Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/UtP8FFuYCW8EVhoTpmmhR0xRbl0.roa
File: UtP8FFuYCW8EVhoTpmmhR0xRbl0.roa (raw, json)
Hash identifier: cYjKuXVzP3PT+8yRijrQ7sPTsMgxVzRJsWzkl0eSMyI=
Subject key identifier: 52:D3:FC:14:5B:98:09:6F:04:56:1A:13:A6:69:A1:47:4C:51:6E:5D
Certificate issuer: /CN=683b33dc7218b3fe883c49505134cb39a664fd28
Certificate serial: 018B6C0DA6DCA45BF9D010C176CEDB60FFAB
Authority key identifier: 68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/UtP8FFuYCW8EVhoTpmmhR0xRbl0.roa
Signing time: Thu 26 Oct 2023 12:55:15 +0000
ROA not before: Thu 26 Oct 2023 12:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29275
IP address blocks: 195.137.196.0/23 maxlen: 23
195.137.196.0/24 maxlen: 24
195.137.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:0d:a6:dc:a4:5b:f9:d0:10:c1:76:ce:db:60:ff:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=683b33dc7218b3fe883c49505134cb39a664fd28
Validity
Not Before: Oct 26 12:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52d3fc145b98096f04561a13a669a1474c516e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9f:a7:32:1f:be:cd:53:c4:77:35:25:51:af:
e0:6b:ee:22:52:0a:6a:47:24:35:de:09:99:29:54:
d1:96:d7:72:90:1f:26:fa:17:d2:39:52:31:a2:d0:
6c:86:78:5c:d6:1e:db:79:d3:60:1c:48:3d:d5:c6:
f5:69:f9:0f:11:9f:14:29:b7:ba:87:6c:cb:76:12:
7b:05:e5:aa:70:c8:59:f5:14:24:7c:e0:fc:23:10:
82:5c:26:51:69:74:26:ba:ff:6e:fb:17:cb:d6:f2:
4e:7f:4f:a5:3d:42:31:0a:df:f0:37:3c:cf:b9:e2:
97:ea:7a:7f:04:3f:5e:61:e6:ea:6c:a0:53:8e:82:
79:df:6d:3a:5a:a4:a6:d3:c9:0b:8e:a2:cb:fd:98:
b1:67:10:a3:4d:3d:37:41:4d:3e:a9:df:0f:32:3f:
96:40:b5:f4:9c:8f:c0:b6:8f:e4:53:8e:74:b0:90:
c6:a9:55:cb:c3:aa:35:13:fa:36:03:63:07:3c:d7:
df:29:34:6d:7a:69:c1:c2:24:0e:52:29:b0:0c:25:
49:5c:83:f8:47:3b:ce:39:93:f6:e9:0f:3e:82:03:
43:7e:bb:5c:0e:9b:64:59:e8:1c:3d:7d:a0:0e:eb:
ed:4f:c5:4c:68:2f:ff:41:e4:23:e8:86:23:70:2c:
5b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D3:FC:14:5B:98:09:6F:04:56:1A:13:A6:69:A1:47:4C:51:6E:5D
X509v3 Authority Key Identifier:
keyid:68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/UtP8FFuYCW8EVhoTpmmhR0xRbl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.196.0/23
Signature Algorithm: sha256WithRSAEncryption
20:c2:2b:2c:ce:0e:4c:74:41:3f:0b:2e:c6:0d:43:85:36:e0:
fc:32:d2:d6:55:ad:67:d7:28:fd:6a:9f:8b:f9:42:2b:da:c5:
9d:37:6f:fe:ef:a7:9b:f8:e4:b3:67:83:08:f3:38:35:21:77:
47:63:12:80:a2:7b:7e:e6:95:fd:e0:0b:19:44:87:1f:60:ec:
7e:a6:2b:d1:5c:f4:1c:0f:7f:2b:63:0d:9e:9b:fb:5e:17:43:
9c:70:2b:dc:72:3d:22:81:60:98:e9:01:34:be:c5:c5:cb:7a:
f2:e5:b3:79:71:01:66:49:df:51:80:09:b4:6f:85:2f:ce:32:
5c:83:3b:40:32:9b:06:c2:e5:7f:ab:77:e9:28:e2:ee:bf:3a:
34:e9:ff:1a:b0:b5:73:33:ee:16:b8:63:cd:c3:2e:72:fd:c4:
ad:e9:f1:59:19:06:a8:81:7f:fb:69:c5:18:8b:77:d7:10:be:
41:43:6f:4a:b8:5a:5b:59:aa:6a:a9:5e:d9:d4:06:b1:a9:ca:
31:41:c7:11:a6:76:6c:e8:46:d1:67:3c:37:6e:cc:8a:c8:45:
26:64:4a:7a:31:85:36:71:00:36:93:7b:73:84:ac:01:5d:c9:
ec:f5:cf:70:a5:7e:09:6a:cc:60:f6:6f:dc:4e:65:36:10:2e:
c6:81:ee:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtsDabcpFv50BDBds7bYP+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4M2IzM2RjNzIxOGIzZmU4ODNjNDk1MDUxMzRjYjM5YTY2
NGZkMjgwHhcNMjMxMDI2MTI1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQzZmMxNDViOTgwOTZmMDQ1NjFhMTNhNjY5YTE0NzRjNTE2ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p+nMh++zVPEdzUlUa/ga+4iUgpq
RyQ13gmZKVTRltdykB8m+hfSOVIxotBshnhc1h7bedNgHEg91cb1afkPEZ8UKbe6
h2zLdhJ7BeWqcMhZ9RQkfOD8IxCCXCZRaXQmuv9u+xfL1vJOf0+lPUIxCt/wNzzP
ueKX6np/BD9eYebqbKBTjoJ53206WqSm08kLjqLL/ZixZxCjTT03QU0+qd8PMj+W
QLX0nI/Ato/kU450sJDGqVXLw6o1E/o2A2MHPNffKTRtemnBwiQOUimwDCVJXIP4
RzvOOZP26Q8+ggNDfrtcDptkWegcPX2gDuvtT8VMaC//QeQj6IYjcCxbTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLT/BRbmAlvBFYaE6ZpoUdMUW5dMB8GA1UdIwQY
MBaAFGg7M9xyGLP+iDxJUFE0yzmmZP0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEt
MTRjNmI5NTRkOTc2LzEvVXRQOEZGdVlDVzhFVmhvVHBtbWhSMHhSYmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEtMTRjNmI5NTRkOTc2
LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nEMA0G
CSqGSIb3DQEBCwUAA4IBAQAgwisszg5MdEE/Cy7GDUOFNuD8MtLWVa1n1yj9ap+L
+UIr2sWdN2/+76eb+OSzZ4MI8zg1IXdHYxKAont+5pX94AsZRIcfYOx+pivRXPQc
D38rYw2em/teF0OccCvccj0igWCY6QE0vsXFy3ry5bN5cQFmSd9RgAm0b4UvzjJc
gztAMpsGwuV/q3fpKOLuvzo06f8asLVzM+4WuGPNwy5y/cSt6fFZGQaogX/7acUY
i3fXEL5BQ29KuFpbWapqqV7Z1AaxqcoxQccRpnZs6EbRZzw3bsyKyEUmZEp6MYU2
cQA2k3tzhKwBXcns9c9wpX4Jasxg9m/cTmU2EC7Gge7a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:33 2024 by rpki-client on console-fra.rpki-client.org