Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/So3HqrMWxfWtnbGN71BpDSqwfYY.roa
File: So3HqrMWxfWtnbGN71BpDSqwfYY.roa (raw, json)
Hash identifier: Pbp4t7knqUq7iFON+Vz/5r14e3n0c9g35zgNfG4yE7U=
Subject key identifier: 4A:8D:C7:AA:B3:16:C5:F5:AD:9D:B1:8D:EF:50:69:0D:2A:B0:7D:86
Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Certificate serial: 0186E01C773741483A6D23067621C41EF2F2
Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/So3HqrMWxfWtnbGN71BpDSqwfYY.roa
Signing time: Tue 14 Mar 2023 12:33:27 +0000
ROA not before: Tue 14 Mar 2023 12:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61154
IP address blocks: 195.78.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:1c:77:37:41:48:3a:6d:23:06:76:21:c4:1e:f2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Validity
Not Before: Mar 14 12:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8dc7aab316c5f5ad9db18def50690d2ab07d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5c:bb:1e:85:c1:85:0c:a5:70:5f:ef:eb:2c:
6b:1b:44:36:9f:0c:71:a2:18:9e:df:2f:f9:01:05:
77:70:61:17:a4:2b:eb:90:68:1f:7e:c3:b8:04:33:
dc:df:d8:f1:c9:7f:67:ec:97:25:32:74:cf:f8:be:
c9:61:d0:2b:d1:e1:b1:2e:a6:29:4c:a3:6a:b0:7c:
db:09:c5:84:cb:80:3e:47:da:44:e2:3a:29:80:10:
0c:15:ab:92:ab:08:d0:8b:a9:f2:fc:6e:33:db:64:
33:16:30:7b:3e:b8:ad:f2:66:ab:ee:ed:c9:aa:90:
5b:1e:e0:2b:96:a9:f4:48:cd:cd:e1:6d:29:38:43:
1f:7a:15:0a:7f:cc:62:55:aa:d7:17:29:f1:12:08:
29:4e:fc:50:2b:79:d5:53:d2:0c:72:96:7c:2e:59:
a5:2b:3a:5a:66:5d:70:bc:8b:2d:27:94:81:d7:c4:
21:74:56:2e:cc:77:53:75:8d:cf:92:b3:58:2d:bb:
f8:d9:f5:83:cd:1a:b5:3d:80:a4:bc:be:3f:a0:24:
7c:77:ff:50:ca:6b:b3:cb:9c:bb:01:89:96:af:a8:
4c:64:b9:d5:1f:78:14:6c:44:2b:a2:fb:37:53:56:
ed:d2:03:77:ee:f7:61:ec:06:f3:5f:f8:1c:15:15:
5a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8D:C7:AA:B3:16:C5:F5:AD:9D:B1:8D:EF:50:69:0D:2A:B0:7D:86
X509v3 Authority Key Identifier:
keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/So3HqrMWxfWtnbGN71BpDSqwfYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.236.0/22
Signature Algorithm: sha256WithRSAEncryption
21:45:31:0b:91:3f:99:91:d3:44:59:17:9b:62:59:90:8c:56:
a1:e3:6d:61:62:5b:64:7a:92:63:7d:b6:67:75:bf:56:9a:71:
cc:fd:8f:1e:d8:33:b2:5f:bd:ec:d1:cf:c9:86:5a:21:d4:06:
f6:ba:33:80:ab:af:99:de:0b:fc:c2:b8:64:4c:bc:b3:7b:bf:
4c:55:22:4b:b7:58:74:e1:9b:d6:33:eb:c0:ca:91:19:a6:38:
f0:ae:27:41:95:01:4b:b8:10:8a:c9:f2:84:14:cf:db:ef:fe:
1f:aa:4f:e9:27:b4:af:64:be:48:1e:c5:cb:a8:51:a7:ee:b4:
70:1d:11:70:ed:14:e4:8a:90:89:d7:83:c0:3c:04:f1:b2:b6:
ec:72:b7:42:b9:81:43:03:f6:34:2c:c9:95:6e:41:60:70:76:
67:27:30:8f:1e:0b:fc:56:e5:28:f6:3d:ac:67:2d:4f:cc:a7:
eb:6f:f0:4d:8b:de:19:e3:dc:a3:1a:b8:25:45:13:6a:38:e9:
d6:bd:f7:21:51:77:a6:90:da:c3:a8:c2:f0:42:c4:73:36:f3:
16:e6:43:42:1e:27:97:e9:00:0a:a3:d0:34:46:b0:63:ab:55:
d0:00:6b:60:93:a0:e9:a9:c0:28:ab:17:32:cd:f4:eb:25:e3:
c5:f7:39:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbgHHc3QUg6bSMGdiHEHvLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1
M2FlNjcwHhcNMjMwMzE0MTIzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThkYzdhYWIzMTZjNWY1YWQ5ZGIxOGRlZjUwNjkwZDJhYjA3ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFy7HoXBhQylcF/v6yxrG0Q2nwxx
ohie3y/5AQV3cGEXpCvrkGgffsO4BDPc39jxyX9n7JclMnTP+L7JYdAr0eGxLqYp
TKNqsHzbCcWEy4A+R9pE4jopgBAMFauSqwjQi6ny/G4z22QzFjB7Prit8mar7u3J
qpBbHuArlqn0SM3N4W0pOEMfehUKf8xiVarXFynxEggpTvxQK3nVU9IMcpZ8Llml
KzpaZl1wvIstJ5SB18QhdFYuzHdTdY3PkrNYLbv42fWDzRq1PYCkvL4/oCR8d/9Q
ymuzy5y7AYmWr6hMZLnVH3gUbEQrovs3U1bt0gN37vdh7AbzX/gcFRVa1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqNx6qzFsX1rZ2xje9QaQ0qsH2GMB8GA1UdIwQY
MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt
NjVhNWVmMGFmMGI0LzEvU28zSHFyTVd4Zld0bmJHTjcxQnBEU3F3ZllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0
LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw07sMA0G
CSqGSIb3DQEBCwUAA4IBAQAhRTELkT+ZkdNEWRebYlmQjFah421hYltkepJjfbZn
db9WmnHM/Y8e2DOyX73s0c/Jhloh1Ab2ujOAq6+Z3gv8wrhkTLyze79MVSJLt1h0
4ZvWM+vAypEZpjjwridBlQFLuBCKyfKEFM/b7/4fqk/pJ7SvZL5IHsXLqFGn7rRw
HRFw7RTkipCJ14PAPATxsrbscrdCuYFDA/Y0LMmVbkFgcHZnJzCPHgv8VuUo9j2s
Zy1PzKfrb/BNi94Z49yjGrglRRNqOOnWvfchUXemkNrDqMLwQsRzNvMW5kNCHieX
6QAKo9A0RrBjq1XQAGtgk6DpqcAoqxcyzfTrJePF9znH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:23 2024 by rpki-client on console-fra.rpki-client.org