Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/1pdTQCdC1NCI3JPDy5naK2iHgAU.roa
File: 1pdTQCdC1NCI3JPDy5naK2iHgAU.roa (raw, json)
Hash identifier: RnSJbNjBLIHOql0R25cnMca2NMbLlCMeW7fwl03T2W0=
Subject key identifier: D6:97:53:40:27:42:D4:D0:88:DC:93:C3:CB:99:DA:2B:68:87:80:05
Certificate issuer: /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial: 01856E666D7404280364E429A0975943EC75
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/1pdTQCdC1NCI3JPDy5naK2iHgAU.roa
Signing time: Sun 01 Jan 2023 17:34:44 +0000
ROA not before: Sun 01 Jan 2023 17:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 195.225.135.0/24 maxlen: 26
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:6d:74:04:28:03:64:e4:29:a0:97:59:43:ec:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Validity
Not Before: Jan 1 17:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69753402742d4d088dc93c3cb99da2b68878005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:b1:e7:77:12:b1:cf:44:20:ae:5e:01:4a:
7b:f5:cc:ce:65:90:c6:01:54:c3:d0:73:67:8a:0f:
78:9a:23:a4:d3:ab:17:5d:7c:cd:46:20:9e:33:b2:
b9:e3:89:1f:0e:d3:9c:4b:f7:ad:a6:0f:fe:0e:b1:
6d:3a:46:44:19:03:76:77:d3:f9:fa:b8:f3:06:b6:
a7:fd:8e:c5:e0:09:33:84:a4:a4:af:81:16:46:23:
77:ac:4e:c0:1f:cf:28:2b:2a:79:7b:e0:06:0b:e8:
36:7a:b0:24:b0:38:11:ab:cf:27:4b:c4:45:4e:40:
de:ab:55:90:6a:1c:6d:d9:13:49:c1:df:fe:2a:7c:
00:44:0f:3f:63:bd:c1:30:d9:dd:4f:43:44:27:2a:
a5:1f:31:3a:fa:77:c5:48:7b:c7:5a:85:80:2a:2c:
57:59:cb:ac:c6:e4:59:19:4d:98:58:92:61:f2:d7:
20:73:29:01:5b:d0:93:c2:04:e7:dc:fc:34:b6:47:
33:a6:db:45:e5:d4:5b:3a:40:2c:dc:23:90:b2:6d:
04:dc:b4:11:c7:26:48:85:9b:dd:46:f0:17:ab:76:
fb:d4:ea:94:df:e0:a6:b9:49:35:63:c1:97:ef:85:
e8:cd:61:a1:0e:96:14:da:65:d5:ca:f3:28:14:44:
19:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:53:40:27:42:D4:D0:88:DC:93:C3:CB:99:DA:2B:68:87:80:05
X509v3 Authority Key Identifier:
keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/1pdTQCdC1NCI3JPDy5naK2iHgAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.135.0/24
Signature Algorithm: sha256WithRSAEncryption
af:ca:de:cc:61:24:57:d5:a6:8c:d8:0c:c1:16:58:4c:f0:31:
68:b2:55:de:b4:06:c6:b2:a2:1b:4a:ba:0d:09:ca:33:d7:f4:
15:c1:42:fa:2e:bd:62:00:ec:bd:c3:f8:a0:38:e1:34:df:66:
c3:39:13:c5:77:e0:49:63:0c:27:09:3a:6a:6c:90:ab:e7:6f:
40:f8:0c:42:53:3f:68:68:9d:9b:ae:53:d3:22:01:c4:a6:d1:
ec:33:54:03:36:db:8a:80:41:35:b9:9b:d3:a4:35:e0:a5:7a:
a1:4b:83:43:cc:56:77:9b:40:75:25:da:3e:06:44:7d:56:bc:
55:2e:60:c3:5c:a3:aa:4b:c0:63:9d:45:9f:ab:e5:73:81:09:
41:24:78:9f:81:fe:c4:ad:78:63:cf:b0:a1:36:e5:79:b0:d3:
fb:cb:6d:d2:41:b9:22:f7:96:91:c9:6d:aa:5f:36:39:6b:77:
e6:72:47:ad:c2:00:bf:98:d5:fa:ca:a4:59:96:bc:1a:63:5e:
e2:4b:6f:d7:19:5c:03:63:43:2f:d0:96:d8:87:24:42:07:9c:
78:5c:2e:12:31:2c:2b:02:9b:60:22:48:71:31:b5:5e:fb:45:
25:b3:ca:f6:0e:df:7d:c9:66:e2:2b:99:fd:16:f7:fd:c3:65:
39:e3:a0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZm10BCgDZOQpoJdZQ+x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzg5MTE2ODJiYzVjYTcxY2VjZTFlZmUzYWMxMzViZmRi
NTlkZDYwHhcNMjMwMTAxMTczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk3NTM0MDI3NDJkNGQwODhkYzkzYzNjYjk5ZGEyYjY4ODc4MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ex53cSsc9EIK5eAUp79czOZZDG
AVTD0HNnig94miOk06sXXXzNRiCeM7K544kfDtOcS/etpg/+DrFtOkZEGQN2d9P5
+rjzBran/Y7F4AkzhKSkr4EWRiN3rE7AH88oKyp5e+AGC+g2erAksDgRq88nS8RF
TkDeq1WQahxt2RNJwd/+KnwARA8/Y73BMNndT0NEJyqlHzE6+nfFSHvHWoWAKixX
WcusxuRZGU2YWJJh8tcgcykBW9CTwgTn3Pw0tkczpttF5dRbOkAs3COQsm0E3LQR
xyZIhZvdRvAXq3b71OqU3+CmuUk1Y8GX74XozWGhDpYU2mXVyvMoFEQZJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaXU0AnQtTQiNyTw8uZ2itoh4AFMB8GA1UdIwQY
MBaAFH3IkRaCvFynHOzh7+OsE1v9tZ3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQt
NzUyOTUyNTFiMWU4LzEvMXBkVFFDZEMxTkNJM0pQRHk1bmFLMmlIZ0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQtNzUyOTUyNTFiMWU4
LzEvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+GHMA0G
CSqGSIb3DQEBCwUAA4IBAQCvyt7MYSRX1aaM2AzBFlhM8DFoslXetAbGsqIbSroN
Ccoz1/QVwUL6Lr1iAOy9w/igOOE032bDORPFd+BJYwwnCTpqbJCr529A+AxCUz9o
aJ2brlPTIgHEptHsM1QDNtuKgEE1uZvTpDXgpXqhS4NDzFZ3m0B1Jdo+BkR9VrxV
LmDDXKOqS8BjnUWfq+VzgQlBJHifgf7ErXhjz7ChNuV5sNP7y23SQbki95aRyW2q
XzY5a3fmcketwgC/mNX6yqRZlrwaY17iS2/XGVwDY0Mv0JbYhyRCB5x4XC4SMSwr
AptgIkhxMbVe+0Uls8r2Dt99yWbiK5n9Fvf9w2U546DE
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:05 2024 by rpki-client on console-fra.rpki-client.org