Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/r5K8fXgvp2XyeafB9snUv6lHQuc.roa
File: r5K8fXgvp2XyeafB9snUv6lHQuc.roa (raw, json)
Hash identifier: NjCLHcgAYLCOoeYj/s/XZmk72tbE4zKr1+Zk6DTB+j0=
Subject key identifier: AF:92:BC:7D:78:2F:A7:65:F2:79:A7:C1:F6:C9:D4:BF:A9:47:42:E7
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 0185730CCA431357C1E5E6D08C07432E18E5
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/r5K8fXgvp2XyeafB9snUv6lHQuc.roa
Signing time: Mon 02 Jan 2023 15:14:56 +0000
ROA not before: Mon 02 Jan 2023 15:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207959
IP address blocks: 195.62.32.0/24 maxlen: 24
195.62.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 10:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:ca:43:13:57:c1:e5:e6:d0:8c:07:43:2e:18:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Jan 2 15:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af92bc7d782fa765f279a7c1f6c9d4bfa94742e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:e5:d6:99:0e:c4:75:2f:d6:1c:23:cd:c0:
43:6b:7f:5d:da:b7:74:79:bc:dd:09:5c:66:42:85:
4a:6d:44:4a:cf:b2:04:b7:0b:41:26:74:e6:9d:a8:
40:17:1b:12:c1:c0:e9:b9:22:7d:52:50:10:a8:1a:
e4:ea:b2:9e:a2:5b:24:e9:02:c2:fc:f8:16:59:77:
60:2d:fe:74:47:66:0d:f1:7b:4a:23:af:08:8f:7e:
1a:69:92:6a:3c:a9:02:a2:2b:32:b3:8e:19:29:fc:
7d:f6:90:de:c8:1b:ff:ca:f6:1b:00:3d:01:69:3f:
fc:12:8b:85:5f:98:3b:88:cf:1d:76:11:f2:91:9b:
12:54:2d:aa:ec:f7:4b:f0:84:96:45:76:a3:91:b2:
d4:62:2c:a3:b3:86:13:96:54:a8:09:cc:61:f4:14:
af:14:f0:0a:08:6c:da:60:62:83:cc:23:94:b5:5f:
45:30:0b:36:cd:73:91:36:65:42:ce:b6:f8:82:33:
74:77:a9:6a:a4:d0:65:c6:73:8a:10:0b:f7:c4:f8:
e0:35:0a:a7:02:ef:5c:7c:25:60:aa:2e:c8:e3:26:
a1:8d:61:38:8e:ed:fb:1a:7d:de:15:1b:1d:b4:47:
9d:07:29:89:ae:04:2a:69:65:0e:75:77:7b:c2:32:
29:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:92:BC:7D:78:2F:A7:65:F2:79:A7:C1:F6:C9:D4:BF:A9:47:42:E7
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/r5K8fXgvp2XyeafB9snUv6lHQuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.62.32.0/24
195.62.46.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:c1:43:16:99:17:95:05:4a:5c:7e:b8:33:d9:3c:83:fa:95:
d5:ee:41:9c:05:c2:fb:53:40:cf:7d:c1:9e:3e:06:d5:08:d1:
1f:8f:d0:ee:8b:a8:b8:1e:ee:7a:bc:79:07:63:c9:ca:85:7b:
99:6b:75:d2:74:97:0c:14:4a:24:79:7a:e5:ac:cb:e0:c4:ce:
e3:72:97:67:7d:dc:cf:be:1d:29:cc:4c:5f:91:94:c8:d5:c0:
4d:60:ae:d3:fa:b0:7a:73:77:24:a6:a9:85:04:02:e9:38:70:
4a:f4:43:8e:37:ba:09:e6:68:05:fe:ed:3a:86:ed:6f:bb:c8:
1b:0c:73:3f:9d:28:16:c4:8a:ba:50:ae:7d:47:17:d7:9d:c5:
fd:d3:53:b4:6b:2d:6b:a6:7b:3c:d6:bc:6e:a9:43:8b:bd:f7:
c0:9d:6d:97:79:c0:91:67:9b:7e:ab:96:41:33:45:1d:f8:2d:
e3:99:ae:52:ae:18:47:27:ae:1f:56:9a:e3:f1:2e:1f:f0:ab:
ab:3d:0b:05:83:88:51:e7:d4:1c:69:9c:55:b2:1c:54:4b:44:
af:ea:31:a6:fe:7c:b5:a7:4a:d6:66:d5:d2:6c:47:cd:80:4b:
2c:3a:6c:51:36:ee:e7:fd:91:41:c1:33:28:b3:5b:16:db:f2:
e0:cb:0a:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzDMpDE1fB5ebQjAdDLhjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMwMTAyMTUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjkyYmM3ZDc4MmZhNzY1ZjI3OWE3YzFmNmM5ZDRiZmE5NDc0MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHnl1pkOxHUv1hwjzcBDa39d2rd0
ebzdCVxmQoVKbURKz7IEtwtBJnTmnahAFxsSwcDpuSJ9UlAQqBrk6rKeolsk6QLC
/PgWWXdgLf50R2YN8XtKI68Ij34aaZJqPKkCoisys44ZKfx99pDeyBv/yvYbAD0B
aT/8EouFX5g7iM8ddhHykZsSVC2q7PdL8ISWRXajkbLUYiyjs4YTllSoCcxh9BSv
FPAKCGzaYGKDzCOUtV9FMAs2zXORNmVCzrb4gjN0d6lqpNBlxnOKEAv3xPjgNQqn
Au9cfCVgqi7I4yahjWE4ju37Gn3eFRsdtEedBymJrgQqaWUOdXd7wjIp+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK+SvH14L6dl8nmnwfbJ1L+pR0LnMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvcjVLOGZYZ3ZwMlh5ZWFmQjlzblV2NmxIUXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwz4gAwQA
wz4uMA0GCSqGSIb3DQEBCwUAA4IBAQCpwUMWmReVBUpcfrgz2TyD+pXV7kGcBcL7
U0DPfcGePgbVCNEfj9Dui6i4Hu56vHkHY8nKhXuZa3XSdJcMFEokeXrlrMvgxM7j
cpdnfdzPvh0pzExfkZTI1cBNYK7T+rB6c3ckpqmFBALpOHBK9EOON7oJ5mgF/u06
hu1vu8gbDHM/nSgWxIq6UK59RxfXncX901O0ay1rpns81rxuqUOLvffAnW2XecCR
Z5t+q5ZBM0Ud+C3jma5SrhhHJ64fVprj8S4f8KurPQsFg4hR59QcaZxVshxUS0Sv
6jGm/ny1p0rWZtXSbEfNgEssOmxRNu7n/ZFBwTMos1sW2/Lgywqt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org