdUp8SFXi87pBYGAK1xvz+eTdnhI6IsxqKK0kbT14Wg9GzOax+
fAaAaRhh82psdtSw6q2+/3QkpgHTqyJeM9Esn+/4Qwp8OGbJ7Q9W0wmD8GL6u3qX
KVjhc35mX/OGgesm3wLhUw6Wq81QkrifhEKEPbF+/hHruluDOeEKqPjA2TH4Tq55
uZz6ecOwDcj6WuGrGVVLLXeL0C8zfjxbqQ/XcHMtTbjKGkYeFuhNP4H5Kl5pKXZB
o3EgkSKyri6DhaKl+fGsvZ0iwtPPvhjE9CYRUIMkTc7Ys+ZBAuAO9UYuAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJOKk+a8rN2t0tHHUzvNVFpQuSsMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvMGs0cVQ1cnlzM2EzUzBjZFRPODFVV2xDNUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw1cWAwQC
w1fUAwQAw1ftMA0GCSqGSIb3DQEBCwUAA4IBAQCCNr0bIrLGw8EX6xun4+TzkZ6C
zpKYtVruXeMljTv8iE8kG13Hf/sQX90wmyFyqW8S//HuZPFzFjwO5KKWKl+zHNev
FrvtGhnFoJ3PxVPweX3MnDUkk+2IjeOJ2FUItWhSlAf84lXpIYA/pKPeMIXyIEYp
MMDDp/cUcUAEMcqnwYf/Gip0/eaEbmH7Xpbpx2D1gg3KEIk5l1h8dToDuTbtHgyt
u4fKq6X1vn4XBrlPhOs2IzV33VD+Z7LkbB7MSZHCp1Pb/W1PI+aSRfbFUZp19GkT
7iT25QLD1mFlLI/dV4RLh98AuOmy6PiAxkzVnSXR/1wLXGIUX5D/Is452JtO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org