Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/814325-2191-41c6-b2ed-e229a42c4085/1/1Hf5bTc67tci_MZEOXQoPALabZ4.roa
File: 1Hf5bTc67tci_MZEOXQoPALabZ4.roa (raw, json)
Hash identifier: kxtBt/Ap1NANaOCQZJtDZgBDvMbl8C0ubyKyd/z8x7Q=
Subject key identifier: D4:77:F9:6D:37:3A:EE:D7:22:FC:C6:44:39:74:28:3C:02:DA:6D:9E
Certificate issuer: /CN=49d15a10e74710936cb8c37b7c6f5f1fb38c121f
Certificate serial: 01856C65DB50A12D8180FAB8D811F97D2FA1
Authority key identifier: 49:D1:5A:10:E7:47:10:93:6C:B8:C3:7B:7C:6F:5F:1F:B3:8C:12:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SdFaEOdHEJNsuMN7fG9fH7OMEh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/814325-2191-41c6-b2ed-e229a42c4085/1/1Hf5bTc67tci_MZEOXQoPALabZ4.roa
Signing time: Sun 01 Jan 2023 08:14:52 +0000
ROA not before: Sun 01 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48930
IP address blocks: 195.88.98.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:db:50:a1:2d:81:80:fa:b8:d8:11:f9:7d:2f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49d15a10e74710936cb8c37b7c6f5f1fb38c121f
Validity
Not Before: Jan 1 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d477f96d373aeed722fcc6443974283c02da6d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a2:fe:e9:51:53:fc:1d:41:1f:0c:ba:91:54:
0e:ab:62:0e:f3:07:59:9e:62:92:60:18:e1:c0:25:
00:51:4f:84:b0:98:6d:38:50:e6:a7:1b:4c:cd:0f:
60:2a:76:bb:a7:2c:de:7f:49:0e:2f:e0:8c:86:1b:
0c:31:e9:4c:22:69:45:0a:e8:92:0f:55:de:39:fb:
66:c9:a7:a3:52:ab:c5:1d:43:67:70:75:80:23:c9:
95:e9:c6:d8:9e:47:8a:cd:df:e9:09:c2:d1:af:d0:
cd:b5:22:dd:b4:e8:8f:5b:c8:67:03:a3:1d:3b:23:
5b:fd:1e:91:cd:df:9f:3b:6f:5b:f1:ec:c9:ff:06:
84:b4:cc:e2:61:ea:3e:10:95:fb:65:98:35:6d:d9:
68:49:e1:9a:c2:b7:2f:36:b8:05:07:36:3e:ce:7a:
25:19:f9:3e:c3:0e:ae:49:e1:e4:16:92:20:05:81:
b0:a3:8a:cf:66:8b:67:ff:bc:83:8d:96:da:46:74:
24:23:27:b1:f4:2d:fe:e7:3a:3d:f5:ea:eb:25:c1:
3b:28:31:ca:4f:fe:fd:1a:ea:90:3d:f4:f1:ab:bf:
eb:f2:4b:16:05:81:1a:87:a2:c8:6b:6f:ba:e9:58:
ca:f6:3b:06:ee:7a:2a:d7:cb:db:fa:5a:b5:1f:b4:
e4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:F9:6D:37:3A:EE:D7:22:FC:C6:44:39:74:28:3C:02:DA:6D:9E
X509v3 Authority Key Identifier:
keyid:49:D1:5A:10:E7:47:10:93:6C:B8:C3:7B:7C:6F:5F:1F:B3:8C:12:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdFaEOdHEJNsuMN7fG9fH7OMEh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/814325-2191-41c6-b2ed-e229a42c4085/1/1Hf5bTc67tci_MZEOXQoPALabZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/814325-2191-41c6-b2ed-e229a42c4085/1/SdFaEOdHEJNsuMN7fG9fH7OMEh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.98.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:30:7f:62:17:a1:4c:73:3b:3c:da:04:d1:65:8b:34:a6:28:
88:46:89:b1:94:fc:22:2e:47:3e:88:77:7b:33:ae:d6:ab:eb:
89:d7:f5:46:14:0a:c1:07:bb:8f:92:f3:7a:de:03:62:cd:91:
20:48:6a:f1:af:41:18:90:59:57:f4:03:cf:19:5e:29:2f:0b:
70:7d:75:22:69:5e:c0:ca:e5:f7:78:da:03:b0:38:7d:bb:09:
b6:ae:fa:8a:28:20:c3:d3:10:ef:82:26:fd:b9:3e:90:ab:ca:
e1:38:f2:d8:61:9b:39:2b:48:00:ff:c5:ce:77:eb:2e:31:44:
db:2c:cb:9f:1e:7f:f7:c3:71:0c:9f:92:7d:7f:02:90:bb:cd:
db:6e:84:d8:9d:1c:67:d2:c7:8c:17:52:3c:2a:af:c2:09:a6:
95:4b:4d:65:a3:66:3d:03:65:6e:a3:65:d8:f1:01:73:f9:4f:
c4:70:00:aa:fb:8b:03:c9:76:69:ee:35:cf:54:33:fb:40:2b:
10:ce:b1:71:c8:fc:94:ed:ea:35:03:ec:97:df:fb:50:28:24:
4a:8b:3b:fd:8d:ef:09:4e:7b:36:a4:d7:7d:c1:34:4a:12:7d:
ee:15:6c:b5:01:50:01:89:db:d0:a3:15:a3:d6:7a:08:71:22:
70:e6:20:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZdtQoS2BgPq42BH5fS+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDE1YTEwZTc0NzEwOTM2Y2I4YzM3YjdjNmY1ZjFmYjM4
YzEyMWYwHhcNMjMwMTAxMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc3Zjk2ZDM3M2FlZWQ3MjJmY2M2NDQzOTc0MjgzYzAyZGE2ZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaL+6VFT/B1BHwy6kVQOq2IO8wdZ
nmKSYBjhwCUAUU+EsJhtOFDmpxtMzQ9gKna7pyzef0kOL+CMhhsMMelMImlFCuiS
D1XeOftmyaejUqvFHUNncHWAI8mV6cbYnkeKzd/pCcLRr9DNtSLdtOiPW8hnA6Md
OyNb/R6Rzd+fO29b8ezJ/waEtMziYeo+EJX7ZZg1bdloSeGawrcvNrgFBzY+znol
Gfk+ww6uSeHkFpIgBYGwo4rPZotn/7yDjZbaRnQkIyex9C3+5zo99errJcE7KDHK
T/79GuqQPfTxq7/r8ksWBYEah6LIa2+66VjK9jsG7noq18vb+lq1H7TkRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNR3+W03Ou7XIvzGRDl0KDwC2m2eMB8GA1UdIwQY
MBaAFEnRWhDnRxCTbLjDe3xvXx+zjBIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RGYUVPZEhFSk5zdU1ON2ZHOWZIN09NRWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MTQzMjUtMjE5MS00MWM2LWIyZWQt
ZTIyOWE0MmM0MDg1LzEvMUhmNWJUYzY3dGNpX01aRU9YUW9QQUxhYlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MTQzMjUtMjE5MS00MWM2LWIyZWQtZTIyOWE0MmM0MDg1
LzEvU2RGYUVPZEhFSk5zdU1ON2ZHOWZIN09NRWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1hiMA0G
CSqGSIb3DQEBCwUAA4IBAQBMMH9iF6FMczs82gTRZYs0piiIRomxlPwiLkc+iHd7
M67Wq+uJ1/VGFArBB7uPkvN63gNizZEgSGrxr0EYkFlX9APPGV4pLwtwfXUiaV7A
yuX3eNoDsDh9uwm2rvqKKCDD0xDvgib9uT6Qq8rhOPLYYZs5K0gA/8XOd+suMUTb
LMufHn/3w3EMn5J9fwKQu83bboTYnRxn0seMF1I8Kq/CCaaVS01lo2Y9A2Vuo2XY
8QFz+U/EcACq+4sDyXZp7jXPVDP7QCsQzrFxyPyU7eo1A+yX3/tQKCRKizv9je8J
Tns2pNd9wTRKEn3uFWy1AVABidvQoxWj1noIcSJw5iAf
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:01 2024 by rpki-client on console-fra.rpki-client.org