Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/lR6ZJXDs9v6RJmGqjX7tVWb73Vc.roa
File: lR6ZJXDs9v6RJmGqjX7tVWb73Vc.roa (raw, json)
Hash identifier: lhCdpF/LlUCOAOpFRnbHzFrSo5O03UC2kwKgq0epPZw=
Subject key identifier: 95:1E:99:25:70:EC:F6:FE:91:26:61:AA:8D:7E:ED:55:66:FB:DD:57
Certificate issuer: /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Certificate serial: 018CC2DAEF4FCC874929B7FC70A69131DB4B
Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/lR6ZJXDs9v6RJmGqjX7tVWb73Vc.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29695
IP address blocks: 195.43.60.0/22 maxlen: 22
2001:678:f0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Apr 2024 06:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ef:4f:cc:87:49:29:b7:fc:70:a6:91:31:db:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951e992570ecf6fe912661aa8d7eed5566fbdd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3c:99:67:f2:ad:7f:d2:c6:26:60:5d:6c:a6:
15:cb:7f:c4:ea:9b:e6:36:ed:bb:92:c0:09:0d:2c:
a6:1f:74:59:94:23:ab:fb:7b:7b:53:b1:99:73:58:
13:fe:4f:1c:45:2d:ee:eb:0a:f2:97:13:d2:1a:08:
8c:d9:5d:87:b0:00:29:fd:30:95:70:6d:25:08:5f:
3c:76:3f:b7:73:3b:f7:d5:e9:e9:2c:9f:7a:22:fd:
34:29:1d:ba:6a:41:39:92:90:8a:96:62:d5:89:91:
15:1e:15:e3:a3:44:33:f0:fd:b8:c5:64:7d:39:21:
d5:8d:68:8b:1e:ba:4a:e0:83:2b:dd:b8:6e:79:34:
7d:45:64:24:cb:bc:33:81:f8:66:34:19:d4:22:04:
cd:00:15:c7:c4:e2:cd:cc:23:8f:99:a8:e8:e0:82:
ce:02:c9:7b:2e:07:7a:5b:40:53:9e:46:c7:fb:65:
2d:2f:62:f3:7d:6a:9e:93:bc:fa:4d:80:1d:06:18:
8e:a1:a7:8d:52:07:36:a6:c2:06:1c:1d:c7:c9:a5:
a2:5f:57:a0:71:55:04:43:4f:78:5d:37:46:7d:04:
33:d7:a8:25:35:f2:ce:7b:36:66:3d:a4:4e:a3:fc:
23:72:ea:73:d0:d3:a3:1d:70:80:d1:b4:24:96:22:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1E:99:25:70:EC:F6:FE:91:26:61:AA:8D:7E:ED:55:66:FB:DD:57
X509v3 Authority Key Identifier:
keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/lR6ZJXDs9v6RJmGqjX7tVWb73Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.60.0/22
IPv6:
2001:678:f0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:46:86:23:86:d0:b5:49:e2:1c:e2:6f:ff:48:11:a4:d9:55:
f3:92:10:92:5b:aa:e2:3b:da:0a:39:44:12:e0:c2:2b:04:40:
7c:59:38:91:37:b4:0b:fe:7f:8c:85:26:e9:48:e4:3a:b9:f9:
b5:23:04:b7:7c:9d:65:d8:4d:37:aa:b9:87:e4:71:4f:28:44:
5b:0c:bd:c7:15:c2:fc:b9:65:71:22:43:fb:46:73:c7:cb:23:
dd:61:dc:ad:ac:2b:ef:78:a3:05:70:83:42:3a:2f:d0:66:a8:
1e:e3:45:a7:af:92:b8:c8:15:62:47:27:bf:7c:2d:a2:eb:f5:
b3:7b:2a:6c:dc:d9:fa:09:ac:2d:3b:74:b7:cd:fa:73:db:95:
fa:60:0c:65:0f:e5:44:30:70:44:9b:11:13:2e:e4:38:37:01:
b9:2d:65:43:46:4e:d2:65:b6:6c:7c:ff:ab:fb:12:d6:5f:56:
4b:2e:ff:58:e9:3a:1a:84:75:95:67:35:ae:1d:8e:0b:f4:9d:
e8:a3:d7:f6:a1:cc:e6:9e:a1:a7:09:fc:ff:9e:3d:da:71:1f:
81:06:90:79:8b:d8:41:da:a8:90:36:8a:4d:d8:c4:ff:8d:5f:
6c:70:99:9a:01:e0:8c:9d:57:a5:54:11:05:3c:ad:31:ab:a4:
1c:dd:98:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2u9PzIdJKbf8cKaRMdtLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNmMWFhYzIxYWE1ODIzYjAxOWRlOTFhZWVlYzIzZTNl
NTI2ZGIwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFlOTkyNTcwZWNmNmZlOTEyNjYxYWE4ZDdlZWQ1NTY2ZmJkZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTyZZ/Ktf9LGJmBdbKYVy3/E6pvm
Nu27ksAJDSymH3RZlCOr+3t7U7GZc1gT/k8cRS3u6wrylxPSGgiM2V2HsAAp/TCV
cG0lCF88dj+3czv31enpLJ96Iv00KR26akE5kpCKlmLViZEVHhXjo0Qz8P24xWR9
OSHVjWiLHrpK4IMr3bhueTR9RWQky7wzgfhmNBnUIgTNABXHxOLNzCOPmajo4ILO
Asl7Lgd6W0BTnkbH+2UtL2LzfWqek7z6TYAdBhiOoaeNUgc2psIGHB3HyaWiX1eg
cVUEQ094XTdGfQQz16glNfLOezZmPaROo/wjcupz0NOjHXCA0bQkliKjgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJUemSVw7Pb+kSZhqo1+7VVm+91XMB8GA1UdIwQY
MBaAFNgc8arCGqWCOwGd6Rru7CPj5SbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYt
OWMwZGUzNjUyNzM4LzEvbFI2WkpYRHM5djZSSm1HcWpYN3RWV2I3M1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYtOWMwZGUzNjUyNzM4
LzEvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwys8MA8E
AgACMAkDBwAgAQZ4APAwDQYJKoZIhvcNAQELBQADggEBAItGhiOG0LVJ4hzib/9I
EaTZVfOSEJJbquI72go5RBLgwisEQHxZOJE3tAv+f4yFJulI5Dq5+bUjBLd8nWXY
TTequYfkcU8oRFsMvccVwvy5ZXEiQ/tGc8fLI91h3K2sK+94owVwg0I6L9BmqB7j
RaevkrjIFWJHJ798LaLr9bN7Kmzc2foJrC07dLfN+nPblfpgDGUP5UQwcESbERMu
5Dg3AbktZUNGTtJltmx8/6v7EtZfVksu/1jpOhqEdZVnNa4djgv0neij1/ahzOae
oacJ/P+ePdpxH4EGkHmL2EHaqJA2ik3YxP+NX2xwmZoB4IydV6VUEQU8rTGrpBzd
mIs=
-----END CERTIFICATE-----
Generated at Sat Apr 20 07:17:51 2024 by rpki-client on console-ams.rpki-client.org