Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/IFJJyqrlv-2lRpDGz_CDBQ44x6c.roa
File: IFJJyqrlv-2lRpDGz_CDBQ44x6c.roa (raw, json)
Hash identifier: XDf4+xLgEnLYhj1m/995XB6a3RpVFX0xXT+RHpF0Bo8=
Subject key identifier: 20:52:49:CA:AA:E5:BF:ED:A5:46:90:C6:CF:F0:83:05:0E:38:C7:A7
Certificate issuer: /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial: 018BC0644047C033997240962CB001815CE6
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/IFJJyqrlv-2lRpDGz_CDBQ44x6c.roa
Signing time: Sat 11 Nov 2023 21:57:57 +0000
ROA not before: Sat 11 Nov 2023 21:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 195.184.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 20:45:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c0:64:40:47:c0:33:99:72:40:96:2c:b0:01:81:5c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Validity
Not Before: Nov 11 21:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=205249caaae5bfeda54690c6cff083050e38c7a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:d3:8a:5d:29:1a:20:7f:c2:3d:d5:42:bd:
e9:fe:94:e4:96:f8:d9:93:19:f1:b8:cd:3c:c1:14:
78:06:c7:8b:3e:19:89:ad:f4:ad:e4:0c:7b:96:35:
da:74:64:d7:f7:59:cc:b6:f7:cb:45:de:9d:49:7c:
29:7a:de:26:b7:40:cf:6c:28:04:61:6e:01:9d:2b:
21:54:db:29:57:e7:a3:81:e8:4d:95:6e:86:db:62:
40:5b:6b:fb:00:fb:bc:4b:1e:df:f5:f0:c8:3d:85:
11:b3:dd:bf:29:1b:ad:7f:4b:0c:7a:0e:23:73:fa:
64:5a:20:24:1a:04:93:36:69:ed:4f:5c:4b:8b:00:
05:38:45:fc:7b:e8:d0:3e:58:bc:83:ec:63:06:19:
61:20:51:48:2e:06:b1:a2:79:14:ee:36:26:3f:2e:
69:5a:a3:a0:cd:b5:07:f3:ed:4b:01:7f:17:9b:ae:
1a:61:b7:0d:71:71:a6:cb:6c:b0:16:42:56:bf:92:
f1:4b:cc:c1:32:fa:04:d3:76:ba:a8:7d:00:30:22:
81:ae:25:b2:62:ba:d7:85:fe:f0:66:6b:33:ac:b1:
60:68:d4:4f:38:a1:ae:68:00:62:41:8b:1a:b9:7e:
e1:56:83:f9:c1:df:11:e9:4d:e6:c7:ce:cf:4c:a3:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:52:49:CA:AA:E5:BF:ED:A5:46:90:C6:CF:F0:83:05:0E:38:C7:A7
X509v3 Authority Key Identifier:
keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/IFJJyqrlv-2lRpDGz_CDBQ44x6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.76.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c7:9c:6a:97:61:91:a7:0b:fa:58:23:23:e4:9f:ce:f6:ce:
6a:3e:04:c0:ca:83:32:0e:c4:85:68:43:54:11:41:1e:b4:8e:
64:35:b8:c5:07:fe:b6:ce:df:ee:4a:8f:15:a5:90:e6:a1:23:
a4:21:42:f2:71:51:cb:62:d0:e3:57:14:35:10:62:cc:e5:1d:
5e:ed:1a:7c:7f:96:cc:75:02:7b:eb:e1:27:74:94:0f:5a:dd:
c3:fa:a1:e6:6b:86:fb:3c:46:41:5e:10:a8:8b:60:0f:7f:5f:
cf:2d:e5:ae:ab:98:08:04:55:62:7e:ba:96:58:dd:6d:c9:e4:
1e:d0:6d:85:95:24:1b:8d:c5:b5:53:0b:13:d3:6a:3c:cc:bd:
63:ab:c5:e6:c2:d1:cd:86:8e:68:05:e5:9e:cb:0c:49:f0:08:
38:41:bd:c6:88:da:8b:36:fd:f9:c8:e4:89:a6:90:4d:c4:18:
8f:98:03:08:9e:58:53:98:68:22:2f:64:de:49:4d:ea:78:6f:
e0:2a:44:4a:60:d9:be:fc:bd:b2:c3:d6:cc:17:bb:d8:84:c5:
91:b7:08:32:0b:a2:db:0e:65:2f:f8:4d:95:72:65:5d:25:2f:
70:b9:65:f9:b9:86:70:5b:7a:6a:35:bb:15:35:02:20:c1:32:
ab:36:5d:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvAZEBHwDOZckCWLLABgVzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjMxMTExMjE1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDUyNDljYWFhZTViZmVkYTU0NjkwYzZjZmYwODMwNTBlMzhjN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIHTil0pGiB/wj3VQr3p/pTklvjZ
kxnxuM08wRR4BseLPhmJrfSt5Ax7ljXadGTX91nMtvfLRd6dSXwpet4mt0DPbCgE
YW4BnSshVNspV+ejgehNlW6G22JAW2v7APu8Sx7f9fDIPYURs92/KRutf0sMeg4j
c/pkWiAkGgSTNmntT1xLiwAFOEX8e+jQPli8g+xjBhlhIFFILgaxonkU7jYmPy5p
WqOgzbUH8+1LAX8Xm64aYbcNcXGmy2ywFkJWv5LxS8zBMvoE03a6qH0AMCKBriWy
YrrXhf7wZmszrLFgaNRPOKGuaABiQYsauX7hVoP5wd8R6U3mx87PTKOqFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBSScqq5b/tpUaQxs/wgwUOOMenMB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvSUZKSnlxcmx2LTJsUnBER3pfQ0RCUTQ0eDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQAhx5xql2GRpwv6WCMj5J/O9s5qPgTAyoMyDsSFaENU
EUEetI5kNbjFB/62zt/uSo8VpZDmoSOkIULycVHLYtDjVxQ1EGLM5R1e7Rp8f5bM
dQJ76+EndJQPWt3D+qHma4b7PEZBXhCoi2APf1/PLeWuq5gIBFVifrqWWN1tyeQe
0G2FlSQbjcW1UwsT02o8zL1jq8XmwtHNho5oBeWeywxJ8Ag4Qb3GiNqLNv35yOSJ
ppBNxBiPmAMInlhTmGgiL2TeSU3qeG/gKkRKYNm+/L2yw9bMF7vYhMWRtwgyC6Lb
DmUv+E2VcmVdJS9wuWX5uYZwW3pqNbsVNQIgwTKrNl19
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org