Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/de494f-5129-49f9-929e-970c83e96cbc/1/3ssaxUDzwnQwCj0FfFyYbA-CPQI.roa
File: 3ssaxUDzwnQwCj0FfFyYbA-CPQI.roa (raw, json)
Hash identifier: yi7TnFnsaix+K+seNjD9i9v/EyGVtcuSqYo7B5oRXM8=
Subject key identifier: DE:CB:1A:C5:40:F3:C2:74:30:0A:3D:05:7C:5C:98:6C:0F:82:3D:02
Certificate issuer: /CN=f8aa7e47b91a6295cbf718c1f2ddb0a25c276eb2
Certificate serial: 018CC2DB23DA9EDB08D5E8C47AB11DC6E1D6
Authority key identifier: F8:AA:7E:47:B9:1A:62:95:CB:F7:18:C1:F2:DD:B0:A2:5C:27:6E:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Kp-R7kaYpXL9xjB8t2wolwnbrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/de494f-5129-49f9-929e-970c83e96cbc/1/3ssaxUDzwnQwCj0FfFyYbA-CPQI.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57926
IP address blocks: 195.46.39.0/24 maxlen: 24
2001:67c:2778::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:da:9e:db:08:d5:e8:c4:7a:b1:1d:c6:e1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8aa7e47b91a6295cbf718c1f2ddb0a25c276eb2
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=decb1ac540f3c274300a3d057c5c986c0f823d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:80:77:85:1b:af:c2:47:c1:cd:ab:ac:1d:
b3:50:dc:de:2a:f9:25:97:eb:77:c0:0b:80:65:5f:
77:d7:fa:13:be:af:fb:a6:cd:40:06:60:19:a4:3f:
3b:a0:63:21:44:b5:a0:55:57:a7:fc:aa:f6:d8:74:
0d:51:ac:77:10:89:75:83:e3:30:a8:90:cf:fa:bd:
3d:2f:f5:fa:94:bc:09:a8:e0:df:e3:98:07:cb:c1:
ad:bb:60:a6:7c:23:dc:fb:de:5f:95:4d:42:a3:46:
2a:1d:02:03:b2:57:b4:c3:b5:cb:1d:29:f9:59:95:
98:fc:cd:bb:e7:b8:8b:d4:82:16:0a:d7:89:7e:2f:
de:9f:21:8e:07:96:ab:b2:c0:95:95:f1:2a:e9:f2:
d3:b4:81:a6:6f:73:c7:94:62:a7:6d:83:b6:fa:1c:
3d:00:74:9a:62:65:d1:7c:e3:a6:af:66:72:95:48:
83:18:0a:9a:e1:e5:bb:1d:1e:24:d7:e0:1a:1f:a8:
4d:04:d6:32:7b:dd:7b:d0:bc:bd:14:98:05:02:6b:
b7:74:79:e4:8e:39:c0:57:91:64:66:42:3a:7b:89:
48:b3:d0:96:3b:ab:c2:20:3b:89:15:bd:98:0b:dc:
90:91:34:d2:1e:4a:2b:2b:01:ce:87:50:e7:49:02:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CB:1A:C5:40:F3:C2:74:30:0A:3D:05:7C:5C:98:6C:0F:82:3D:02
X509v3 Authority Key Identifier:
keyid:F8:AA:7E:47:B9:1A:62:95:CB:F7:18:C1:F2:DD:B0:A2:5C:27:6E:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Kp-R7kaYpXL9xjB8t2wolwnbrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/de494f-5129-49f9-929e-970c83e96cbc/1/3ssaxUDzwnQwCj0FfFyYbA-CPQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/de494f-5129-49f9-929e-970c83e96cbc/1/1-Kp-R7kaYpXL9xjB8t2wolwnbrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.46.39.0/24
IPv6:
2001:67c:2778::/48
Signature Algorithm: sha256WithRSAEncryption
b6:51:4e:70:9d:1d:d8:71:00:43:09:19:f2:e3:fc:48:2f:b9:
20:c3:dc:d0:62:c1:a5:c7:f2:f9:bb:68:d6:1b:75:20:21:73:
9e:4a:79:85:0a:fd:8f:d9:02:03:11:c2:e0:5d:20:30:fd:74:
11:06:9e:eb:3d:a1:4d:59:ec:c2:ed:fc:ed:59:1f:f4:ae:55:
87:12:e3:ba:26:84:fd:a5:6e:ec:4f:35:bb:d6:a4:7f:3a:ba:
2a:e7:00:ba:6b:28:8b:c0:84:37:4f:c9:37:bc:40:72:d7:c7:
aa:b2:a5:c3:16:fe:c7:4e:c4:e2:99:86:de:ad:15:95:22:08:
ec:67:34:7e:d6:e3:df:f8:6f:22:42:03:10:46:08:ca:a1:f1:
b6:18:e6:04:61:a1:51:b2:ea:15:86:61:1a:27:a3:93:3d:0c:
1c:b3:ab:e5:2b:0d:b5:b5:5e:91:17:7c:cd:5b:65:1d:48:bc:
b9:b1:95:54:35:4c:f8:cb:70:a2:ac:27:ad:53:f6:b7:58:81:
b4:fa:62:57:bd:8c:42:08:42:ae:d3:a1:d8:90:6d:0d:f6:3a:
92:9b:1e:e7:a3:5b:02:0d:35:eb:7c:02:21:ec:40:d2:9c:14:
ea:1e:93:87:dd:d8:51:00:33:13:20:d4:2e:ef:86:80:a7:32:
9b:21:97:fc
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzC2yPantsI1ejEerEdxuHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWE3ZTQ3YjkxYTYyOTVjYmY3MThjMWYyZGRiMGEyNWMy
NzZlYjIwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWNiMWFjNTQwZjNjMjc0MzAwYTNkMDU3YzVjOTg2YzBmODIzZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoaAd4Ubr8JHwc2rrB2zUNzeKvkl
l+t3wAuAZV931/oTvq/7ps1ABmAZpD87oGMhRLWgVVen/Kr22HQNUax3EIl1g+Mw
qJDP+r09L/X6lLwJqODf45gHy8Gtu2CmfCPc+95flU1Co0YqHQIDsle0w7XLHSn5
WZWY/M2757iL1IIWCteJfi/enyGOB5arssCVlfEq6fLTtIGmb3PHlGKnbYO2+hw9
AHSaYmXRfOOmr2ZylUiDGAqa4eW7HR4k1+AaH6hNBNYye9170Ly9FJgFAmu3dHnk
jjnAV5FkZkI6e4lIs9CWO6vCIDuJFb2YC9yQkTTSHkorKwHOh1DnSQKSHwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFN7LGsVA88J0MAo9BXxcmGwPgj0CMB8GA1UdIwQY
MBaAFPiqfke5GmKVy/cYwfLdsKJcJ26yMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LcC1SN2thWXBYTDl4akI4dDJ3b2x3bmJySS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvZGU0OTRmLTUxMjktNDlmOS05Mjll
LTk3MGM4M2U5NmNiYy8xLzNzc2F4VUR6d25Rd0NqMEZmRnlZYkEtQ1BRSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvZGU0OTRmLTUxMjktNDlmOS05MjllLTk3MGM4M2U5NmNi
Yy8xLzEtS3AtUjdrYVlwWEw5eGpCOHQyd29sd25ickkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADDLicw
DwQCAAIwCQMHACABBnwneDANBgkqhkiG9w0BAQsFAAOCAQEAtlFOcJ0d2HEAQwkZ
8uP8SC+5IMPc0GLBpcfy+bto1ht1ICFznkp5hQr9j9kCAxHC4F0gMP10EQae6z2h
TVnswu387Vkf9K5VhxLjuiaE/aVu7E81u9akfzq6KucAumsoi8CEN0/JN7xActfH
qrKlwxb+x07E4pmG3q0VlSII7Gc0ftbj3/hvIkIDEEYIyqHxthjmBGGhUbLqFYZh
Giejkz0MHLOr5SsNtbVekRd8zVtlHUi8ubGVVDVM+MtwoqwnrVP2t1iBtPpiV72M
QghCrtOh2JBtDfY6kpse56NbAg0163wCIexA0pwU6h6Th93YUQAzEyDULu+GgKcy
myGX/A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:49 2025 by rpki-client