Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/0UnFaQJhJub-H7DcoocwqAsykqo.roa
File: 0UnFaQJhJub-H7DcoocwqAsykqo.roa (raw, json)
Hash identifier: eKeKTP29CYMoyQZKa+iAdygLcxvzcni0YdVcb3xZpPU=
Subject key identifier: D1:49:C5:69:02:61:26:E6:FE:1F:B0:DC:A2:87:30:A8:0B:32:92:AA
Certificate issuer: /CN=aee8d6f56c5fbc904c9b913609013e5964865257
Certificate serial: 018FAA76C949C9115B7FE7CCD897E9F5EEF9
Authority key identifier: AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/0UnFaQJhJub-H7DcoocwqAsykqo.roa
Signing time: Fri 24 May 2024 11:57:42 +0000
ROA not before: Fri 24 May 2024 11:57:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201670
IP address blocks: 195.20.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 17:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:76:c9:49:c9:11:5b:7f:e7:cc:d8:97:e9:f5:ee:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee8d6f56c5fbc904c9b913609013e5964865257
Validity
Not Before: May 24 11:57:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d149c569026126e6fe1fb0dca28730a80b3292aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:78:8c:bb:e2:da:b5:69:16:3c:af:1d:bb:
52:a1:b7:4d:cd:98:ff:45:1b:89:47:9f:05:27:e6:
93:99:ab:dd:73:36:eb:e2:eb:9b:b2:24:bd:cc:4c:
54:da:91:c1:d2:48:f4:52:4a:de:ab:7e:74:a0:22:
8c:14:f4:8d:87:48:4d:f6:9e:2c:da:38:1c:46:90:
1c:63:8f:1a:38:36:24:b8:6c:82:06:13:23:2e:2e:
4b:34:ce:62:b5:53:59:23:71:68:ca:80:8c:5e:95:
0a:0a:c3:e0:a9:94:ae:86:fd:d5:a8:12:ed:6a:1b:
9b:51:fc:c1:9a:25:98:78:f0:4b:16:34:78:5f:3b:
92:82:15:54:ae:5c:07:db:f7:8c:73:ba:12:05:8c:
02:37:03:32:09:68:1e:a2:09:81:0a:48:80:95:88:
16:31:8f:8d:da:13:b9:2e:89:3d:49:2b:cd:fd:f5:
1b:a2:49:e5:33:fe:a5:54:4b:9f:9a:11:4b:98:64:
c6:00:6c:85:4b:31:ae:22:46:2d:e3:74:c0:64:39:
32:15:10:4d:c7:46:b4:57:32:74:ad:74:cb:e0:65:
b5:a1:1b:67:98:1d:5e:b2:ae:02:c2:c0:51:4a:d3:
11:24:c8:30:16:29:6f:9b:1c:67:0b:1e:96:8d:fa:
0e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:49:C5:69:02:61:26:E6:FE:1F:B0:DC:A2:87:30:A8:0B:32:92:AA
X509v3 Authority Key Identifier:
keyid:AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/0UnFaQJhJub-H7DcoocwqAsykqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/rujW9WxfvJBMm5E2CQE-WWSGUlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.19.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2a:f8:9a:ad:2a:a3:f8:93:96:d7:3c:04:91:93:75:7e:a9:
60:97:30:42:4e:cd:ee:20:c4:f7:8e:7e:6e:0b:b1:52:e9:86:
fa:dc:a8:d4:ad:60:35:91:67:68:9c:09:fc:82:b3:f3:3e:64:
50:ee:3d:4e:40:76:b6:3c:cc:18:8d:bf:1b:93:8a:f5:73:c2:
6f:f5:1c:c6:db:4f:ba:fa:dd:0f:28:85:be:29:1c:00:a4:66:
15:c3:64:20:3d:5e:32:1c:96:d6:bb:b0:2e:2b:22:b9:d6:04:
c0:80:62:6d:b9:95:e2:fd:ea:19:06:03:2d:2e:37:38:85:82:
5d:f1:8e:f2:b8:53:b6:9a:92:91:f8:8c:0d:c8:4a:38:a7:ce:
e7:18:5b:ba:38:24:42:2d:c2:1d:bc:c5:41:b8:c8:2c:1e:7e:
bb:86:57:41:bb:d8:9c:70:63:f9:dd:da:76:a3:e4:5c:de:65:
b8:01:0b:91:36:34:1b:e5:b0:4c:0f:bd:15:aa:62:f3:c4:95:
16:c3:29:a2:ca:4e:7f:ff:ac:72:f5:b1:f3:01:98:ea:de:08:
d8:bf:60:8d:a1:0a:58:85:73:34:61:97:cd:2b:de:6b:b1:40:
07:4d:a8:0b:ee:06:04:b0:68:fa:a3:b2:ea:f1:7e:13:5e:36:
f2:52:7d:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+qdslJyRFbf+fM2Jfp9e75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZThkNmY1NmM1ZmJjOTA0YzliOTEzNjA5MDEzZTU5NjQ4
NjUyNTcwHhcNMjQwNTI0MTE1NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ5YzU2OTAyNjEyNmU2ZmUxZmIwZGNhMjg3MzBhODBiMzI5MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7R4jLvi2rVpFjyvHbtSobdNzZj/
RRuJR58FJ+aTmavdczbr4uubsiS9zExU2pHB0kj0Ukreq350oCKMFPSNh0hN9p4s
2jgcRpAcY48aODYkuGyCBhMjLi5LNM5itVNZI3FoyoCMXpUKCsPgqZSuhv3VqBLt
ahubUfzBmiWYePBLFjR4XzuSghVUrlwH2/eMc7oSBYwCNwMyCWgeogmBCkiAlYgW
MY+N2hO5Lok9SSvN/fUboknlM/6lVEufmhFLmGTGAGyFSzGuIkYt43TAZDkyFRBN
x0a0VzJ0rXTL4GW1oRtnmB1esq4CwsBRStMRJMgwFilvmxxnCx6WjfoOCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFJxWkCYSbm/h+w3KKHMKgLMpKqMB8GA1UdIwQY
MBaAFK7o1vVsX7yQTJuRNgkBPllkhlJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEt
YzZmOWQwYThmMzZlLzEvMFVuRmFRSmhKdWItSDdEY29vY3dxQXN5a3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEtYzZmOWQwYThmMzZl
LzEvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxQTMA0G
CSqGSIb3DQEBCwUAA4IBAQCeKviarSqj+JOW1zwEkZN1fqlglzBCTs3uIMT3jn5u
C7FS6Yb63KjUrWA1kWdonAn8grPzPmRQ7j1OQHa2PMwYjb8bk4r1c8Jv9RzG20+6
+t0PKIW+KRwApGYVw2QgPV4yHJbWu7AuKyK51gTAgGJtuZXi/eoZBgMtLjc4hYJd
8Y7yuFO2mpKR+IwNyEo4p87nGFu6OCRCLcIdvMVBuMgsHn67hldBu9iccGP53dp2
o+Rc3mW4AQuRNjQb5bBMD70VqmLzxJUWwymiyk5//6xy9bHzAZjq3gjYv2CNoQpY
hXM0YZfNK95rsUAHTagL7gYEsGj6o7Lq8X4TXjbyUn2N
-----END CERTIFICATE-----
Generated at Mon Sep 9 19:38:05 2024 by rpki-client on console-fra.rpki-client.org