Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/rAdNTrC_oNVFcujon-kG8A4F1ME.roa
File: rAdNTrC_oNVFcujon-kG8A4F1ME.roa (raw, json)
Hash identifier: yzPR9E7OpIIro/VdSDeSbD4nBSm712W/XBzTEpIC4lY=
Subject key identifier: AC:07:4D:4E:B0:BF:A0:D5:45:72:E8:E8:9F:E9:06:F0:0E:05:D4:C1
Certificate issuer: /CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Certificate serial: 01856CB85EF18DCD8DFE1D6EE74D532EF83C
Authority key identifier: 6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/rAdNTrC_oNVFcujon-kG8A4F1ME.roa
Signing time: Sun 01 Jan 2023 09:45:00 +0000
ROA not before: Sun 01 Jan 2023 09:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13008
IP address blocks: 195.72.132.0/24 maxlen: 24
195.72.133.0/24 maxlen: 24
195.72.135.0/24 maxlen: 24
195.72.134.0/24 maxlen: 24
2001:67c:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5e:f1:8d:cd:8d:fe:1d:6e:e7:4d:53:2e:f8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Validity
Not Before: Jan 1 09:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac074d4eb0bfa0d54572e8e89fe906f00e05d4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ed:cf:87:60:21:cf:3a:42:80:69:f9:09:59:
07:b7:74:02:17:14:6c:78:a1:96:b0:09:ac:6c:65:
25:48:4a:96:f2:62:e0:a5:b0:91:d2:55:57:b2:1c:
8c:69:3e:f5:b9:1e:3b:32:28:a7:90:19:88:88:f2:
ce:87:34:76:f8:9c:7e:9d:92:85:36:ba:83:d0:d5:
32:58:9f:04:45:d1:3c:63:5b:c9:60:57:53:b2:7d:
46:d0:9e:e4:85:1d:a6:9f:5d:dd:f6:68:98:d0:a9:
7d:89:e8:a9:02:74:c9:19:b9:23:ab:93:fd:af:e4:
c7:c5:7b:7e:ed:42:99:4c:07:f7:e0:23:06:96:94:
c0:10:cd:a3:29:c2:1c:d6:82:91:05:fb:9b:3d:f1:
a7:e2:de:9a:47:a2:41:fe:59:8f:ee:e4:a1:ce:33:
70:6c:fd:5a:77:64:c5:04:fa:49:bb:e8:36:45:cd:
24:bf:37:31:16:d9:3c:26:32:ff:9c:32:83:d7:f8:
34:b6:3c:af:a5:d7:23:e0:91:9a:7e:2d:a9:bd:5c:
23:24:df:a6:90:65:45:11:5b:d8:2f:d8:29:7d:91:
6e:fd:14:cd:f4:fd:3d:ec:2f:e7:0f:22:a9:35:c6:
f2:8c:a1:53:69:50:2c:19:14:bd:e5:5d:52:1f:2d:
67:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:07:4D:4E:B0:BF:A0:D5:45:72:E8:E8:9F:E9:06:F0:0E:05:D4:C1
X509v3 Authority Key Identifier:
keyid:6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/rAdNTrC_oNVFcujon-kG8A4F1ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/arRJwZjLlmN7rBpbbVHLMfJYuyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.132.0/22
IPv6:
2001:67c:404::/48
Signature Algorithm: sha256WithRSAEncryption
bc:01:d1:f0:18:9a:94:a9:49:41:2d:7a:3a:55:41:1c:32:cb:
34:ac:1d:c8:47:04:af:f3:db:2c:16:d2:96:54:d5:ae:d0:c5:
cc:be:5f:a9:e3:22:13:26:6c:e8:92:e5:fb:d2:54:c6:23:ad:
df:8d:37:41:bc:fc:72:88:b1:be:cd:ac:ab:6e:f7:8d:88:7a:
da:03:c1:69:19:c0:17:ab:b0:f6:dd:b9:a9:dd:8c:65:be:6c:
28:7c:77:99:c1:a4:10:43:97:d7:2e:3d:a1:75:e6:c2:f5:68:
18:c9:f8:b4:b5:ae:d9:7f:b6:c7:f9:ff:2e:20:d3:74:38:e2:
e6:88:1f:29:50:07:92:f2:9b:0d:7a:e8:93:95:6f:f8:01:f3:
56:c7:12:52:07:34:0f:a8:0d:ac:52:dc:10:2c:02:b6:98:b6:
a2:a1:d2:79:f9:58:ac:1f:01:7b:12:5f:33:60:2b:02:05:53:
f9:07:ae:77:d1:31:36:70:f0:02:ca:a1:db:c2:92:d5:09:77:
62:b0:a7:8a:30:dd:02:28:a9:91:05:00:e8:c9:e1:5a:70:fd:
c9:8b:62:63:ab:94:57:9e:57:2a:14:23:3a:0d:fc:db:53:81:
b6:4f:ed:be:61:db:16:42:cc:90:e1:99:0d:6f:71:5d:a4:75:
a4:ac:42:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsuF7xjc2N/h1u501TLvg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjQ0OWMxOThjYjk2NjM3YmFjMWE1YjZkNTFjYjMxZjI1
OGJiMmMwHhcNMjMwMTAxMDk0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzA3NGQ0ZWIwYmZhMGQ1NDU3MmU4ZTg5ZmU5MDZmMDBlMDVkNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+3Ph2AhzzpCgGn5CVkHt3QCFxRs
eKGWsAmsbGUlSEqW8mLgpbCR0lVXshyMaT71uR47MiinkBmIiPLOhzR2+Jx+nZKF
NrqD0NUyWJ8ERdE8Y1vJYFdTsn1G0J7khR2mn13d9miY0Kl9ieipAnTJGbkjq5P9
r+THxXt+7UKZTAf34CMGlpTAEM2jKcIc1oKRBfubPfGn4t6aR6JB/lmP7uShzjNw
bP1ad2TFBPpJu+g2Rc0kvzcxFtk8JjL/nDKD1/g0tjyvpdcj4JGafi2pvVwjJN+m
kGVFEVvYL9gpfZFu/RTN9P097C/nDyKpNcbyjKFTaVAsGRS95V1SHy1nCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKwHTU6wv6DVRXLo6J/pBvAOBdTBMB8GA1UdIwQY
MBaAFGq0ScGYy5Zje6waW21RyzHyWLssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2Mt
ZDY3ZGEzYzY5NjliLzEvckFkTlRyQ19vTlZGY3Vqb24ta0c4QTRGMU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2MtZDY3ZGEzYzY5Njli
LzEvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw0iEMA8E
AgACMAkDBwAgAQZ8BAQwDQYJKoZIhvcNAQELBQADggEBALwB0fAYmpSpSUEtejpV
QRwyyzSsHchHBK/z2ywW0pZU1a7Qxcy+X6njIhMmbOiS5fvSVMYjrd+NN0G8/HKI
sb7NrKtu942IetoDwWkZwBersPbduandjGW+bCh8d5nBpBBDl9cuPaF15sL1aBjJ
+LS1rtl/tsf5/y4g03Q44uaIHylQB5Lymw166JOVb/gB81bHElIHNA+oDaxS3BAs
AraYtqKh0nn5WKwfAXsSXzNgKwIFU/kHrnfRMTZw8ALKodvCktUJd2Kwp4ow3QIo
qZEFAOjJ4Vpw/cmLYmOrlFeeVyoUIzoN/NtTgbZP7b5h2xZCzJDhmQ1vcV2kdaSs
Qqs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:05 2024 by rpki-client on console-ams.rpki-client.org