Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/jMrM7Mnmek4DwOAJCV1qlHggsNA.roa
File: jMrM7Mnmek4DwOAJCV1qlHggsNA.roa (raw, json)
Hash identifier: +zYlH3p1q0So1VpZS5IHBg6FNVJZ9AGuzfmWndV8wI8=
Subject key identifier: 8C:CA:CC:EC:C9:E6:7A:4E:03:C0:E0:09:09:5D:6A:94:78:20:B0:D0
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C3AB7D3E94B6C9DC8934A9B7845EA3E1D
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/jMrM7Mnmek4DwOAJCV1qlHggsNA.roa
Signing time: Tue 05 Dec 2023 16:02:55 +0000
ROA not before: Tue 05 Dec 2023 16:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41209
IP address blocks: 195.34.18.0/24 maxlen: 24
195.34.18.0/23 maxlen: 23
195.34.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 20:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:b7:d3:e9:4b:6c:9d:c8:93:4a:9b:78:45:ea:3e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 5 16:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ccaccecc9e67a4e03c0e009095d6a947820b0d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0c:b9:ed:4a:58:ca:1e:52:7b:79:fd:ee:b7:
8d:86:e9:e1:96:6f:e1:d2:ed:7b:a7:f9:f3:77:91:
bf:c5:8f:66:38:b0:fb:8c:ad:8d:4a:e1:75:f5:0d:
9f:a2:a0:45:f4:4d:83:21:4a:d5:bf:d1:f7:af:84:
00:de:13:ec:50:63:61:0d:05:6e:63:f0:49:db:0e:
dc:af:f3:79:13:76:ad:69:d9:64:c6:5f:d6:52:b9:
b4:56:76:73:6e:88:1e:a5:43:cb:84:ed:43:e6:57:
24:57:b4:4b:3d:90:27:68:ae:6e:3b:75:ea:08:18:
bd:30:68:55:c2:92:ac:12:3f:4a:7d:14:9f:33:c7:
9c:57:97:32:07:91:07:5f:cc:43:45:5a:c9:1f:4c:
e3:c4:84:fe:12:6c:64:f0:1b:c6:51:de:57:04:35:
35:8d:dd:ee:4d:b3:ff:12:b8:b3:db:38:51:da:66:
4d:20:ef:de:01:5c:0e:f1:70:4f:a5:ce:5c:53:b2:
b7:4e:cb:af:78:25:2c:b1:27:53:1d:0a:b4:df:f0:
4c:fd:45:6a:3a:89:53:69:cc:ca:47:c2:68:8f:32:
28:3d:93:04:63:51:9b:24:e3:89:4b:2a:eb:18:67:
47:11:ed:b1:29:c7:11:1c:6d:01:6c:0b:ba:74:1b:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CA:CC:EC:C9:E6:7A:4E:03:C0:E0:09:09:5D:6A:94:78:20:B0:D0
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/jMrM7Mnmek4DwOAJCV1qlHggsNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.18.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:ea:92:68:5c:09:3f:67:6e:b6:28:8a:d0:6c:11:57:e0:2b:
88:f4:da:f4:60:72:e7:77:62:2a:9c:1c:8d:c6:6f:c0:2c:cd:
17:6c:de:5e:75:4a:11:d2:38:6b:47:97:50:a3:f3:bb:2d:3e:
22:92:61:e9:da:97:f6:9b:f8:76:cd:02:21:ab:c6:8a:60:2a:
67:fe:c8:b3:0f:19:ba:2b:a5:1a:56:23:d5:9d:28:39:8b:1f:
8c:0f:eb:85:e8:bc:66:58:ea:74:93:20:5a:5c:1a:3e:32:06:
05:7f:0f:e7:1b:9f:53:0b:7b:25:2b:40:f8:ce:f9:63:d0:e9:
8a:9b:b6:b9:45:b5:3b:fc:99:36:97:98:06:27:b4:5c:3d:e6:
d9:fa:a4:a4:fb:6e:ab:2d:83:d0:5d:14:1b:a2:08:cc:41:83:
bd:d1:9f:06:c0:28:87:30:d7:2c:c2:63:25:7e:fa:94:b7:9a:
72:85:7b:f7:02:6e:e7:50:a5:fd:f6:31:53:2f:11:30:8c:09:
1b:11:fc:df:00:6e:fb:05:db:07:3a:6c:c5:b2:02:84:80:7c:
f0:05:e8:f6:58:54:d1:38:7a:17:e9:bf:fa:de:78:be:b9:ab:
29:2a:bd:c0:b3:a4:ae:6b:42:10:12:3e:b8:47:c1:1c:93:03:
40:e2:68:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6t9PpS2ydyJNKm3hF6j4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA1MTYwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NhY2NlY2M5ZTY3YTRlMDNjMGUwMDkwOTVkNmE5NDc4MjBiMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQy57UpYyh5Se3n97reNhunhlm/h
0u17p/nzd5G/xY9mOLD7jK2NSuF19Q2foqBF9E2DIUrVv9H3r4QA3hPsUGNhDQVu
Y/BJ2w7cr/N5E3atadlkxl/WUrm0VnZzbogepUPLhO1D5lckV7RLPZAnaK5uO3Xq
CBi9MGhVwpKsEj9KfRSfM8ecV5cyB5EHX8xDRVrJH0zjxIT+Emxk8BvGUd5XBDU1
jd3uTbP/Eriz2zhR2mZNIO/eAVwO8XBPpc5cU7K3TsuveCUssSdTHQq03/BM/UVq
OolTaczKR8JojzIoPZMEY1GbJOOJSyrrGGdHEe2xKccRHG0BbAu6dBtk5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIzKzOzJ5npOA8DgCQldapR4ILDQMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvak1yTTdNbm1lazREd09BSkNWMXFsSGdnc05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyISMA0G
CSqGSIb3DQEBCwUAA4IBAQA66pJoXAk/Z262KIrQbBFX4CuI9Nr0YHLnd2IqnByN
xm/ALM0XbN5edUoR0jhrR5dQo/O7LT4ikmHp2pf2m/h2zQIhq8aKYCpn/sizDxm6
K6UaViPVnSg5ix+MD+uF6LxmWOp0kyBaXBo+MgYFfw/nG59TC3slK0D4zvlj0OmK
m7a5RbU7/Jk2l5gGJ7RcPebZ+qSk+26rLYPQXRQbogjMQYO90Z8GwCiHMNcswmMl
fvqUt5pyhXv3Am7nUKX99jFTLxEwjAkbEfzfAG77BdsHOmzFsgKEgHzwBej2WFTR
OHoX6b/63ni+uaspKr3As6Sua0IQEj64R8EckwNA4mh8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org