Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tvGqETtBn3OW1PbckraROCBc6QY.roa
File: tvGqETtBn3OW1PbckraROCBc6QY.roa (raw, json)
Hash identifier: BvB5BTwEl70q6JgTM/K055gR2i7VdhTufOfpJG5Xdj8=
Subject key identifier: B6:F1:AA:11:3B:41:9F:73:96:D4:F6:DC:92:B6:91:38:20:5C:E9:06
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0193454F5FE8F423D3FAFD333379B7A15FCB
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tvGqETtBn3OW1PbckraROCBc6QY.roa
Signing time: Tue 19 Nov 2024 16:44:10 +0000
ROA not before: Tue 19 Nov 2024 16:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206271
IP address blocks: 195.93.226.0/24 maxlen: 24
2a0a:280::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 13:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:4f:5f:e8:f4:23:d3:fa:fd:33:33:79:b7:a1:5f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Nov 19 16:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f1aa113b419f7396d4f6dc92b69138205ce906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3c:73:4c:28:bb:4f:f2:7f:f7:23:ff:1a:1b:
b9:19:50:df:ca:2b:2f:88:69:3c:a1:b4:e2:70:36:
50:86:76:3d:1a:c0:e5:9b:cf:68:42:b9:c0:03:74:
03:f0:f5:ba:dd:db:99:8b:61:8c:4b:e3:71:c2:b3:
98:19:ce:48:d6:39:73:cd:e0:e8:41:38:80:0a:01:
3f:af:f6:81:65:12:f5:ce:3e:8b:7d:44:59:7c:2f:
48:c3:16:5e:f9:7b:65:b6:c7:b9:4e:1f:3f:a7:a0:
21:16:b8:48:67:c3:03:55:56:2c:e1:40:6c:74:5c:
66:c7:23:a7:f5:ea:7a:9e:95:c9:77:95:9b:33:aa:
11:a4:9e:ae:ba:0f:8f:17:e8:c9:03:ae:5d:41:43:
11:98:0e:ac:73:03:62:93:58:0f:61:a2:70:e8:46:
bf:55:f5:ff:12:38:d3:28:a1:ed:7e:40:3d:7e:bf:
42:8d:86:e0:47:68:6a:53:c5:43:68:39:d4:98:46:
6d:7b:52:71:14:20:fe:ba:64:ae:0a:47:bb:ac:3a:
72:79:65:79:50:8f:8a:df:2f:3f:44:15:39:0b:7d:
9b:81:90:81:97:b5:ae:d4:4c:c1:be:68:65:08:d8:
81:6f:0f:6e:1d:85:d5:e3:ea:c7:d9:87:09:f3:d5:
31:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F1:AA:11:3B:41:9F:73:96:D4:F6:DC:92:B6:91:38:20:5C:E9:06
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tvGqETtBn3OW1PbckraROCBc6QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.226.0/24
IPv6:
2a0a:280::/32
Signature Algorithm: sha256WithRSAEncryption
3b:99:17:a8:83:31:80:b3:33:3a:69:1e:36:1c:55:6b:40:59:
31:9a:ec:a2:cb:0c:79:4a:19:de:21:bd:13:98:18:ba:c1:32:
a6:d1:22:1c:85:6f:65:ce:19:57:3d:52:95:14:e2:35:5c:18:
cb:b2:20:67:8b:bb:3f:74:4e:c3:2e:c7:e0:c5:87:8d:bc:67:
6f:db:c7:f9:19:89:70:ee:c2:a4:40:e9:43:94:cf:81:91:9f:
e1:e0:b0:b7:94:4e:49:c7:6e:cd:76:03:99:30:a2:e3:84:92:
27:93:f4:53:8b:57:8f:6e:80:a8:c4:2e:e4:be:60:f5:20:86:
92:15:48:58:e6:d9:07:e2:df:38:fb:93:46:35:73:73:25:d4:
02:01:ae:11:7a:91:d6:af:86:02:3d:cf:53:e1:56:23:23:b1:
67:a4:95:ab:cd:56:c3:4d:10:7b:08:6d:3f:89:f2:1e:50:23:
fa:d0:51:84:9b:29:eb:98:2a:bd:11:8c:39:71:42:7a:d6:89:
56:03:20:c8:85:d5:91:df:be:2f:b5:a3:07:49:97:01:cd:6b:
ed:f6:e6:ef:42:22:97:69:fd:bc:b9:36:50:ab:3f:14:11:68:
2e:0a:42:2e:68:04:a5:1b:28:3f:92:e6:0b:de:4e:f5:f9:81:
cf:23:96:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNFT1/o9CPT+v0zM3m3oV/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQxMTE5MTY0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmYxYWExMTNiNDE5ZjczOTZkNGY2ZGM5MmI2OTEzODIwNWNlOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDxzTCi7T/J/9yP/Ghu5GVDfyisv
iGk8obTicDZQhnY9GsDlm89oQrnAA3QD8PW63duZi2GMS+NxwrOYGc5I1jlzzeDo
QTiACgE/r/aBZRL1zj6LfURZfC9IwxZe+Xtltse5Th8/p6AhFrhIZ8MDVVYs4UBs
dFxmxyOn9ep6npXJd5WbM6oRpJ6uug+PF+jJA65dQUMRmA6scwNik1gPYaJw6Ea/
VfX/EjjTKKHtfkA9fr9CjYbgR2hqU8VDaDnUmEZte1JxFCD+umSuCke7rDpyeWV5
UI+K3y8/RBU5C32bgZCBl7Wu1EzBvmhlCNiBbw9uHYXV4+rH2YcJ89Ux3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLbxqhE7QZ9zltT23JK2kTggXOkGMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvdHZHcUVUdEJuM09XMVBiY2tyYVJPQ0JjNlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw13iMA0E
AgACMAcDBQAqCgKAMA0GCSqGSIb3DQEBCwUAA4IBAQA7mReogzGAszM6aR42HFVr
QFkxmuyiywx5ShneIb0TmBi6wTKm0SIchW9lzhlXPVKVFOI1XBjLsiBni7s/dE7D
LsfgxYeNvGdv28f5GYlw7sKkQOlDlM+BkZ/h4LC3lE5Jx27NdgOZMKLjhJInk/RT
i1ePboCoxC7kvmD1IIaSFUhY5tkH4t84+5NGNXNzJdQCAa4RepHWr4YCPc9T4VYj
I7FnpJWrzVbDTRB7CG0/ifIeUCP60FGEmynrmCq9EYw5cUJ61olWAyDIhdWR374v
taMHSZcBzWvt9ubvQiKXaf28uTZQqz8UEWguCkIuaASlGyg/kuYL3k71+YHPI5Yb
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:19 2024 by rpki-client on console-fra.rpki-client.org