Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/3znpvtG32JPLx6X26dh0eE-ayJU.roa
File: 3znpvtG32JPLx6X26dh0eE-ayJU.roa (raw, json)
Hash identifier: caaTc305TH2Q07IG5vH2s3Hviyf9s+OAysDBkClVC1w=
Subject key identifier: DF:39:E9:BE:D1:B7:D8:93:CB:C7:A5:F6:E9:D8:74:78:4F:9A:C8:95
Certificate issuer: /CN=aee8d6f56c5fbc904c9b913609013e5964865257
Certificate serial: 018A70515A02574227573FF5252364E451F4
Authority key identifier: AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/3znpvtG32JPLx6X26dh0eE-ayJU.roa
Signing time: Thu 07 Sep 2023 15:44:54 +0000
ROA not before: Thu 07 Sep 2023 15:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 195.20.19.0/24 maxlen: 24
2a13:49c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:51:5a:02:57:42:27:57:3f:f5:25:23:64:e4:51:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee8d6f56c5fbc904c9b913609013e5964865257
Validity
Not Before: Sep 7 15:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df39e9bed1b7d893cbc7a5f6e9d874784f9ac895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ad:77:cf:a5:33:8c:a8:e2:4b:02:d0:0b:03:
21:50:9a:39:c4:d0:ae:06:c6:85:d2:e0:3d:d2:8a:
4d:39:be:13:ad:4c:63:d1:91:3f:49:51:21:05:27:
31:00:28:5e:af:d8:74:9a:3e:35:fc:ea:e5:69:5c:
3d:b8:f2:48:03:2e:1c:f9:0d:58:bc:49:4b:ea:d1:
2a:7a:30:68:65:08:86:58:9d:46:01:5f:57:36:08:
8a:0a:4e:70:74:30:7c:20:a2:97:99:9d:2b:d5:40:
d1:b2:2c:3e:49:81:06:69:d4:50:5d:ad:17:e2:92:
55:3a:18:31:ac:ad:9b:8d:9f:1f:eb:9e:3c:e2:1d:
c6:77:13:3e:1f:63:51:25:71:7a:81:87:5e:d0:97:
45:46:4c:60:70:25:bc:b6:7b:28:82:e1:78:cc:59:
31:80:6c:a0:a2:45:93:e7:cf:8d:4e:f3:c4:c7:47:
3f:99:bf:02:b2:8e:4b:23:68:43:88:43:b2:b2:f4:
f2:1d:71:ff:d1:55:cb:ea:09:ce:1b:52:73:86:6d:
ca:eb:de:a0:ef:e2:70:56:df:e7:be:2e:4c:4c:5a:
6f:b5:53:da:a2:11:42:de:97:3b:17:00:b0:11:7e:
71:e3:91:ab:15:88:c2:95:28:b3:37:d1:a7:37:fe:
cd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:39:E9:BE:D1:B7:D8:93:CB:C7:A5:F6:E9:D8:74:78:4F:9A:C8:95
X509v3 Authority Key Identifier:
keyid:AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/3znpvtG32JPLx6X26dh0eE-ayJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/rujW9WxfvJBMm5E2CQE-WWSGUlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.19.0/24
IPv6:
2a13:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:74:91:b0:ac:d9:83:96:1b:0b:ed:75:b8:b3:14:77:9f:7e:
13:c7:9a:8a:2b:a7:40:da:2a:56:36:09:34:61:0f:6a:d8:e8:
a1:90:40:73:d8:94:a4:78:b4:b2:cb:48:8d:28:8e:51:a4:c2:
53:af:00:c4:ee:bd:42:89:ba:b3:90:32:7f:40:5b:a4:fe:39:
fb:9f:51:00:6b:67:25:93:77:0d:73:9b:fb:aa:18:91:e3:08:
24:b3:45:de:d8:9c:2a:57:80:0f:ce:78:53:d8:86:83:af:fc:
0c:ef:15:7f:3f:62:69:0c:05:7a:32:56:5b:ea:43:05:b1:72:
12:6a:4a:91:a6:fb:27:3f:52:91:dd:45:93:b1:9b:14:e1:72:
2f:07:b9:76:63:83:57:aa:2d:5d:09:f4:df:fb:4f:cd:0a:88:
b4:ec:bd:17:92:ce:be:30:3e:ee:01:fa:fc:d0:69:bb:c0:2a:
3f:82:ee:d0:7c:af:6e:7a:9b:4a:a3:5d:f9:4f:18:49:d5:52:
83:86:e4:41:b5:ab:8d:90:6d:96:f3:ad:44:b0:a6:c3:0f:a0:
7a:fd:29:2d:f3:59:f6:bf:1f:93:90:8a:91:75:07:a0:92:64:
68:9d:2d:56:3a:33:dc:98:3e:47:92:64:6b:dc:01:5c:62:fb:
be:d4:eb:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpwUVoCV0InVz/1JSNk5FH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZThkNmY1NmM1ZmJjOTA0YzliOTEzNjA5MDEzZTU5NjQ4
NjUyNTcwHhcNMjMwOTA3MTU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM5ZTliZWQxYjdkODkzY2JjN2E1ZjZlOWQ4NzQ3ODRmOWFjODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq13z6UzjKjiSwLQCwMhUJo5xNCu
BsaF0uA90opNOb4TrUxj0ZE/SVEhBScxACher9h0mj41/OrlaVw9uPJIAy4c+Q1Y
vElL6tEqejBoZQiGWJ1GAV9XNgiKCk5wdDB8IKKXmZ0r1UDRsiw+SYEGadRQXa0X
4pJVOhgxrK2bjZ8f65484h3GdxM+H2NRJXF6gYde0JdFRkxgcCW8tnsoguF4zFkx
gGygokWT58+NTvPEx0c/mb8Cso5LI2hDiEOysvTyHXH/0VXL6gnOG1Jzhm3K696g
7+JwVt/nvi5MTFpvtVPaohFC3pc7FwCwEX5x45GrFYjClSizN9GnN/7NOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN856b7Rt9iTy8el9unYdHhPmsiVMB8GA1UdIwQY
MBaAFK7o1vVsX7yQTJuRNgkBPllkhlJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEt
YzZmOWQwYThmMzZlLzEvM3pucHZ0RzMySlBMeDZYMjZkaDBlRS1heUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEtYzZmOWQwYThmMzZl
LzEvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwxQTMA0E
AgACMAcDBQMqE0nAMA0GCSqGSIb3DQEBCwUAA4IBAQCadJGwrNmDlhsL7XW4sxR3
n34Tx5qKK6dA2ipWNgk0YQ9q2OihkEBz2JSkeLSyy0iNKI5RpMJTrwDE7r1Cibqz
kDJ/QFuk/jn7n1EAa2clk3cNc5v7qhiR4wgks0Xe2JwqV4APznhT2IaDr/wM7xV/
P2JpDAV6MlZb6kMFsXISakqRpvsnP1KR3UWTsZsU4XIvB7l2Y4NXqi1dCfTf+0/N
Coi07L0Xks6+MD7uAfr80Gm7wCo/gu7QfK9ueptKo135TxhJ1VKDhuRBtauNkG2W
861EsKbDD6B6/Skt81n2vx+TkIqRdQegkmRonS1WOjPcmD5HkmRr3AFcYvu+1OvJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:15 2024 by rpki-client on console-ams.rpki-client.org