Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/pKu87mpUDF5CGv97gL3-9c44yS4.roa
File: pKu87mpUDF5CGv97gL3-9c44yS4.roa (raw, json)
Hash identifier: 9UhM4gGXCaC/4sSgryKXcW/EYySJOkz1lmpSHXoWAY0=
Subject key identifier: A4:AB:BC:EE:6A:54:0C:5E:42:1A:FF:7B:80:BD:FE:F5:CE:38:C9:2E
Certificate issuer: /CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Certificate serial: 018CC5000CB4F3DA8558C2BD6E0DC8895D00
Authority key identifier: 4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/pKu87mpUDF5CGv97gL3-9c44yS4.roa
Signing time: Mon 01 Jan 2024 12:29:23 +0000
ROA not before: Mon 01 Jan 2024 12:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202311
IP address blocks: 195.26.68.0/22 maxlen: 24
2a07:f680::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 05 Oct 2024 20:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0c:b4:f3:da:85:58:c2:bd:6e:0d:c8:89:5d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Validity
Not Before: Jan 1 12:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4abbcee6a540c5e421aff7b80bdfef5ce38c92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9c:9d:9b:ea:41:b8:21:7d:92:b8:24:3d:f1:
6d:77:43:47:0a:5d:05:98:f4:c6:7c:e4:93:57:be:
bf:6e:c0:90:0a:d2:b1:dd:4a:80:11:a6:8c:a3:ac:
2e:d9:5f:e4:30:06:84:48:b5:82:88:cd:f8:53:8b:
e2:be:25:8b:7c:b4:2e:ed:41:a3:8e:5b:93:8a:1f:
59:3d:6c:07:d0:8d:c8:b7:2b:29:ef:19:87:5d:1b:
0d:50:ec:0f:f2:1a:3c:2e:b9:7a:bd:47:d2:a9:06:
75:49:14:c8:52:56:db:15:96:c7:e0:76:d1:de:9d:
82:d8:86:cc:20:5e:77:9b:f8:67:d4:02:6b:98:18:
c2:99:19:3e:e9:aa:b1:43:d8:d9:14:56:ff:84:7f:
9d:ac:7d:df:7e:7d:9b:15:38:44:6e:6e:3a:15:18:
8b:9a:c5:59:87:1e:0a:f3:95:90:82:04:6a:39:c5:
f7:4f:96:91:34:57:d5:fb:85:04:52:5e:7f:91:28:
c6:9a:41:34:d9:5f:36:17:73:15:e3:54:ef:42:cd:
4c:19:6a:94:9a:15:f9:dd:93:48:4f:43:73:9e:04:
d9:36:2e:c1:07:97:81:4d:fc:5c:ab:ed:55:62:16:
2a:4f:09:7b:10:1b:05:26:63:1d:dc:8e:17:d9:18:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AB:BC:EE:6A:54:0C:5E:42:1A:FF:7B:80:BD:FE:F5:CE:38:C9:2E
X509v3 Authority Key Identifier:
keyid:4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/pKu87mpUDF5CGv97gL3-9c44yS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.68.0/22
IPv6:
2a07:f680::/29
Signature Algorithm: sha256WithRSAEncryption
48:bb:26:d0:76:33:3e:93:6e:34:b4:b8:03:6a:34:20:7b:66:
04:61:d8:7e:e4:ff:9f:9b:e4:21:04:da:be:3a:33:dd:5a:a7:
f8:5d:72:ab:0c:73:f6:d3:71:8f:ea:8b:59:0c:0f:75:89:c0:
ba:1e:bf:42:14:88:23:37:07:a6:0b:e4:13:56:a4:5b:f7:8e:
54:1f:6c:0c:e6:84:d4:49:3d:71:a4:af:55:c5:d6:cc:7a:cf:
7f:17:b7:33:25:14:47:42:bc:b5:ad:a3:c0:a4:43:73:ab:45:
85:0d:da:4e:27:fc:24:82:23:35:43:15:e9:3b:aa:4f:28:a2:
43:ec:c0:25:de:74:b1:1e:54:1d:a3:b6:f3:78:f6:8c:4a:96:
48:8f:48:a0:02:08:41:ce:c8:db:be:37:b3:fd:9a:d8:56:7e:
34:f7:97:b1:53:31:72:8e:57:28:b2:fa:19:db:e5:7b:cd:f0:
59:0f:69:33:f6:3c:b7:24:5d:89:c9:40:15:11:23:1c:f2:56:
0a:1f:a2:cb:cb:8d:31:c7:ef:b9:32:8a:c0:07:cb:5d:a3:dc:
f5:67:c3:cd:74:c0:ec:00:3e:0a:bf:af:05:42:e1:06:e5:65:
5e:3b:c4:b4:eb:43:4c:dc:7a:38:85:e4:ac:90:40:79:f3:92:
78:c4:7b:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAAy089qFWMK9bg3IiV0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQ5Yjg0N2QzMTI5M2Y3MDFlMWNmOTlkZDhjYTBlYmJi
MGI1YmQwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFiYmNlZTZhNTQwYzVlNDIxYWZmN2I4MGJkZmVmNWNlMzhjOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJydm+pBuCF9krgkPfFtd0NHCl0F
mPTGfOSTV76/bsCQCtKx3UqAEaaMo6wu2V/kMAaESLWCiM34U4viviWLfLQu7UGj
jluTih9ZPWwH0I3Itysp7xmHXRsNUOwP8ho8Lrl6vUfSqQZ1SRTIUlbbFZbH4HbR
3p2C2IbMIF53m/hn1AJrmBjCmRk+6aqxQ9jZFFb/hH+drH3ffn2bFThEbm46FRiL
msVZhx4K85WQggRqOcX3T5aRNFfV+4UEUl5/kSjGmkE02V82F3MV41TvQs1MGWqU
mhX53ZNIT0NzngTZNi7BB5eBTfxcq+1VYhYqTwl7EBsFJmMd3I4X2RiCNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKSrvO5qVAxeQhr/e4C9/vXOOMkuMB8GA1UdIwQY
MBaAFE8Um4R9MSk/cB4c+Z3Yyg67sLW9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjIt
NDUyYmFkZmQ1YTZkLzEvcEt1ODdtcFVERjVDR3Y5N2dMMy05YzQ0eVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjItNDUyYmFkZmQ1YTZk
LzEvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwxpEMA0E
AgACMAcDBQMqB/aAMA0GCSqGSIb3DQEBCwUAA4IBAQBIuybQdjM+k240tLgDajQg
e2YEYdh+5P+fm+QhBNq+OjPdWqf4XXKrDHP203GP6otZDA91icC6Hr9CFIgjNwem
C+QTVqRb945UH2wM5oTUST1xpK9VxdbMes9/F7czJRRHQry1raPApENzq0WFDdpO
J/wkgiM1QxXpO6pPKKJD7MAl3nSxHlQdo7bzePaMSpZIj0igAghBzsjbvjez/ZrY
Vn4095exUzFyjlcosvoZ2+V7zfBZD2kz9jy3JF2JyUAVESMc8lYKH6LLy40xx++5
MorAB8tdo9z1Z8PNdMDsAD4Kv68FQuEG5WVeO8S060NM3Ho4heSskEB585J4xHuV
-----END CERTIFICATE-----
Generated at Sat Oct 5 23:39:19 2024 by rpki-client on console-ams.rpki-client.org