Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/aNIkszGOKITXvjAZlV_yZdSU4c0.roa
File: aNIkszGOKITXvjAZlV_yZdSU4c0.roa (raw, json)
Hash identifier: kzYnkqe0mfLmY/42nGUeFMiH0sRw1+S3Jytt4l6mBRk=
Subject key identifier: 68:D2:24:B3:31:8E:28:84:D7:BE:30:19:95:5F:F2:65:D4:94:E1:CD
Certificate issuer: /CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Certificate serial: 018CC56DE4E301B3B4A38EE9D72972B6FDB6
Authority key identifier: D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/aNIkszGOKITXvjAZlV_yZdSU4c0.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 195.64.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 19:55:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e4:e3:01:b3:b4:a3:8e:e9:d7:29:72:b6:fd:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68d224b3318e2884d7be3019955ff265d494e1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:53:e7:90:c5:15:d8:05:61:b4:c0:bd:4d:94:
7b:d1:a9:ed:29:07:5d:2b:f9:a1:80:00:ef:d7:63:
39:0b:ef:d9:cc:aa:d3:50:98:3f:19:8c:05:86:d4:
80:d2:bd:7b:f1:35:44:99:12:ab:05:29:46:22:2d:
c4:11:bd:4d:0f:9d:45:7d:de:1f:eb:50:59:59:1f:
4b:24:0e:d1:9b:04:8e:37:ac:ef:ea:2c:ea:ed:c6:
06:6c:4b:c5:59:56:3b:e0:fd:38:e6:b9:8f:c6:4e:
ac:91:9a:e3:10:5d:61:fc:39:4a:83:7a:70:c0:0f:
c3:11:fb:56:bf:94:27:62:ec:b3:82:03:67:21:a7:
b3:38:ec:7b:bf:57:2b:5a:ab:7e:bc:00:95:5a:5b:
73:6c:3d:dc:35:95:02:df:5e:e2:21:4a:b9:4d:2e:
a8:10:58:65:e5:5a:c3:89:9f:52:c4:b6:79:35:f8:
89:7e:1d:fe:02:89:a9:3a:d8:2b:1e:28:11:d2:6b:
1b:fc:71:68:d4:a8:78:a1:aa:56:79:bf:db:20:ae:
a4:71:d4:10:9c:81:5a:c9:85:62:c6:9b:e3:9a:4c:
3f:21:77:72:81:f3:88:83:28:6d:41:5f:52:c8:08:
f7:c0:30:2d:e8:52:2e:9d:51:c3:de:aa:21:bc:55:
41:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D2:24:B3:31:8E:28:84:D7:BE:30:19:95:5F:F2:65:D4:94:E1:CD
X509v3 Authority Key Identifier:
keyid:D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/aNIkszGOKITXvjAZlV_yZdSU4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/2AYuTMJvLfdu8wjOem48g0TJ0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.114.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4d:7d:d3:ff:59:22:2f:12:25:ec:49:64:d4:8a:59:e4:c1:
4a:bd:bb:42:92:23:ab:50:e7:0d:d9:8c:82:6e:ef:5d:59:fe:
cb:b0:90:c2:55:37:6a:b1:81:83:9b:da:c9:0d:49:21:02:cb:
fc:93:63:37:59:e5:a2:64:2d:e0:a4:7a:64:c6:1c:cb:ca:2a:
66:28:aa:8e:d5:3e:06:fb:0b:d7:72:25:40:37:8a:3a:ec:0f:
97:83:f4:9c:a1:1e:bd:5f:75:b0:4a:f5:26:0a:e6:1d:61:47:
40:df:e8:b8:75:19:48:cc:13:9f:34:ad:63:bc:9f:cb:d2:48:
ea:bd:0f:5b:8a:0d:52:36:c6:35:a8:c5:56:90:e7:59:60:64:
96:b2:51:3a:91:30:72:bc:47:26:be:77:37:7d:e2:a0:e0:a6:
07:1e:7e:58:14:b3:c0:73:5e:a1:0f:0a:29:d6:9e:3d:f3:f2:
c4:ff:ee:fb:32:b0:e8:7f:b9:c4:b7:e1:ea:b7:75:f5:33:ea:
7e:41:a2:48:fa:95:93:80:a0:18:77:07:f5:bf:2f:54:b4:af:
d8:df:d0:5f:36:45:78:4f:da:25:ae:0a:cb:b5:07:5c:3d:af:
7b:6e:c8:5a:70:9c:65:21:36:82:6b:f7:c8:14:5d:ac:e7:f6:
cc:a2:55:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbeTjAbO0o47p1ylytv22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDYyZTRjYzI2ZjJkZjc2ZWYzMDhjZTdhNmUzYzgzNDRj
OWQwMzEwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQyMjRiMzMxOGUyODg0ZDdiZTMwMTk5NTVmZjI2NWQ0OTRlMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlPnkMUV2AVhtMC9TZR70antKQdd
K/mhgADv12M5C+/ZzKrTUJg/GYwFhtSA0r178TVEmRKrBSlGIi3EEb1ND51Ffd4f
61BZWR9LJA7RmwSON6zv6izq7cYGbEvFWVY74P045rmPxk6skZrjEF1h/DlKg3pw
wA/DEftWv5QnYuyzggNnIaezOOx7v1crWqt+vACVWltzbD3cNZUC317iIUq5TS6o
EFhl5VrDiZ9SxLZ5NfiJfh3+AompOtgrHigR0msb/HFo1Kh4oapWeb/bIK6kcdQQ
nIFayYVixpvjmkw/IXdygfOIgyhtQV9SyAj3wDAt6FIunVHD3qohvFVBUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjSJLMxjiiE174wGZVf8mXUlOHNMB8GA1UdIwQY
MBaAFNgGLkzCby33bvMIznpuPINEydAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAt
NGUyNjVkODk2NWVhLzEvYU5Ja3N6R09LSVRYdmpBWmxWX3laZFNVNGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAtNGUyNjVkODk2NWVh
LzEvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0ByMA0G
CSqGSIb3DQEBCwUAA4IBAQBYTX3T/1kiLxIl7Elk1IpZ5MFKvbtCkiOrUOcN2YyC
bu9dWf7LsJDCVTdqsYGDm9rJDUkhAsv8k2M3WeWiZC3gpHpkxhzLyipmKKqO1T4G
+wvXciVAN4o67A+Xg/ScoR69X3WwSvUmCuYdYUdA3+i4dRlIzBOfNK1jvJ/L0kjq
vQ9big1SNsY1qMVWkOdZYGSWslE6kTByvEcmvnc3feKg4KYHHn5YFLPAc16hDwop
1p498/LE/+77MrDof7nEt+Hqt3X1M+p+QaJI+pWTgKAYdwf1vy9UtK/Y39BfNkV4
T9olrgrLtQdcPa97bshacJxlITaCa/fIFF2s5/bMolV5
-----END CERTIFICATE-----
Generated at Wed Jan 17 01:10:46 2024 by rpki-client on console-fra.rpki-client.org