Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/5Hoe2nfISaS0HbWCROYrit7TTk0.roa
File: 5Hoe2nfISaS0HbWCROYrit7TTk0.roa (raw, json)
Hash identifier: Oh9c9UchJ7UqHQwtTZmE2+VPmvxuNuUaAFOhkXqJFPA=
Subject key identifier: E4:7A:1E:DA:77:C8:49:A4:B4:1D:B5:82:44:E6:2B:8A:DE:D3:4E:4D
Certificate issuer: /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Certificate serial: 018ECBB4CA351B7C399E2FABBDED6C7BE2F1
Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/5Hoe2nfISaS0HbWCROYrit7TTk0.roa
Signing time: Thu 11 Apr 2024 05:50:06 +0000
ROA not before: Thu 11 Apr 2024 05:50:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204027
IP address blocks: 195.43.60.0/24 maxlen: 24
2001:678:f0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Apr 2024 06:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:b4:ca:35:1b:7c:39:9e:2f:ab:bd:ed:6c:7b:e2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Validity
Not Before: Apr 11 05:50:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e47a1eda77c849a4b41db58244e62b8aded34e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4a:dd:0a:a0:a7:64:39:34:05:f5:c9:e6:54:
04:78:fc:d7:96:53:62:f5:bc:9e:69:af:6b:8f:aa:
21:25:15:3e:f7:79:cd:f8:a7:bf:37:84:84:a1:55:
b8:8d:7a:33:2c:4e:0c:53:67:57:17:6e:fb:49:bd:
80:71:98:c0:ec:5c:bd:2f:db:8a:70:6a:56:e0:2a:
41:51:a4:e3:7d:ee:94:f8:ab:62:4e:82:a9:d7:ed:
66:d0:8c:a2:f5:11:50:de:fd:80:25:d8:fd:5f:d9:
b5:3c:26:0e:70:19:d0:5c:cc:67:1a:58:98:10:df:
88:75:51:80:04:ca:ef:b1:92:00:ef:98:a3:a4:4c:
31:01:d7:6c:73:33:dd:19:fc:09:7b:81:90:36:83:
d8:c4:84:a6:e8:75:50:71:bf:8f:3c:19:44:56:19:
00:84:d6:cf:ee:b0:a5:62:c6:3b:7f:7a:12:49:ee:
fe:04:7a:8f:0a:77:f7:f7:72:53:0b:3f:53:7e:d6:
ac:90:7a:b0:3d:b5:0c:9c:88:3c:ab:39:bf:76:54:
ec:87:b7:df:9d:ea:9e:2e:9f:17:ff:20:ec:94:d0:
3b:5a:18:23:98:be:4d:8f:44:ec:49:2a:ab:bf:d3:
85:fb:06:d6:34:e7:0a:bb:63:57:00:6d:46:ef:c9:
fa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7A:1E:DA:77:C8:49:A4:B4:1D:B5:82:44:E6:2B:8A:DE:D3:4E:4D
X509v3 Authority Key Identifier:
keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/5Hoe2nfISaS0HbWCROYrit7TTk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.60.0/24
IPv6:
2001:678:f0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:4d:2b:80:22:5e:b6:67:47:5d:fd:27:27:5f:48:3a:9a:54:
70:35:77:61:d3:f9:37:c5:05:48:3b:31:4f:e2:ab:f4:6c:19:
08:7f:e8:11:a0:92:f1:d4:26:5e:76:fb:01:bc:0f:2e:96:05:
8f:32:a8:0c:37:79:6a:98:26:17:cb:b7:ba:ff:3e:33:5b:0e:
98:28:8d:16:62:43:98:7e:41:f6:01:e3:23:00:05:19:f7:6b:
01:04:82:a4:d8:50:ca:fd:27:9c:17:59:5e:5a:a0:c2:fb:98:
42:13:a0:78:d0:f7:bd:31:55:69:88:0e:ee:48:13:86:ef:21:
04:1c:0b:4e:a0:90:7e:7c:b3:a6:61:c7:8b:d3:63:8f:df:d6:
30:c6:fc:6a:96:b8:e7:37:97:80:8c:35:3c:3a:cf:3d:15:a7:
ba:0e:f6:cb:c8:80:d0:14:0c:0e:db:7b:a1:87:ac:85:1c:5d:
10:f8:f9:d5:bf:52:a3:da:1f:4f:95:3f:54:5b:1e:a3:0a:88:
c6:c0:8e:f2:37:2f:ad:47:d1:64:18:8b:f6:b8:dc:38:8b:52:
3e:e8:a4:81:79:a6:58:73:97:a0:d2:5b:46:b7:47:76:bc:de:
47:fe:2f:21:72:bd:13:a1:c0:c4:0c:be:8d:79:97:a5:52:8e:
75:76:e1:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7LtMo1G3w5ni+rve1se+LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNmMWFhYzIxYWE1ODIzYjAxOWRlOTFhZWVlYzIzZTNl
NTI2ZGIwHhcNMjQwNDExMDU1MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdhMWVkYTc3Yzg0OWE0YjQxZGI1ODI0NGU2MmI4YWRlZDM0ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxErdCqCnZDk0BfXJ5lQEePzXllNi
9byeaa9rj6ohJRU+93nN+Ke/N4SEoVW4jXozLE4MU2dXF277Sb2AcZjA7Fy9L9uK
cGpW4CpBUaTjfe6U+KtiToKp1+1m0Iyi9RFQ3v2AJdj9X9m1PCYOcBnQXMxnGliY
EN+IdVGABMrvsZIA75ijpEwxAddsczPdGfwJe4GQNoPYxISm6HVQcb+PPBlEVhkA
hNbP7rClYsY7f3oSSe7+BHqPCnf393JTCz9TftaskHqwPbUMnIg8qzm/dlTsh7ff
neqeLp8X/yDslNA7WhgjmL5Nj0TsSSqrv9OF+wbWNOcKu2NXAG1G78n6NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOR6Htp3yEmktB21gkTmK4re005NMB8GA1UdIwQY
MBaAFNgc8arCGqWCOwGd6Rru7CPj5SbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYt
OWMwZGUzNjUyNzM4LzEvNUhvZTJuZklTYVMwSGJXQ1JPWXJpdDdUVGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYtOWMwZGUzNjUyNzM4
LzEvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwys8MA8E
AgACMAkDBwAgAQZ4APAwDQYJKoZIhvcNAQELBQADggEBAD9NK4AiXrZnR139Jydf
SDqaVHA1d2HT+TfFBUg7MU/iq/RsGQh/6BGgkvHUJl52+wG8Dy6WBY8yqAw3eWqY
JhfLt7r/PjNbDpgojRZiQ5h+QfYB4yMABRn3awEEgqTYUMr9J5wXWV5aoML7mEIT
oHjQ970xVWmIDu5IE4bvIQQcC06gkH58s6Zhx4vTY4/f1jDG/GqWuOc3l4CMNTw6
zz0Vp7oO9svIgNAUDA7be6GHrIUcXRD4+dW/UqPaH0+VP1RbHqMKiMbAjvI3L61H
0WQYi/a43DiLUj7opIF5plhzl6DSW0a3R3a83kf+LyFyvROhwMQMvo15l6VSjnV2
4U0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:45 2025 by rpki-client