Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aogtzV_RB7HZDYnhYYsNpjtUrmM.roa
File: aogtzV_RB7HZDYnhYYsNpjtUrmM.roa (raw, json)
Hash identifier: lWKOk1NcOfy+lzYk0qXP2o+MO5rzLMV6gzqJUhJQwqk=
Subject key identifier: 6A:88:2D:CD:5F:D1:07:B1:D9:0D:89:E1:61:8B:0D:A6:3B:54:AE:63
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0191AF856D11046906451ACA9F7AFDBAF497
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aogtzV_RB7HZDYnhYYsNpjtUrmM.roa
Signing time: Sun 01 Sep 2024 21:37:22 +0000
ROA not before: Sun 01 Sep 2024 21:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
2a01:7120:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Sep 2024 19:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:af:85:6d:11:04:69:06:45:1a:ca:9f:7a:fd:ba:f4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 1 21:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a882dcd5fd107b1d90d89e1618b0da63b54ae63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f6:c5:0a:d4:c5:5f:d3:cf:22:a9:a7:d3:ec:
0d:37:f0:9a:ad:6c:82:cd:32:be:0f:2b:af:bd:7a:
86:85:c8:8c:57:d3:21:53:56:39:78:c1:43:c9:13:
c3:28:a3:6d:17:ea:4b:5b:a3:c2:b1:4c:95:02:dc:
50:b1:58:70:68:e6:ac:e7:93:5e:7c:fc:69:24:c1:
f0:a6:7f:45:24:cd:6f:1a:46:3a:57:95:96:31:69:
59:2f:5d:a5:85:f3:35:df:ff:7a:8e:7f:02:ed:05:
ed:bc:45:94:01:83:3a:83:e9:7e:d8:00:67:ae:35:
2b:5c:59:65:9a:1d:26:55:ee:d1:07:ad:2c:0d:06:
38:2d:9f:04:01:19:c8:ea:91:26:a1:84:f7:32:bf:
0c:55:a1:1b:32:d3:b4:6d:19:2b:ce:1e:01:0b:2f:
88:27:8a:32:cb:ba:9d:83:51:2b:11:6b:9e:d6:89:
b9:f0:b5:b8:ab:e7:7d:8c:58:5b:ac:d0:65:85:71:
ef:1f:02:10:24:b0:c1:c3:1b:d0:fc:34:58:0e:e7:
7e:84:89:a0:08:53:03:64:dc:5a:17:a9:31:c6:ca:
82:74:6c:28:b7:64:cf:c0:2b:b6:39:05:12:45:8e:
e6:17:cd:3e:71:bf:13:a8:52:cd:83:3d:50:6f:fc:
66:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:88:2D:CD:5F:D1:07:B1:D9:0D:89:E1:61:8B:0D:A6:3B:54:AE:63
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/aogtzV_RB7HZDYnhYYsNpjtUrmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/23
IPv6:
2a01:7120:7::/48
Signature Algorithm: sha256WithRSAEncryption
73:e3:69:17:3f:64:43:a0:4d:9f:09:a0:a0:7f:1c:ca:45:4b:
2d:4c:6e:4b:08:f3:3a:c1:2f:df:3b:2e:72:b5:aa:75:5a:9a:
0d:60:86:de:58:21:f6:22:7a:78:a4:24:b6:c7:ff:9f:69:e5:
0d:77:05:88:10:ec:c3:cf:6f:b7:e9:95:f0:06:40:0b:3e:62:
d7:c4:c4:69:16:66:63:52:29:03:d6:ca:20:7d:24:a3:ad:a3:
8f:f9:05:4d:10:30:cb:a7:a6:56:7a:66:b2:48:d6:3b:0e:4a:
59:94:2d:16:a5:4e:64:35:2f:34:18:b8:d6:80:f0:83:aa:1f:
78:b7:68:62:ff:5b:0b:a5:fc:cb:c3:e9:fb:17:b3:15:52:a9:
6d:f4:61:31:c2:fd:f6:9e:e0:df:c4:98:62:68:70:74:3f:66:
35:7a:e8:e2:81:0a:5c:bc:68:36:ee:83:23:9a:e8:98:8d:b9:
d6:1a:8e:81:a6:42:5c:10:91:8c:04:9e:ca:bf:43:6f:0e:8f:
00:7b:8a:59:20:98:16:d7:5d:99:f1:82:ed:b7:28:ab:ad:a9:
7a:27:95:60:bf:b4:3c:b6:f5:de:00:cf:e9:ba:c6:91:cc:65:
45:cd:5a:a8:85:e6:55:ec:38:49:bc:7e:18:1f:a1:82:e8:45:
48:cc:ac:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZGvhW0RBGkGRRrKn3r9uvSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTAxMjEzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg4MmRjZDVmZDEwN2IxZDkwZDg5ZTE2MThiMGRhNjNiNTRhZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPbFCtTFX9PPIqmn0+wNN/CarWyC
zTK+DyuvvXqGhciMV9MhU1Y5eMFDyRPDKKNtF+pLW6PCsUyVAtxQsVhwaOas55Ne
fPxpJMHwpn9FJM1vGkY6V5WWMWlZL12lhfM13/96jn8C7QXtvEWUAYM6g+l+2ABn
rjUrXFllmh0mVe7RB60sDQY4LZ8EARnI6pEmoYT3Mr8MVaEbMtO0bRkrzh4BCy+I
J4oyy7qdg1ErEWue1om58LW4q+d9jFhbrNBlhXHvHwIQJLDBwxvQ/DRYDud+hImg
CFMDZNxaF6kxxsqCdGwot2TPwCu2OQUSRY7mF80+cb8TqFLNgz1Qb/xm5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqILc1f0Qex2Q2J4WGLDaY7VK5jMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYW9ndHpWX1JCN0haRFluaFlZc05wanRVcm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7FcMA8E
AgACMAkDBwAqAXEgAAcwDQYJKoZIhvcNAQELBQADggEBAHPjaRc/ZEOgTZ8JoKB/
HMpFSy1MbksI8zrBL987LnK1qnVamg1ght5YIfYienikJLbH/59p5Q13BYgQ7MPP
b7fplfAGQAs+YtfExGkWZmNSKQPWyiB9JKOto4/5BU0QMMunplZ6ZrJI1jsOSlmU
LRalTmQ1LzQYuNaA8IOqH3i3aGL/Wwul/MvD6fsXsxVSqW30YTHC/fae4N/EmGJo
cHQ/ZjV66OKBCly8aDbugyOa6JiNudYajoGmQlwQkYwEnsq/Q28OjwB7ilkgmBbX
XZnxgu23KKutqXonlWC/tDy29d4Az+m6xpHMZUXNWqiF5lXsOEm8fhgfoYLoRUjM
rMc=
-----END CERTIFICATE-----
Generated at Thu Sep 5 21:53:23 2024 by rpki-client on console-ams.rpki-client.org