Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/rSyjsN3CXVKV56HHK6CNDcffWXM.roa
File: rSyjsN3CXVKV56HHK6CNDcffWXM.roa (raw, json)
Hash identifier: KBYaWcPZU8xLvPyO+ltfURH+Crpulql+lX6wzfvP87w=
Subject key identifier: AD:2C:A3:B0:DD:C2:5D:52:95:E7:A1:C7:2B:A0:8D:0D:C7:DF:59:73
Certificate issuer: /CN=3f5bc44014285b6f3e2872aecf5d4f33e268ce8b
Certificate serial: 018CC56E9E60FF13AB3E0D3D6CFA6A69C502
Authority key identifier: 3F:5B:C4:40:14:28:5B:6F:3E:28:72:AE:CF:5D:4F:33:E2:68:CE:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1vEQBQoW28-KHKuz11PM-Jozos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/rSyjsN3CXVKV56HHK6CNDcffWXM.roa
Signing time: Mon 01 Jan 2024 14:30:10 +0000
ROA not before: Mon 01 Jan 2024 14:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41699
IP address blocks: 195.170.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:9e:60:ff:13:ab:3e:0d:3d:6c:fa:6a:69:c5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f5bc44014285b6f3e2872aecf5d4f33e268ce8b
Validity
Not Before: Jan 1 14:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad2ca3b0ddc25d5295e7a1c72ba08d0dc7df5973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:35:1b:a9:0c:c4:d9:da:c3:68:b3:55:c3:
10:e9:75:32:38:d3:51:0c:9e:37:ec:93:08:a1:0c:
67:0b:8b:7e:db:c1:8b:16:95:06:2f:64:d5:a9:d9:
b6:54:32:df:f3:21:a3:95:92:b6:ca:1f:ae:51:a7:
e1:08:b0:f1:f2:de:9e:a8:a4:47:4d:79:cf:b8:e0:
5d:0f:23:62:16:64:02:5d:fb:8c:b2:6f:be:48:c4:
0b:d9:ad:0d:84:8e:f6:ac:94:58:50:48:27:44:96:
74:0b:c1:93:c1:a4:51:a4:6b:69:5f:7c:11:ab:ce:
51:a6:59:3f:43:63:e3:4c:69:d0:c6:5c:e0:18:11:
79:9a:ed:99:01:e1:3b:60:32:3f:6d:84:88:8d:a3:
33:7f:9c:62:8b:13:30:6f:ba:96:bc:b3:5e:19:3c:
f0:2f:f0:b1:c8:1a:da:6b:2a:78:aa:f6:5d:30:df:
5d:6b:13:7c:e5:2d:45:36:56:74:99:59:41:bf:dd:
b5:7b:03:87:a4:d2:40:3d:8a:1c:b7:77:47:7c:19:
e3:bf:43:de:10:fd:b1:9a:67:35:9d:26:9f:3f:1b:
c5:2e:94:e0:06:a5:ac:d7:6f:ae:c5:1d:d9:92:d6:
ea:89:ff:fb:83:a4:cc:eb:9f:a0:41:74:d5:02:b1:
21:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2C:A3:B0:DD:C2:5D:52:95:E7:A1:C7:2B:A0:8D:0D:C7:DF:59:73
X509v3 Authority Key Identifier:
keyid:3F:5B:C4:40:14:28:5B:6F:3E:28:72:AE:CF:5D:4F:33:E2:68:CE:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1vEQBQoW28-KHKuz11PM-Jozos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/rSyjsN3CXVKV56HHK6CNDcffWXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/322693-e58b-48e2-bdd9-02953ce63843/1/P1vEQBQoW28-KHKuz11PM-Jozos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.185.0/24
Signature Algorithm: sha256WithRSAEncryption
01:fd:c6:71:99:ee:8f:d2:3d:51:a6:22:06:00:bc:de:1b:9f:
ec:f6:86:c3:c6:5f:45:61:cb:dd:5f:b1:c2:f2:0d:7d:ad:32:
9a:11:0a:9e:65:f1:9a:8c:a0:18:62:4f:74:a3:c7:5c:d7:55:
06:1e:ba:ab:3b:ae:be:d9:0f:e5:76:30:ac:75:00:05:6d:96:
be:65:8c:06:37:2b:b9:86:56:95:31:43:2a:71:25:e0:99:0a:
50:13:cc:03:96:33:4b:a0:98:a1:60:45:aa:7f:47:2a:07:0e:
b2:78:a4:0e:01:19:b4:1d:98:a2:82:94:65:06:0c:3c:fe:33:
74:a0:42:f4:81:18:44:48:2e:58:8b:57:51:d4:c3:c3:09:4a:
ae:a7:2c:4e:ad:e3:a8:1d:24:c7:5a:91:9f:71:20:7c:27:9a:
89:93:51:1d:90:8b:08:18:70:6b:35:e8:7f:6a:43:68:ed:4c:
10:84:17:0b:d6:2a:04:c6:69:ec:0b:d3:b8:31:8a:82:c4:c7:
5b:e1:cf:97:a7:36:d0:23:72:6a:1a:ed:6e:d6:36:94:ed:43:
70:79:2a:e0:5e:69:73:54:ad:4e:41:fb:23:26:ab:d5:3e:8b:
39:de:8e:b1:84:2c:d1:62:d9:f3:99:bc:09:02:b1:f2:8d:c6:
e2:48:93:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbp5g/xOrPg09bPpqacUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNWJjNDQwMTQyODViNmYzZTI4NzJhZWNmNWQ0ZjMzZTI2
OGNlOGIwHhcNMjQwMTAxMTQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJjYTNiMGRkYzI1ZDUyOTVlN2ExYzcyYmEwOGQwZGM3ZGY1OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrM1G6kMxNnaw2izVcMQ6XUyONNR
DJ437JMIoQxnC4t+28GLFpUGL2TVqdm2VDLf8yGjlZK2yh+uUafhCLDx8t6eqKRH
TXnPuOBdDyNiFmQCXfuMsm++SMQL2a0NhI72rJRYUEgnRJZ0C8GTwaRRpGtpX3wR
q85Rplk/Q2PjTGnQxlzgGBF5mu2ZAeE7YDI/bYSIjaMzf5xiixMwb7qWvLNeGTzw
L/CxyBraayp4qvZdMN9daxN85S1FNlZ0mVlBv921ewOHpNJAPYoct3dHfBnjv0Pe
EP2xmmc1nSafPxvFLpTgBqWs12+uxR3Zktbqif/7g6TM65+gQXTVArEhtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0so7Ddwl1SleehxyugjQ3H31lzMB8GA1UdIwQY
MBaAFD9bxEAUKFtvPihyrs9dTzPiaM6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDF2RVFCUW9XMjgtS0hLdXoxMVBNLUpvem9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zMjI2OTMtZTU4Yi00OGUyLWJkZDkt
MDI5NTNjZTYzODQzLzEvclN5anNOM0NYVktWNTZISEs2Q05EY2ZmV1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zMjI2OTMtZTU4Yi00OGUyLWJkZDktMDI5NTNjZTYzODQz
LzEvUDF2RVFCUW9XMjgtS0hLdXoxMVBNLUpvem9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6q5MA0G
CSqGSIb3DQEBCwUAA4IBAQAB/cZxme6P0j1RpiIGALzeG5/s9obDxl9FYcvdX7HC
8g19rTKaEQqeZfGajKAYYk90o8dc11UGHrqrO66+2Q/ldjCsdQAFbZa+ZYwGNyu5
hlaVMUMqcSXgmQpQE8wDljNLoJihYEWqf0cqBw6yeKQOARm0HZiigpRlBgw8/jN0
oEL0gRhESC5Yi1dR1MPDCUqupyxOreOoHSTHWpGfcSB8J5qJk1EdkIsIGHBrNeh/
akNo7UwQhBcL1ioExmnsC9O4MYqCxMdb4c+XpzbQI3JqGu1u1jaU7UNweSrgXmlz
VK1OQfsjJqvVPos53o6xhCzRYtnzmbwJArHyjcbiSJOf
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:01:17 2025 by rpki-client