Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/poMsNdOpNwfDfObn5ulOMYX6FWI.roa
File: poMsNdOpNwfDfObn5ulOMYX6FWI.roa (raw, json)
Hash identifier: uNKbFIuO4S0XgLMzC4vKM4WB7VSql2/c+NR1UufaWeg=
Subject key identifier: A6:83:2C:35:D3:A9:37:07:C3:7C:E6:E7:E6:E9:4E:31:85:FA:15:62
Certificate issuer: /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial: 0192755140A50E6C786F325CFB40D2FD8C0F
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/poMsNdOpNwfDfObn5ulOMYX6FWI.roa
Signing time: Thu 10 Oct 2024 07:25:12 +0000
ROA not before: Thu 10 Oct 2024 07:25:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3240
IP address blocks: 195.231.128.0/20 maxlen: 20
2a10:cf80:1000::/48 maxlen: 48
2a10:cf80:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 11 Oct 2024 07:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:51:40:a5:0e:6c:78:6f:32:5c:fb:40:d2:fd:8c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
Validity
Not Before: Oct 10 07:25:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6832c35d3a93707c37ce6e7e6e94e3185fa1562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:32:05:a3:de:3e:ae:da:16:02:07:8f:de:
4f:3e:9a:3e:20:bc:00:3e:d8:3a:a4:37:5a:9c:bf:
b5:32:c1:8c:de:0b:19:f6:16:e7:ad:1b:3c:d6:e0:
3b:0f:84:f1:e8:0d:7c:00:0f:15:35:76:87:f8:35:
af:68:49:a4:08:09:5c:62:33:af:e4:87:8a:20:09:
22:09:14:71:ea:56:65:1d:76:b0:39:6f:66:5b:24:
c1:01:95:ff:86:ff:b3:81:83:c3:8e:12:d8:02:b8:
a4:41:78:32:e9:b3:7d:92:e5:61:f4:72:da:69:ff:
cd:39:d1:fd:88:66:46:53:4b:8d:eb:d2:e4:2f:9d:
fa:26:b4:9b:c4:ac:ce:7b:e2:d1:e5:6c:37:e2:5b:
bf:43:a0:60:03:71:7a:b8:15:54:24:15:d5:f5:a2:
df:13:43:9c:44:15:4d:49:ad:a3:a7:6d:ac:3b:c9:
76:8d:35:c0:0e:48:53:d5:f6:47:1a:ac:4e:61:e5:
e7:46:02:ce:50:3e:7e:e7:5e:e6:0b:4c:99:31:34:
79:90:73:0f:48:a7:8c:62:6b:cf:6d:aa:04:d1:a4:
ec:6c:31:19:e0:f6:75:3b:b1:6a:4e:90:16:e8:33:
6a:1a:7e:eb:44:25:e6:36:90:1f:91:52:73:50:c5:
83:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:83:2C:35:D3:A9:37:07:C3:7C:E6:E7:E6:E9:4E:31:85:FA:15:62
X509v3 Authority Key Identifier:
keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/poMsNdOpNwfDfObn5ulOMYX6FWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.231.128.0/20
IPv6:
2a10:cf80:1000::/48
2a10:cf80:2000::/48
Signature Algorithm: sha256WithRSAEncryption
80:77:c7:e3:b9:e9:a1:94:73:5a:46:80:8c:3c:bc:65:87:19:
57:a7:8f:32:b9:1b:a5:db:3e:7e:ea:e5:8c:7a:9c:ff:24:04:
af:da:a1:fb:b2:aa:ab:3b:2d:c9:79:ea:e5:87:96:c7:52:8e:
40:d7:81:b0:a4:52:0f:a5:0a:1f:4d:d6:1c:1b:5e:44:a2:6b:
c2:5a:e0:f2:d0:ad:d1:68:23:f6:a7:fd:a5:8f:62:28:15:a4:
c5:c6:eb:ac:5b:14:a9:99:31:83:82:ac:b5:01:61:01:14:cb:
83:ee:03:c5:5a:b1:a7:76:5a:f5:cf:1c:1d:c0:f8:fc:84:16:
dd:b0:b6:b4:67:e7:6f:cd:18:00:06:24:91:f8:aa:f2:08:21:
e7:df:de:cb:47:c5:13:89:93:1e:74:bf:b7:4e:22:87:fe:10:
4e:11:e5:45:b9:2b:bf:24:40:b3:7c:79:f6:54:07:54:fd:0a:
f9:eb:b7:c9:0c:a3:af:e1:7f:e2:ff:2e:a2:60:2a:65:59:7b:
e0:35:5c:02:e2:11:c1:9b:7d:0e:4b:dd:17:4f:dd:4e:52:12:
f5:0a:46:7c:65:a7:22:80:a7:f9:9b:2b:d5:42:05:22:af:10:
b4:77:96:61:2c:e5:1b:8b:e4:50:fe:98:ef:84:e2:3a:84:44:
f8:cb:b7:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJ1UUClDmx4bzJc+0DS/YwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjQxMDEwMDcyNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjgzMmMzNWQzYTkzNzA3YzM3Y2U2ZTdlNmU5NGUzMTg1ZmExNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdgyBaPePq7aFgIHj95PPpo+ILwA
Ptg6pDdanL+1MsGM3gsZ9hbnrRs81uA7D4Tx6A18AA8VNXaH+DWvaEmkCAlcYjOv
5IeKIAkiCRRx6lZlHXawOW9mWyTBAZX/hv+zgYPDjhLYArikQXgy6bN9kuVh9HLa
af/NOdH9iGZGU0uN69LkL536JrSbxKzOe+LR5Ww34lu/Q6BgA3F6uBVUJBXV9aLf
E0OcRBVNSa2jp22sO8l2jTXADkhT1fZHGqxOYeXnRgLOUD5+517mC0yZMTR5kHMP
SKeMYmvPbaoE0aTsbDEZ4PZ1O7FqTpAW6DNqGn7rRCXmNpAfkVJzUMWD9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKaDLDXTqTcHw3zm5+bpTjGF+hViMB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvcG9Nc05kT3BOd2ZEZk9ibjV1bE9NWVg2RldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQEw+eAMBgE
AgACMBIDBwAqEM+AEAADBwAqEM+AIAAwDQYJKoZIhvcNAQELBQADggEBAIB3x+O5
6aGUc1pGgIw8vGWHGVenjzK5G6XbPn7q5Yx6nP8kBK/aofuyqqs7Lcl56uWHlsdS
jkDXgbCkUg+lCh9N1hwbXkSia8Ja4PLQrdFoI/an/aWPYigVpMXG66xbFKmZMYOC
rLUBYQEUy4PuA8Vasad2WvXPHB3A+PyEFt2wtrRn52/NGAAGJJH4qvIIIeff3stH
xROJkx50v7dOIof+EE4R5UW5K78kQLN8efZUB1T9Cvnrt8kMo6/hf+L/LqJgKmVZ
e+A1XALiEcGbfQ5L3RdP3U5SEvUKRnxlpyKAp/mbK9VCBSKvELR3lmEs5RuL5FD+
mO+E4jqERPjLt5I=
-----END CERTIFICATE-----
Generated at Fri Oct 11 09:41:01 2024 by rpki-client on console-ams.rpki-client.org