Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/G6RcuZ-alkwO2rXsMFvvHCB9Qog.roa
File: G6RcuZ-alkwO2rXsMFvvHCB9Qog.roa (raw, json)
Hash identifier: 0DGyRS4gP7mA3zhZgyOS+fpjI6c2VdwBpoLPEXkeU/g=
Subject key identifier: 1B:A4:5C:B9:9F:9A:96:4C:0E:DA:B5:EC:30:5B:EF:1C:20:7D:42:88
Certificate issuer: /CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Certificate serial: 018EA7B02E1AC087C9D3F14AAB513A4498C4
Authority key identifier: F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/G6RcuZ-alkwO2rXsMFvvHCB9Qog.roa
Signing time: Thu 04 Apr 2024 05:58:44 +0000
ROA not before: Thu 04 Apr 2024 05:58:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31246
IP address blocks: 195.200.23.0/24 maxlen: 24
2a14:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 18:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:b0:2e:1a:c0:87:c9:d3:f1:4a:ab:51:3a:44:98:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Validity
Not Before: Apr 4 05:58:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ba45cb99f9a964c0edab5ec305bef1c207d4288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:28:6b:20:fc:dc:f6:10:8e:5d:05:ea:89:9e:
64:c3:63:06:02:c5:cf:ea:38:1d:de:2b:e7:75:6b:
44:d7:43:b4:52:10:f8:64:51:6a:d0:97:66:9c:8f:
c5:4a:85:96:63:43:1f:27:d7:23:49:cd:b5:42:93:
ae:5a:a3:e5:a4:cf:19:01:62:b9:35:58:9a:4c:7b:
ba:6b:89:b2:20:7e:8c:91:3c:0d:76:e3:1f:9f:47:
50:4c:cd:bd:9e:d2:94:0a:e1:97:81:2d:d6:6b:19:
b8:d3:10:2d:c8:75:2e:01:43:aa:ab:3f:e4:02:37:
c5:94:e7:e2:c8:ce:85:f3:17:56:82:be:e3:fb:94:
08:4a:5e:dc:a0:70:bc:e7:a0:62:e9:f5:a3:92:45:
f1:f1:e5:8c:82:8f:b0:40:18:a3:42:40:49:72:bb:
bc:7e:21:f7:92:69:59:39:39:99:32:34:14:33:f5:
1a:01:97:57:11:d5:85:fb:4c:8c:ab:19:52:ce:72:
15:49:d9:11:e5:cc:64:04:0d:13:dd:c2:8b:40:b7:
8d:65:cb:cd:16:53:ad:7a:fe:d4:6d:0d:73:32:94:
a6:3c:52:81:da:92:fe:d5:b0:1f:55:8e:ea:91:cc:
61:8d:99:e7:a8:a7:41:a6:a6:37:6a:bd:4a:66:f1:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A4:5C:B9:9F:9A:96:4C:0E:DA:B5:EC:30:5B:EF:1C:20:7D:42:88
X509v3 Authority Key Identifier:
keyid:F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/G6RcuZ-alkwO2rXsMFvvHCB9Qog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.23.0/24
IPv6:
2a14:2040::/29
Signature Algorithm: sha256WithRSAEncryption
14:13:ef:b0:dd:61:66:6e:e2:a1:6e:0d:96:ad:b1:e7:6e:95:
4f:33:7e:f5:39:d3:b6:0c:2a:42:6d:f6:f8:30:80:35:57:91:
15:a1:81:72:ec:54:20:d0:82:2c:a5:c1:c0:4e:df:8f:80:75:
19:7c:49:9e:bf:ec:05:02:dc:1e:67:e7:79:df:56:3a:b4:5c:
c9:28:79:c6:98:32:5f:86:78:dd:2f:61:3e:65:cd:2a:dd:34:
c6:a6:39:c1:8d:f1:aa:9a:14:a2:2a:49:26:86:98:67:de:52:
80:12:5f:e2:4b:f1:3e:9d:48:ff:e3:b4:80:cf:5c:42:1d:cc:
4e:19:4e:cc:63:a0:ab:50:35:39:e1:c5:9d:e5:bd:ac:7d:91:
da:4d:71:6c:37:c5:4f:f2:8f:08:de:73:65:14:9a:a4:a2:4b:
9e:41:05:62:fb:31:d1:ab:c8:16:99:15:25:95:52:6f:b5:d8:
13:0e:bd:e3:b0:96:31:bb:00:6e:f7:1e:6e:0f:93:65:ac:f8:
5f:4c:8b:9d:d0:93:a8:9b:18:e4:8d:8e:6a:9a:44:87:bf:c9:
bc:11:31:e8:45:3f:fe:52:48:8a:7d:b8:03:b6:53:0f:bb:1d:
92:50:92:56:d0:69:ec:22:52:a5:dd:1d:d9:2d:1e:03:34:00:
bd:bf:ed:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6nsC4awIfJ0/FKq1E6RJjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTVlMDJiZGE3YTkwNzE0ODc4MzdkMzE1NThiNWUwMjIx
ZDNjZjkwHhcNMjQwNDA0MDU1ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE0NWNiOTlmOWE5NjRjMGVkYWI1ZWMzMDViZWYxYzIwN2Q0Mjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyhrIPzc9hCOXQXqiZ5kw2MGAsXP
6jgd3ivndWtE10O0UhD4ZFFq0JdmnI/FSoWWY0MfJ9cjSc21QpOuWqPlpM8ZAWK5
NViaTHu6a4myIH6MkTwNduMfn0dQTM29ntKUCuGXgS3Waxm40xAtyHUuAUOqqz/k
AjfFlOfiyM6F8xdWgr7j+5QISl7coHC856Bi6fWjkkXx8eWMgo+wQBijQkBJcru8
fiH3kmlZOTmZMjQUM/UaAZdXEdWF+0yMqxlSznIVSdkR5cxkBA0T3cKLQLeNZcvN
FlOtev7UbQ1zMpSmPFKB2pL+1bAfVY7qkcxhjZnnqKdBpqY3ar1KZvGwyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBukXLmfmpZMDtq17DBb7xwgfUKIMB8GA1UdIwQY
MBaAFPgV4CvaepBxSHg30xVYteAiHTz5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CWGdLOXA2a0hGSWVEZlRGVmkxNENJZFBQay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUy
LWQ5ODM4NDM5NzkyOS8xL0c2UmN1Wi1hbGt3TzJyWHNNRnZ2SENCOVFvZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUyLWQ5ODM4NDM5Nzky
OS8xLzEtQlhnSzlwNmtIRkllRGZURlZpMTRDSWRQUGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADDyBcw
DQQCAAIwBwMFAyoUIEAwDQYJKoZIhvcNAQELBQADggEBABQT77DdYWZu4qFuDZat
sedulU8zfvU507YMKkJt9vgwgDVXkRWhgXLsVCDQgiylwcBO34+AdRl8SZ6/7AUC
3B5n53nfVjq0XMkoecaYMl+GeN0vYT5lzSrdNMamOcGN8aqaFKIqSSaGmGfeUoAS
X+JL8T6dSP/jtIDPXEIdzE4ZTsxjoKtQNTnhxZ3lvax9kdpNcWw3xU/yjwjec2UU
mqSiS55BBWL7MdGryBaZFSWVUm+12BMOveOwljG7AG73Hm4Pk2Ws+F9Mi53Qk6ib
GOSNjmqaRIe/ybwRMehFP/5SSIp9uAO2Uw+7HZJQklbQaewiUqXdHdktHgM0AL2/
7as=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:13 2024 by rpki-client on console-fra.rpki-client.org