Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/S_kx81RPWm_imE0MAf_fj8g_dnE.roa
File: S_kx81RPWm_imE0MAf_fj8g_dnE.roa (raw, json)
Hash identifier: /Vmbi8hvKvUjC7f4faZVcze4l89knjZ5ClP4edqkdNE=
Subject key identifier: 4B:F9:31:F3:54:4F:5A:6F:E2:98:4D:0C:01:FF:DF:8F:C8:3F:76:71
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 0185BE4354C29DF46FF391C7BDD53F7F420D
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/S_kx81RPWm_imE0MAf_fj8g_dnE.roa
Signing time: Tue 17 Jan 2023 05:46:01 +0000
ROA not before: Tue 17 Jan 2023 05:46:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200384
IP address blocks: 195.16.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:43:54:c2:9d:f4:6f:f3:91:c7:bd:d5:3f:7f:42:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Jan 17 05:46:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bf931f3544f5a6fe2984d0c01ffdf8fc83f7671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:18:8d:15:82:9d:d1:29:01:7c:50:44:de:6f:
3d:18:b8:2b:89:61:58:0f:e3:e1:04:9a:4c:dc:b5:
2b:2a:00:3d:80:00:05:97:dc:88:67:17:c0:02:8a:
b7:bb:40:6c:85:3c:83:e2:c3:e7:e4:fe:90:f4:4a:
94:23:13:ca:8e:2b:4a:30:13:2c:72:8e:34:b1:ed:
e6:a9:ce:66:7d:cb:98:ce:80:ca:0e:fa:03:2d:9d:
0c:c3:f0:e6:f6:e2:36:1c:56:99:59:45:e7:89:fc:
fd:0e:64:51:ac:cb:5f:f9:05:69:aa:4c:a0:0b:ac:
cb:fd:34:80:2e:c1:c5:f3:5a:50:35:98:a6:41:3b:
68:e2:e7:2e:a3:fa:50:71:b7:bd:0a:91:37:39:74:
fd:53:20:19:6a:3e:44:af:76:2e:74:4a:22:41:05:
54:b8:6b:89:a5:f2:34:5a:10:58:5f:16:be:78:0f:
4a:07:fc:8b:78:41:48:47:f0:13:0d:8b:de:be:02:
6a:fd:ec:e6:24:c7:09:df:7e:9d:cb:78:38:b1:bf:
d4:34:ef:b0:51:d1:3d:53:a3:61:39:03:0e:c7:0c:
fa:f6:ad:9f:c9:84:35:d1:44:8b:78:6c:d6:e1:57:
c6:8a:29:7d:07:80:81:95:55:a2:50:44:35:ab:26:
7a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F9:31:F3:54:4F:5A:6F:E2:98:4D:0C:01:FF:DF:8F:C8:3F:76:71
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/S_kx81RPWm_imE0MAf_fj8g_dnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.252.0/24
Signature Algorithm: sha256WithRSAEncryption
73:3a:cb:f9:f7:48:9d:6d:83:17:89:db:7e:97:1c:0a:b7:86:
5e:94:4d:3d:22:bb:6b:dc:b1:37:82:af:7a:fe:95:7d:01:94:
44:a5:69:ac:c9:93:c2:2e:d2:3a:bf:4c:69:cd:13:06:76:4b:
9c:13:a7:c0:fe:70:89:c5:45:3f:e8:8b:89:b9:8f:08:fd:29:
d7:d8:57:fc:9d:f5:78:17:63:2a:3d:02:d7:1f:49:bd:14:4a:
2f:18:a9:ac:b3:e6:44:4c:cd:6d:47:8b:db:63:98:e8:cc:06:
bd:d6:33:c1:17:66:62:8c:fc:a5:e6:f3:ac:85:35:a0:be:bd:
97:44:b1:52:47:25:ed:94:ed:36:43:53:e2:dc:05:63:ac:5a:
26:d3:75:69:f5:34:ce:ab:15:1a:af:22:05:ee:2f:2c:1e:79:
57:0c:56:70:8c:eb:5d:97:63:41:07:f7:76:2c:a3:29:59:81:
88:52:ea:67:47:22:64:4a:16:c1:3b:38:06:43:21:49:f3:66:
ea:ad:a2:5a:85:9f:8f:0e:03:f6:69:fa:94:b4:80:bf:b5:22:
59:05:eb:ab:7a:07:11:04:6d:ea:a2:a9:4d:44:7e:2a:5d:8d:
1b:1b:8f:67:f2:86:68:63:d3:e6:a3:06:d4:24:c9:dd:49:7d:
d5:e7:ca:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW+Q1TCnfRv85HHvdU/f0INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjMwMTE3MDU0NjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmY5MzFmMzU0NGY1YTZmZTI5ODRkMGMwMWZmZGY4ZmM4M2Y3NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghiNFYKd0SkBfFBE3m89GLgriWFY
D+PhBJpM3LUrKgA9gAAFl9yIZxfAAoq3u0BshTyD4sPn5P6Q9EqUIxPKjitKMBMs
co40se3mqc5mfcuYzoDKDvoDLZ0Mw/Dm9uI2HFaZWUXnifz9DmRRrMtf+QVpqkyg
C6zL/TSALsHF81pQNZimQTto4ucuo/pQcbe9CpE3OXT9UyAZaj5Er3YudEoiQQVU
uGuJpfI0WhBYXxa+eA9KB/yLeEFIR/ATDYvevgJq/ezmJMcJ336dy3g4sb/UNO+w
UdE9U6NhOQMOxwz69q2fyYQ10USLeGzW4VfGiil9B4CBlVWiUEQ1qyZ61wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEv5MfNUT1pv4phNDAH/34/IP3ZxMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvU19reDgxUlBXbV9pbUUwTUFmX2ZqOGdfZG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxD8MA0G
CSqGSIb3DQEBCwUAA4IBAQBzOsv590idbYMXidt+lxwKt4ZelE09Irtr3LE3gq96
/pV9AZREpWmsyZPCLtI6v0xpzRMGdkucE6fA/nCJxUU/6IuJuY8I/SnX2Ff8nfV4
F2MqPQLXH0m9FEovGKmss+ZETM1tR4vbY5jozAa91jPBF2ZijPyl5vOshTWgvr2X
RLFSRyXtlO02Q1Pi3AVjrFom03Vp9TTOqxUaryIF7i8sHnlXDFZwjOtdl2NBB/d2
LKMpWYGIUupnRyJkShbBOzgGQyFJ82bqraJahZ+PDgP2afqUtIC/tSJZBeuregcR
BG3qoqlNRH4qXY0bG49n8oZoY9PmowbUJMndSX3V58q/
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:32 2024 by rpki-client on console-fra.rpki-client.org