Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S9bOk96L6teI42opDIKUFBu2aD4.roa
File: S9bOk96L6teI42opDIKUFBu2aD4.roa (raw, json)
Hash identifier: 63KvPOxiO7yWZUZS58GErT64+4QT+CCOrDP4Cj77oqM=
Subject key identifier: 4B:D6:CE:93:DE:8B:EA:D7:88:E3:6A:29:0C:82:94:14:1B:B6:68:3E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E7BAAF4DF1E93EBDE512D32737149E0B1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S9bOk96L6teI42opDIKUFBu2aD4.roa
Signing time: Tue 26 Mar 2024 16:49:45 +0000
ROA not before: Tue 26 Mar 2024 16:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 21:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:aa:f4:df:1e:93:eb:de:51:2d:32:73:71:49:e0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 26 16:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bd6ce93de8bead788e36a290c8294141bb6683e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ea:81:ab:a1:61:ca:50:30:53:72:dc:9b:c8:
a2:e2:86:79:20:5e:9d:30:0c:87:b1:db:e8:d4:25:
27:e6:dc:04:9c:1c:d5:cd:39:7f:d0:69:cb:17:3a:
56:25:26:15:ae:13:6e:0f:74:2a:18:32:23:75:5b:
47:9b:9d:d0:76:2a:e2:5c:94:15:3d:b3:49:f5:47:
4a:ab:6b:d4:92:c4:9d:cc:31:a2:42:fd:22:b6:72:
55:c6:6f:dc:da:5a:ae:8d:b1:4a:dd:9d:ab:ba:86:
c8:c6:67:f6:f3:8d:9f:c1:30:50:77:65:39:b6:28:
fa:85:e0:a6:fc:ef:f6:8c:4d:35:3c:f3:89:2a:9d:
c7:c7:03:14:46:1a:d1:14:28:7f:e5:d3:fe:08:6f:
ef:9a:1a:4b:c2:5b:ee:ee:92:33:f1:4e:1d:eb:49:
03:a0:48:6a:df:8c:e9:ae:ab:7e:c6:28:12:fd:ff:
94:9b:f0:5f:ca:62:7d:23:02:ef:1a:8a:cf:ea:1f:
32:47:73:70:af:78:20:d2:79:b0:be:9c:3a:e8:ec:
c5:81:9d:7d:d5:69:42:1a:4f:34:e7:9e:4b:f1:1c:
2b:3e:19:cb:a8:b8:c9:2b:e8:56:3d:00:fe:9f:09:
ef:13:a1:4e:dd:cf:70:fe:4c:6f:db:7c:e1:07:7a:
f3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D6:CE:93:DE:8B:EA:D7:88:E3:6A:29:0C:82:94:14:1B:B6:68:3E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S9bOk96L6teI42opDIKUFBu2aD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/23
Signature Algorithm: sha256WithRSAEncryption
98:3d:d2:88:2a:cb:8e:d6:ec:4b:46:5e:0e:33:0b:37:e1:5b:
fa:54:a7:8c:95:f4:ec:ad:32:ba:ec:83:86:b0:ba:99:75:b9:
be:07:51:cf:e2:da:21:08:05:5e:51:f4:d1:da:33:33:c4:00:
59:49:f4:64:da:2d:f5:9a:33:96:15:cd:81:b2:c2:db:17:de:
ff:f5:08:9b:49:00:ab:d8:ad:f9:42:ef:85:d5:83:d1:8a:59:
9c:5a:0b:7a:b1:e8:65:db:ad:42:9e:eb:d3:51:78:53:97:4b:
3a:13:9c:3a:ef:4a:ff:89:d9:2e:fb:01:ea:07:58:18:5a:ad:
a4:41:29:77:74:aa:92:61:98:62:7c:cf:83:9f:4e:36:05:af:
4b:5c:db:cd:66:67:f4:97:4a:7a:7d:ea:77:2f:79:18:98:f6:
2c:f0:09:5b:fc:83:52:0e:1e:ea:b3:65:d5:90:73:eb:cf:aa:
cc:26:8b:a8:9c:b2:6f:44:f5:57:c4:50:a7:d0:2f:d2:35:ed:
a9:fe:b0:54:81:08:bc:65:85:24:e6:7d:8f:cf:0b:b3:a7:54:
66:9e:b3:ab:e2:11:44:af:41:d2:8c:d6:98:40:e0:53:69:5c:
39:c9:11:13:fc:70:72:28:3e:46:99:3f:12:9f:a4:48:31:f1:
2e:c5:3c:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY57qvTfHpPr3lEtMnNxSeCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzI2MTY0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ2Y2U5M2RlOGJlYWQ3ODhlMzZhMjkwYzgyOTQxNDFiYjY2ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uqBq6FhylAwU3Lcm8ii4oZ5IF6d
MAyHsdvo1CUn5twEnBzVzTl/0GnLFzpWJSYVrhNuD3QqGDIjdVtHm53QdiriXJQV
PbNJ9UdKq2vUksSdzDGiQv0itnJVxm/c2lqujbFK3Z2ruobIxmf2842fwTBQd2U5
tij6heCm/O/2jE01PPOJKp3HxwMURhrRFCh/5dP+CG/vmhpLwlvu7pIz8U4d60kD
oEhq34zprqt+xigS/f+Um/BfymJ9IwLvGorP6h8yR3Nwr3gg0nmwvpw66OzFgZ19
1WlCGk80555L8RwrPhnLqLjJK+hWPQD+nwnvE6FO3c9w/kxv23zhB3rzXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvWzpPei+rXiONqKQyClBQbtmg+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUzliT2s5Nkw2dGVJNDJvcERJS1VGQnUyYUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7FcMA0G
CSqGSIb3DQEBCwUAA4IBAQCYPdKIKsuO1uxLRl4OMws34Vv6VKeMlfTsrTK67IOG
sLqZdbm+B1HP4tohCAVeUfTR2jMzxABZSfRk2i31mjOWFc2BssLbF97/9QibSQCr
2K35Qu+F1YPRilmcWgt6sehl261CnuvTUXhTl0s6E5w670r/idku+wHqB1gYWq2k
QSl3dKqSYZhifM+Dn042Ba9LXNvNZmf0l0p6fep3L3kYmPYs8Alb/INSDh7qs2XV
kHPrz6rMJouonLJvRPVXxFCn0C/SNe2p/rBUgQi8ZYUk5n2Pzwuzp1RmnrOr4hFE
r0HSjNaYQOBTaVw5yRET/HByKD5GmT8Sn6RIMfEuxTx9
-----END CERTIFICATE-----
Generated at Sun Sep 1 23:18:58 2024 by rpki-client on console-ams.rpki-client.org