Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/RukiSyh81HdgWdil0jEXxXp916s.roa
File: RukiSyh81HdgWdil0jEXxXp916s.roa (raw, json)
Hash identifier: SiQsAilIDxtJqQ3E9B3u/9XM3tQSHTP1HIzrqSd1PKM=
Subject key identifier: 46:E9:22:4B:28:7C:D4:77:60:59:D8:A5:D2:31:17:C5:7A:7D:D7:AB
Certificate issuer: /CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Certificate serial: 019294DDB9413F1CB68ABFF90FA1F7B78F16
Authority key identifier: 89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/RukiSyh81HdgWdil0jEXxXp916s.roa
Signing time: Wed 16 Oct 2024 10:26:51 +0000
ROA not before: Wed 16 Oct 2024 10:26:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50643
IP address blocks: 195.191.200.0/23 maxlen: 24
2001:678:b4c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:dd:b9:41:3f:1c:b6:8a:bf:f9:0f:a1:f7:b7:8f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Validity
Not Before: Oct 16 10:26:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46e9224b287cd4776059d8a5d23117c57a7dd7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:11:3a:32:9f:5b:06:8e:22:af:60:e1:0b:
90:9b:24:92:a7:9a:8b:f8:e9:a6:53:de:e5:42:78:
61:dd:fd:f6:d6:e3:8a:7c:48:5e:64:e4:8e:9c:94:
06:6a:80:63:4c:71:a0:27:6a:ec:71:7c:ea:0b:e2:
ba:59:03:4a:cc:3d:be:66:c6:d8:6e:da:6d:ea:66:
23:05:7c:e9:80:7a:d6:a0:49:7d:5d:a8:d9:67:e7:
b2:18:31:cd:4d:4a:69:04:d6:37:3e:95:58:01:56:
a4:22:fd:af:d0:a2:d2:b3:7a:2c:63:83:18:42:fd:
4d:27:7c:be:91:d5:61:6b:29:2e:c3:fe:c5:ef:d4:
f6:87:1c:25:75:c7:b5:f7:47:79:a3:94:a3:27:88:
7b:88:f1:0a:82:86:a8:96:c8:eb:ec:32:3a:b3:9e:
2f:b7:88:98:1d:c1:af:09:ff:90:d3:e9:13:8f:21:
91:b3:a3:58:41:d7:fe:1c:4b:b8:13:2e:70:5d:3a:
36:06:66:b6:66:57:1e:73:3c:df:c8:ed:9d:db:bf:
24:64:46:3d:fd:24:1e:8f:c8:28:8f:dd:27:68:35:
de:1d:81:81:b5:74:4e:36:bf:e5:47:db:45:de:e0:
65:24:17:0f:4a:e2:58:af:8a:de:f3:df:3c:52:85:
4b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E9:22:4B:28:7C:D4:77:60:59:D8:A5:D2:31:17:C5:7A:7D:D7:AB
X509v3 Authority Key Identifier:
keyid:89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/RukiSyh81HdgWdil0jEXxXp916s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.200.0/23
IPv6:
2001:678:b4c::/48
Signature Algorithm: sha256WithRSAEncryption
9a:c0:df:72:4a:3d:5c:2a:e1:50:66:01:e6:a2:1f:27:8e:b4:
07:66:c2:9e:c0:cc:32:cb:57:4f:a5:7a:4c:a7:b9:4f:bd:a0:
d6:73:12:48:78:73:81:58:f2:d0:a2:37:1c:1a:1e:8c:13:5f:
24:7a:6e:04:80:fa:86:7d:2e:8d:76:e3:af:b1:d4:28:39:35:
50:c3:fc:22:bf:d9:2e:18:18:fa:86:9d:ba:93:bd:76:62:f9:
98:4a:07:3c:bb:c1:ec:60:fd:47:e2:68:ff:96:dd:7d:05:eb:
11:80:e0:d1:9f:a3:8e:c3:f4:43:88:f6:cb:0e:9f:f8:4f:9f:
6f:2b:00:ff:65:e0:ec:14:2c:58:50:5a:5f:31:44:48:38:59:
f0:fc:48:98:59:b1:62:ab:8f:61:62:5c:79:25:38:d1:ad:23:
c4:9b:b7:c6:1a:88:1e:ee:cc:52:19:87:71:37:69:df:c5:1b:
7d:5d:98:ac:54:8c:7f:5d:24:36:77:82:cc:66:6c:be:1e:90:
80:ac:cb:ad:ca:cc:e4:ce:76:6c:58:6e:89:0f:c4:81:cf:d5:
55:a1:c5:6c:85:cd:8a:2a:89:cf:89:21:17:d7:4f:06:47:41:
28:b5:ba:e2:57:4b:11:86:c9:86:d9:d5:1b:d7:fd:0a:26:b8:
f2:4a:26:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZKU3blBPxy2ir/5D6H3t48WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTRiZjU5ODc3YTNiMmVmMTRmNWYxMjBhNjc1MGRjMTQ5
MzljNmIwHhcNMjQxMDE2MTAyNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmU5MjI0YjI4N2NkNDc3NjA1OWQ4YTVkMjMxMTdjNTdhN2RkN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFoROjKfWwaOIq9g4QuQmySSp5qL
+OmmU97lQnhh3f321uOKfEheZOSOnJQGaoBjTHGgJ2rscXzqC+K6WQNKzD2+ZsbY
btpt6mYjBXzpgHrWoEl9XajZZ+eyGDHNTUppBNY3PpVYAVakIv2v0KLSs3osY4MY
Qv1NJ3y+kdVhaykuw/7F79T2hxwldce190d5o5SjJ4h7iPEKgoaolsjr7DI6s54v
t4iYHcGvCf+Q0+kTjyGRs6NYQdf+HEu4Ey5wXTo2Bma2ZlceczzfyO2d278kZEY9
/SQej8goj90naDXeHYGBtXRONr/lR9tF3uBlJBcPSuJYr4re8988UoVL9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEbpIksofNR3YFnYpdIxF8V6fderMB8GA1UdIwQY
MBaAFInkv1mHejsu8U9fEgpnUNwUk5xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUt
MjNiYjQyMDNlYjU3LzEvUnVraVN5aDgxSGRnV2RpbDBqRVh4WHA5MTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUtMjNiYjQyMDNlYjU3
LzEvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7/IMA8E
AgACMAkDBwAgAQZ4C0wwDQYJKoZIhvcNAQELBQADggEBAJrA33JKPVwq4VBmAeai
HyeOtAdmwp7AzDLLV0+lekynuU+9oNZzEkh4c4FY8tCiNxwaHowTXyR6bgSA+oZ9
Lo1246+x1Cg5NVDD/CK/2S4YGPqGnbqTvXZi+ZhKBzy7wexg/UfiaP+W3X0F6xGA
4NGfo47D9EOI9ssOn/hPn28rAP9l4OwULFhQWl8xREg4WfD8SJhZsWKrj2FiXHkl
ONGtI8Sbt8YaiB7uzFIZh3E3ad/FG31dmKxUjH9dJDZ3gsxmbL4ekICsy63KzOTO
dmxYbokPxIHP1VWhxWyFzYoqic+JIRfXTwZHQSi1uuJXSxGGyYbZ1RvX/QomuPJK
Jj8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:51 2025 by rpki-client