Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/CwYXy6EjFjwqfQ2FCbKaohmOqjQ.roa
File: CwYXy6EjFjwqfQ2FCbKaohmOqjQ.roa (raw, json)
Hash identifier: wGAMDgA3y+1fnUKSY2AYvFiV6qApBStd+6TDMNcQVxA=
Subject key identifier: 0B:06:17:CB:A1:23:16:3C:2A:7D:0D:85:09:B2:9A:A2:19:8E:AA:34
Certificate issuer: /CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Certificate serial: 018572280242F19AF8CA969C257C79564180
Authority key identifier: 0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/CwYXy6EjFjwqfQ2FCbKaohmOqjQ.roa
Signing time: Mon 02 Jan 2023 11:05:02 +0000
ROA not before: Mon 02 Jan 2023 11:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35024
IP address blocks: 195.225.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:02:42:f1:9a:f8:ca:96:9c:25:7c:79:56:41:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Validity
Not Before: Jan 2 11:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b0617cba123163c2a7d0d8509b29aa2198eaa34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:3d:94:0a:3d:ff:88:4a:d7:f7:b4:36:51:
80:bf:59:5f:ae:56:a7:5a:fb:ef:4a:bd:92:94:3a:
b1:c8:78:c0:74:3f:56:0e:ec:8b:15:a0:4a:38:7b:
3e:32:e7:73:98:55:51:09:e4:64:e7:7a:f6:d1:a5:
60:bd:f8:05:73:e7:dd:dd:ba:9d:df:fe:bf:9c:2c:
ac:00:e5:cb:3a:57:fc:88:54:f1:15:5d:cf:d1:cf:
73:30:be:6c:b6:95:81:a6:c4:13:80:35:f6:3b:d7:
48:83:00:7e:fa:5e:15:f4:92:82:d0:9f:27:09:05:
b1:67:00:2c:49:5e:d5:64:86:99:b2:7d:5c:da:09:
84:b8:14:90:45:94:0f:63:6e:ae:92:b0:f2:64:c3:
e8:57:ff:08:16:42:76:4b:84:f6:72:d2:6b:07:93:
74:d0:b0:93:56:ec:0f:92:f9:72:a7:c0:4e:40:f2:
74:f9:99:d3:65:bb:d6:bf:26:5e:b1:06:16:e2:35:
f0:a1:27:98:64:35:a4:d9:09:82:c3:3f:2a:61:fe:
0b:ca:d1:91:99:c0:2b:e9:5f:66:27:91:12:58:44:
aa:fe:f0:4f:48:58:77:eb:4d:a8:66:3e:bc:6d:84:
e8:90:c6:77:78:0d:a9:23:16:55:1a:3b:f7:ad:41:
dd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:06:17:CB:A1:23:16:3C:2A:7D:0D:85:09:B2:9A:A2:19:8E:AA:34
X509v3 Authority Key Identifier:
keyid:0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/CwYXy6EjFjwqfQ2FCbKaohmOqjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/C9fnDABfVWqCVOexKw6z0zFNReI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.34.0/23
Signature Algorithm: sha256WithRSAEncryption
06:38:f2:60:c5:5d:09:52:a6:e7:f7:08:df:a3:54:cd:fe:84:
c3:ed:1f:da:1f:cb:6e:22:14:73:ca:86:10:c8:6e:20:cb:bc:
14:26:78:23:ae:e0:38:c8:74:fa:fb:19:b7:d9:13:a2:7a:aa:
7f:9b:81:d2:bd:7d:e2:b1:75:9e:a8:4f:45:9f:f6:7e:f3:78:
a2:af:6a:57:3d:04:71:ad:80:96:97:21:bc:3f:43:fb:d4:c2:
80:6b:66:a2:d5:2e:76:d1:65:cf:a1:b1:dd:46:89:55:50:3e:
c8:a7:23:0f:2e:ef:d4:d1:cf:78:83:c5:65:52:e1:32:69:1f:
6a:a3:b9:a1:53:43:fd:f9:c1:ba:2d:5f:5f:3f:76:d7:26:25:
3a:e2:5c:2c:a2:57:2f:ee:e2:24:11:c4:a6:b5:d4:b5:d2:b2:
31:5c:a6:3d:99:f0:32:f1:42:8c:2f:c1:9a:e5:fc:da:a7:cd:
df:cb:e4:17:4c:c3:40:3f:49:9d:7e:ae:d9:df:d4:be:6b:51:
fc:27:35:f1:ce:af:a2:5a:4a:73:40:36:40:cd:c2:9e:4d:b2:
51:aa:c8:6a:06:ef:1f:3b:a5:df:0e:dc:11:40:e3:a6:e5:58:
e3:db:5f:42:d5:dc:6e:4f:9b:25:72:f7:93:57:97:22:1c:34:
c3:d3:31:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyKAJC8Zr4ypacJXx5VkGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZDdlNzBjMDA1ZjU1NmE4MjU0ZTdiMTJiMGViM2QzMzE0
ZDQ1ZTIwHhcNMjMwMTAyMTEwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA2MTdjYmExMjMxNjNjMmE3ZDBkODUwOWIyOWFhMjE5OGVhYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynw9lAo9/4hK1/e0NlGAv1lfrlan
WvvvSr2SlDqxyHjAdD9WDuyLFaBKOHs+MudzmFVRCeRk53r20aVgvfgFc+fd3bqd
3/6/nCysAOXLOlf8iFTxFV3P0c9zML5stpWBpsQTgDX2O9dIgwB++l4V9JKC0J8n
CQWxZwAsSV7VZIaZsn1c2gmEuBSQRZQPY26ukrDyZMPoV/8IFkJ2S4T2ctJrB5N0
0LCTVuwPkvlyp8BOQPJ0+ZnTZbvWvyZesQYW4jXwoSeYZDWk2QmCwz8qYf4LytGR
mcAr6V9mJ5ESWESq/vBPSFh3602oZj68bYTokMZ3eA2pIxZVGjv3rUHdSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsGF8uhIxY8Kn0NhQmymqIZjqo0MB8GA1UdIwQY
MBaAFAvX5wwAX1VqglTnsSsOs9MxTUXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQt
YmIzY2M3Yzk0NGFkLzEvQ3dZWHk2RWpGandxZlEyRkNiS2FvaG1PcWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQtYmIzY2M3Yzk0NGFk
LzEvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+EiMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOPJgxV0JUqbn9wjfo1TN/oTD7R/aH8tuIhRzyoYQ
yG4gy7wUJngjruA4yHT6+xm32ROieqp/m4HSvX3isXWeqE9Fn/Z+83iir2pXPQRx
rYCWlyG8P0P71MKAa2ai1S520WXPobHdRolVUD7IpyMPLu/U0c94g8VlUuEyaR9q
o7mhU0P9+cG6LV9fP3bXJiU64lwsolcv7uIkEcSmtdS10rIxXKY9mfAy8UKML8Ga
5fzap83fy+QXTMNAP0mdfq7Z39S+a1H8JzXxzq+iWkpzQDZAzcKeTbJRqshqBu8f
O6XfDtwRQOOm5Vjj219C1dxuT5slcveTV5ciHDTD0zFU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:20 2024 by rpki-client on console-fra.rpki-client.org