Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/0I9zoqhqS_pVmyMySK2VZ3Vx65s.roa
File: 0I9zoqhqS_pVmyMySK2VZ3Vx65s.roa (raw, json)
Hash identifier: 5nkcQ6vymJynN9lK7DZ1g6inrNGHT6lCWNSuIYD5h/w=
Subject key identifier: D0:8F:73:A2:A8:6A:4B:FA:55:9B:23:32:48:AD:95:67:75:71:EB:9B
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01856DEF671AFAD993E69B036D9F8FCAC275
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/0I9zoqhqS_pVmyMySK2VZ3Vx65s.roa
Signing time: Sun 01 Jan 2023 15:24:43 +0000
ROA not before: Sun 01 Jan 2023 15:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1887
IP address blocks: 195.187.64.0/18 maxlen: 18
148.81.0.0/16 maxlen: 16
2a00:1488::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Jun 2023 11:26:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:67:1a:fa:d9:93:e6:9b:03:6d:9f:8f:ca:c2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 15:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d08f73a2a86a4bfa559b233248ad95677571eb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:80:b1:38:28:7b:be:c8:3d:88:2c:ec:ab:
b8:3b:10:ab:50:94:44:af:f8:91:60:c1:a2:7c:da:
39:c1:13:0c:a8:dd:1b:99:9e:fa:7b:00:d9:4a:67:
1a:29:96:8d:ec:50:d1:6c:d3:a9:df:ed:69:62:b4:
c9:95:68:df:b6:82:eb:07:c7:bd:bc:62:99:2e:1f:
7b:1d:d4:d5:d8:90:e6:8f:bf:b7:63:89:41:70:7d:
96:e6:98:dd:e3:75:d3:21:54:c8:f2:9d:92:af:44:
f6:dc:ec:e3:85:b1:ef:19:eb:70:47:4e:15:7f:b2:
00:d6:cf:c7:59:5e:33:8e:23:b0:04:36:a0:a4:4a:
4d:2d:79:12:da:ff:80:38:1c:9d:ff:61:30:be:08:
7c:13:37:b2:ec:6c:e6:d0:4a:a1:23:f2:6c:0f:dc:
be:6c:73:13:24:e2:58:5b:18:0f:64:1d:ee:6a:83:
69:df:38:3a:34:7f:15:23:23:6d:14:42:fb:ed:19:
53:40:a6:66:dc:a0:84:a6:4e:ce:b9:eb:3c:c4:53:
12:43:a5:d7:2f:36:9d:0a:02:dc:4b:1b:bb:a6:7b:
01:65:67:21:f9:62:9d:f9:b2:01:66:ec:92:34:60:
b6:1c:e9:d1:da:e3:6a:36:31:f3:2e:7a:eb:46:f6:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8F:73:A2:A8:6A:4B:FA:55:9B:23:32:48:AD:95:67:75:71:EB:9B
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/0I9zoqhqS_pVmyMySK2VZ3Vx65s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.81.0.0/16
195.187.64.0/18
IPv6:
2a00:1488::/32
Signature Algorithm: sha256WithRSAEncryption
6d:0f:25:6a:6a:3c:10:03:e5:76:99:0a:11:f1:03:73:e2:44:
64:f9:f0:b2:ea:bf:83:0d:d9:7d:89:1b:b2:9a:61:b4:b7:24:
6d:ea:2b:53:57:46:99:70:53:35:20:a2:8b:12:42:21:80:0f:
b8:b2:07:47:13:4d:46:b7:0b:3a:0f:31:19:88:30:2b:24:3f:
c4:7d:22:73:89:12:ff:9a:4a:4a:ae:8f:c6:86:c6:f3:2c:f2:
69:6e:57:c2:e8:49:b6:d4:8e:b8:af:c3:b3:4a:a3:69:94:8e:
b9:58:00:f4:9f:56:b2:3c:6c:c3:14:8c:0c:01:46:dc:4c:e1:
70:16:72:56:06:4d:6f:03:ed:20:3d:20:39:b9:09:42:8f:6d:
94:ae:40:cb:47:70:f0:27:1a:95:3d:da:cf:07:0c:f7:5a:f6:
f5:7a:7d:1a:dc:53:d5:e3:6e:9e:1d:07:85:bd:72:d9:66:10:
3c:50:3b:4d:2c:80:d6:ed:50:9f:c2:ed:13:92:8a:b9:a7:4b:
86:ec:a7:e6:3c:9f:41:22:39:87:79:ca:8c:2b:c7:33:78:fa:
71:33:bd:cb:fa:d3:fb:50:43:b7:dc:8b:97:12:72:ab:0f:df:
5a:47:ea:cb:b2:fc:0c:b9:14:c8:d8:b9:e8:58:a9:25:a5:fe:
81:32:83:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVt72ca+tmT5psDbZ+PysJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMTAxMTUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDhmNzNhMmE4NmE0YmZhNTU5YjIzMzI0OGFkOTU2Nzc1NzFlYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojeAsTgoe77IPYgs7Ku4OxCrUJRE
r/iRYMGifNo5wRMMqN0bmZ76ewDZSmcaKZaN7FDRbNOp3+1pYrTJlWjftoLrB8e9
vGKZLh97HdTV2JDmj7+3Y4lBcH2W5pjd43XTIVTI8p2Sr0T23OzjhbHvGetwR04V
f7IA1s/HWV4zjiOwBDagpEpNLXkS2v+AOByd/2Ewvgh8Ezey7Gzm0EqhI/JsD9y+
bHMTJOJYWxgPZB3uaoNp3zg6NH8VIyNtFEL77RlTQKZm3KCEpk7Oues8xFMSQ6XX
LzadCgLcSxu7pnsBZWch+WKd+bIBZuySNGC2HOnR2uNqNjHzLnrrRvawYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNCPc6Koakv6VZsjMkitlWd1ceubMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvMEk5em9xaHFTX3BWbXlNeVNLMlZaM1Z4NjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAlFEDBAbD
u0AwDQQCAAIwBwMFACoAFIgwDQYJKoZIhvcNAQELBQADggEBAG0PJWpqPBAD5XaZ
ChHxA3PiRGT58LLqv4MN2X2JG7KaYbS3JG3qK1NXRplwUzUgoosSQiGAD7iyB0cT
TUa3CzoPMRmIMCskP8R9InOJEv+aSkquj8aGxvMs8mluV8LoSbbUjrivw7NKo2mU
jrlYAPSfVrI8bMMUjAwBRtxM4XAWclYGTW8D7SA9IDm5CUKPbZSuQMtHcPAnGpU9
2s8HDPda9vV6fRrcU9Xjbp4dB4W9ctlmEDxQO00sgNbtUJ/C7ROSirmnS4bsp+Y8
n0EiOYd5yowrxzN4+nEzvcv60/tQQ7fci5cScqsP31pH6suy/Ay5FMjYuehYqSWl
/oEyg2c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org