Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/t7ibU5oTUvFQjS2EphE1orLVWl4.roa
File: t7ibU5oTUvFQjS2EphE1orLVWl4.roa (raw, json)
Hash identifier: 3FHAs//IXyOIMTdM2RDL11CH3/4pNbI5gtMBfOt6xFE=
Subject key identifier: B7:B8:9B:53:9A:13:52:F1:50:8D:2D:84:A6:11:35:A2:B2:D5:5A:5E
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01856DEF6CFA64E53BE2CEE3DFC6687A02A3
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/t7ibU5oTUvFQjS2EphE1orLVWl4.roa
Signing time: Sun 01 Jan 2023 15:24:45 +0000
ROA not before: Sun 01 Jan 2023 15:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49035
IP address blocks: 195.187.156.0/23 maxlen: 23
195.187.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:6c:fa:64:e5:3b:e2:ce:e3:df:c6:68:7a:02:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 15:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7b89b539a1352f1508d2d84a61135a2b2d55a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:09:b5:f3:ff:bd:ed:e8:3a:b0:ac:9e:da:40:
9d:5a:96:e5:e0:ab:f8:c3:dc:6a:02:de:0c:86:99:
79:ad:5a:99:7a:07:e5:17:6d:ce:02:c1:be:31:74:
b3:2a:75:d0:8b:0d:b7:46:26:05:ac:0a:05:8e:67:
25:34:21:01:57:7c:55:30:84:0e:45:bd:21:6a:d0:
31:36:6e:91:b5:0d:b6:39:65:ea:6d:fa:78:2d:e3:
bb:d9:1d:76:5b:93:50:79:ef:b1:01:18:da:79:c9:
db:6e:29:0d:fc:06:56:4a:b9:2e:59:23:d3:c8:3e:
33:0f:0e:6a:4a:d8:13:ee:7f:58:b0:bd:63:71:af:
e5:40:57:41:0d:f5:2b:25:04:5b:02:0b:52:ee:c5:
cb:28:fa:2a:18:67:1f:50:24:f1:44:de:fc:dd:43:
66:c9:0c:93:15:8e:d7:aa:b1:a0:91:63:f2:69:8a:
55:1c:3d:25:1b:c4:db:21:b7:20:4d:7a:f0:13:67:
32:71:0e:b3:74:f0:6e:06:a4:c9:ef:2b:c2:11:46:
ae:b7:93:c7:09:54:11:17:38:87:21:05:ea:f7:bc:
cc:73:eb:7f:c0:b0:1b:bd:1f:eb:ee:41:36:c7:9a:
4c:e5:ec:cd:8f:0f:1f:cf:c5:6b:64:2f:73:1e:3d:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B8:9B:53:9A:13:52:F1:50:8D:2D:84:A6:11:35:A2:B2:D5:5A:5E
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/t7ibU5oTUvFQjS2EphE1orLVWl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.187.156.0-195.187.158.255
Signature Algorithm: sha256WithRSAEncryption
79:b9:26:65:aa:11:a2:4e:82:6f:96:40:ac:ef:44:44:25:cf:
e6:10:35:ce:ab:b2:aa:13:07:b2:d5:42:b2:4c:a0:0d:97:0b:
42:55:34:1f:60:f5:33:70:d5:97:ca:68:29:48:e2:b6:9e:13:
72:71:0b:15:67:bc:f1:e9:79:e2:1e:31:71:37:bf:04:ef:7d:
49:dd:fd:8a:66:e5:35:16:e3:6c:c4:55:19:ef:90:25:c5:46:
ee:a1:6e:1b:0a:1c:43:61:51:7b:cd:76:50:93:48:6d:5c:fb:
99:05:c2:f1:ad:3b:f6:c9:0f:22:85:34:d0:bb:9e:a4:a8:e1:
21:c7:9b:5e:6d:53:9d:14:9d:57:db:af:1f:ae:76:1e:dd:18:
7a:5c:6c:c7:47:d8:ba:b7:6a:d3:32:ca:dc:aa:9a:21:4c:f0:
13:c3:ff:02:44:42:64:ec:1c:2e:0b:e7:83:b0:20:7b:f2:ab:
12:6b:00:a7:4a:f0:c7:c7:b4:2a:f6:15:2e:4e:9d:c2:c6:80:
15:a1:84:39:3e:a1:de:e0:aa:59:ad:19:ab:ef:20:97:a9:a3:
c9:04:60:b7:cc:09:f9:e5:57:c4:4f:91:a7:43:7a:48:2a:5f:
b3:94:61:ce:c8:2a:d4:7d:94:2a:34:3d:36:30:a7:be:d2:5a:
5d:0b:29:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVt72z6ZOU74s7j38ZoegKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMTAxMTUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I4OWI1MzlhMTM1MmYxNTA4ZDJkODRhNjExMzVhMmIyZDU1YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgm18/+97eg6sKye2kCdWpbl4Kv4
w9xqAt4Mhpl5rVqZegflF23OAsG+MXSzKnXQiw23RiYFrAoFjmclNCEBV3xVMIQO
Rb0hatAxNm6RtQ22OWXqbfp4LeO72R12W5NQee+xARjaecnbbikN/AZWSrkuWSPT
yD4zDw5qStgT7n9YsL1jca/lQFdBDfUrJQRbAgtS7sXLKPoqGGcfUCTxRN783UNm
yQyTFY7XqrGgkWPyaYpVHD0lG8TbIbcgTXrwE2cycQ6zdPBuBqTJ7yvCEUaut5PH
CVQRFziHIQXq97zMc+t/wLAbvR/r7kE2x5pM5ezNjw8fz8VrZC9zHj25iQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLe4m1OaE1LxUI0thKYRNaKy1VpeMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvdDdpYlU1b1RVdkZRalMyRXBoRTFvckxWV2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALDu5wD
BADDu54wDQYJKoZIhvcNAQELBQADggEBAHm5JmWqEaJOgm+WQKzvREQlz+YQNc6r
sqoTB7LVQrJMoA2XC0JVNB9g9TNw1ZfKaClI4raeE3JxCxVnvPHpeeIeMXE3vwTv
fUnd/Ypm5TUW42zEVRnvkCXFRu6hbhsKHENhUXvNdlCTSG1c+5kFwvGtO/bJDyKF
NNC7nqSo4SHHm15tU50UnVfbrx+udh7dGHpcbMdH2Lq3atMyytyqmiFM8BPD/wJE
QmTsHC4L54OwIHvyqxJrAKdK8MfHtCr2FS5OncLGgBWhhDk+od7gqlmtGavvIJep
o8kEYLfMCfnlV8RPkadDekgqX7OUYc7IKtR9lCo0PTYwp77SWl0LKQM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org