Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/lNy00QIZsD3GUL6Qcy_3HdJSROQ.roa
File: lNy00QIZsD3GUL6Qcy_3HdJSROQ.roa (raw, json)
Hash identifier: kTMupoGNhVmPglc0NBna9gCF+Mde3x3AQJKXlB1t8+8=
Subject key identifier: 94:DC:B4:D1:02:19:B0:3D:C6:50:BE:90:73:2F:F7:1D:D2:52:44:E4
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 01856F1D8299F51FBBADD6015E116352AD8D
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/lNy00QIZsD3GUL6Qcy_3HdJSROQ.roa
Signing time: Sun 01 Jan 2023 20:54:43 +0000
ROA not before: Sun 01 Jan 2023 20:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206352
IP address blocks: 195.210.110.0/23 maxlen: 23
195.210.124.0/23 maxlen: 23
195.210.122.0/24 maxlen: 24
195.210.126.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 26 Jan 2023 20:23:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:82:99:f5:1f:bb:ad:d6:01:5e:11:63:52:ad:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jan 1 20:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94dcb4d10219b03dc650be90732ff71dd25244e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:44:21:19:01:d3:2f:e3:13:47:f3:75:98:
9c:c8:6b:91:a5:4e:5c:1a:45:9c:fd:13:c3:ed:f9:
79:09:a3:36:ca:79:31:65:66:65:f5:50:39:c2:ff:
52:a5:b4:17:00:c0:45:96:4a:be:da:f2:e0:df:c6:
42:e9:1f:5e:62:43:5c:a4:e6:d0:5e:9c:b3:8d:8b:
30:61:84:b0:90:cd:15:f9:27:c3:85:89:f7:10:c7:
e6:cc:30:1e:62:96:16:bb:bd:84:3f:da:9b:2f:e4:
a7:50:1c:0c:51:e2:88:06:8e:56:b4:ee:13:2b:c6:
2a:aa:f1:84:0b:b9:86:64:58:fe:f2:73:ff:11:7e:
3b:06:8d:d7:cb:84:27:4f:eb:7f:ec:75:13:ad:5d:
f6:6b:8a:21:8e:b2:24:f0:da:bf:84:24:46:f7:03:
85:4c:5f:8f:ec:b6:b8:97:d6:16:1c:cb:37:4c:a6:
b3:e7:05:54:89:4a:28:29:cb:4a:19:64:37:1a:5d:
44:6a:f3:d0:5c:90:8e:3f:e9:7d:64:7f:8d:5c:51:
3c:88:32:25:15:a7:24:91:cf:d7:98:f0:70:cb:5f:
71:53:9f:55:fb:94:a2:08:10:d6:1b:6a:71:06:c4:
14:3e:55:db:77:ec:59:a1:98:31:48:6e:20:74:da:
6b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DC:B4:D1:02:19:B0:3D:C6:50:BE:90:73:2F:F7:1D:D2:52:44:E4
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/lNy00QIZsD3GUL6Qcy_3HdJSROQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.110.0/23
195.210.122.0/24
195.210.124.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:36:1f:03:ee:14:d8:c5:68:db:7f:b7:22:d7:a8:08:23:0f:
7e:b6:33:8f:89:c8:12:46:fb:7d:b0:58:9f:56:83:51:dd:10:
f2:a6:7c:78:00:d4:c4:61:82:db:41:a1:d4:92:e8:f6:2b:d0:
91:30:d8:61:ad:a4:e4:b8:3e:4b:8f:13:4d:92:94:62:22:0a:
79:7d:c5:80:7d:36:38:00:a8:c3:6b:dc:98:ce:23:e2:98:ce:
76:be:f1:58:0e:28:e8:67:6e:35:15:29:ad:8e:24:9e:e9:3c:
cf:25:97:0f:06:d7:63:d4:91:d6:7d:c9:78:ab:c6:4e:b1:bd:
99:5f:37:30:1c:d5:2e:c5:53:75:88:43:29:f4:62:f4:31:a3:
d3:77:79:e7:fc:41:2c:9e:06:4a:eb:26:66:9b:25:ca:dc:82:
a0:ad:b5:fb:5e:01:c2:bb:b0:c8:ab:32:64:e5:14:c2:78:6e:
bd:7f:fc:c5:84:b6:7f:68:8a:ac:ae:24:62:97:51:66:8f:66:
58:10:36:a2:46:d3:96:4b:97:45:d8:18:9e:97:4d:f2:cb:8d:
58:34:71:ea:e7:06:d3:a2:59:f0:e7:87:77:32:50:44:2b:c2:
1a:2f:be:f7:1e:e2:09:6b:c9:eb:4b:7f:e2:da:c6:83:b3:5f:
55:0c:6f:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvHYKZ9R+7rdYBXhFjUq2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjMwMTAxMjA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRjYjRkMTAyMTliMDNkYzY1MGJlOTA3MzJmZjcxZGQyNTI0NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshtEIRkB0y/jE0fzdZicyGuRpU5c
GkWc/RPD7fl5CaM2ynkxZWZl9VA5wv9SpbQXAMBFlkq+2vLg38ZC6R9eYkNcpObQ
XpyzjYswYYSwkM0V+SfDhYn3EMfmzDAeYpYWu72EP9qbL+SnUBwMUeKIBo5WtO4T
K8YqqvGEC7mGZFj+8nP/EX47Bo3Xy4QnT+t/7HUTrV32a4ohjrIk8Nq/hCRG9wOF
TF+P7La4l9YWHMs3TKaz5wVUiUooKctKGWQ3Gl1EavPQXJCOP+l9ZH+NXFE8iDIl
Fackkc/XmPBwy19xU59V+5SiCBDWG2pxBsQUPlXbd+xZoZgxSG4gdNprPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJTctNECGbA9xlC+kHMv9x3SUkTkMB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEvbE55MDBRSVpzRDNHVUw2UWN5XzNIZEpTUk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw9JuAwQA
w9J6AwQCw9J8MA0GCSqGSIb3DQEBCwUAA4IBAQAsNh8D7hTYxWjbf7ci16gIIw9+
tjOPicgSRvt9sFifVoNR3RDypnx4ANTEYYLbQaHUkuj2K9CRMNhhraTkuD5LjxNN
kpRiIgp5fcWAfTY4AKjDa9yYziPimM52vvFYDijoZ241FSmtjiSe6TzPJZcPBtdj
1JHWfcl4q8ZOsb2ZXzcwHNUuxVN1iEMp9GL0MaPTd3nn/EEsngZK6yZmmyXK3IKg
rbX7XgHCu7DIqzJk5RTCeG69f/zFhLZ/aIqsriRil1Fmj2ZYEDaiRtOWS5dF2Bie
l03yy41YNHHq5wbTolnw54d3MlBEK8IaL773HuIJa8nrS3/i2saDs19VDG85
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:48 2024 by rpki-client on console-ams.rpki-client.org