Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/3c08ae-eb6d-4608-82c3-6c04a6ed13c5/1/2LKdqj98rgxXExlf-r-mnMZLedw.roa
File: 2LKdqj98rgxXExlf-r-mnMZLedw.roa (raw, json)
Hash identifier: gpd9pCUQZSMfBr6Vlbjg9y9JwBkztg9zDOv5mY3QTTA=
Subject key identifier: D8:B2:9D:AA:3F:7C:AE:0C:57:13:19:5F:FA:BF:A6:9C:C6:4B:79:DC
Certificate issuer: /CN=c9da2ff5a77e78eec3033dda5749a4a8c1e55164
Certificate serial: 01856E6FDBEC81D23590CEB669D7984742C4
Authority key identifier: C9:DA:2F:F5:A7:7E:78:EE:C3:03:3D:DA:57:49:A4:A8:C1:E5:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydov9ad-eO7DAz3aV0mkqMHlUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/3c08ae-eb6d-4608-82c3-6c04a6ed13c5/1/2LKdqj98rgxXExlf-r-mnMZLedw.roa
Signing time: Sun 01 Jan 2023 17:45:02 +0000
ROA not before: Sun 01 Jan 2023 17:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398464
IP address blocks: 195.64.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:db:ec:81:d2:35:90:ce:b6:69:d7:98:47:42:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9da2ff5a77e78eec3033dda5749a4a8c1e55164
Validity
Not Before: Jan 1 17:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b29daa3f7cae0c5713195ffabfa69cc64b79dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:30:4d:aa:98:ff:3f:79:b9:96:cb:3a:db:
92:e1:30:4b:52:0a:c6:f8:94:66:f9:fb:98:af:a1:
b9:c6:57:a0:4a:b9:22:28:96:be:e5:ff:5c:7f:ea:
2c:13:d9:f6:f4:26:63:49:3f:bb:2e:07:c5:1f:4a:
d1:ed:4c:42:77:eb:4c:3f:0c:5b:a4:1b:b4:15:03:
46:ad:e1:a4:16:92:3c:99:6d:97:f3:a7:76:34:44:
00:0c:40:eb:c7:1e:f5:c0:dc:7d:07:54:ba:17:be:
84:81:db:b2:38:2d:e3:9b:20:f7:fc:64:b8:04:23:
2d:1c:b5:9f:e3:49:f0:09:aa:68:de:c0:2c:20:5f:
92:38:f9:f0:f1:94:0b:b3:7a:d3:98:28:f5:45:5d:
31:ff:e3:75:06:79:85:51:1d:b4:33:0b:7c:f2:43:
e2:af:c9:20:a3:5a:93:02:17:9c:12:29:2a:e4:96:
03:3e:30:fc:50:c9:d7:17:f9:7c:f2:c5:7a:97:4d:
f2:f8:1f:86:cd:08:b8:ac:e2:a3:63:cc:fd:fc:b4:
f4:6d:e9:04:63:6d:fc:49:e2:6b:ec:e1:c7:e7:92:
61:f5:2c:76:3d:d8:cb:d1:4e:45:cb:f8:aa:26:b2:
79:13:8a:ac:b4:55:5e:c5:f1:5e:a9:cf:3a:dc:6c:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B2:9D:AA:3F:7C:AE:0C:57:13:19:5F:FA:BF:A6:9C:C6:4B:79:DC
X509v3 Authority Key Identifier:
keyid:C9:DA:2F:F5:A7:7E:78:EE:C3:03:3D:DA:57:49:A4:A8:C1:E5:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydov9ad-eO7DAz3aV0mkqMHlUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/3c08ae-eb6d-4608-82c3-6c04a6ed13c5/1/2LKdqj98rgxXExlf-r-mnMZLedw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/3c08ae-eb6d-4608-82c3-6c04a6ed13c5/1/ydov9ad-eO7DAz3aV0mkqMHlUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.115.0/24
Signature Algorithm: sha256WithRSAEncryption
92:dc:90:fc:1b:a8:1e:a5:a2:84:21:8b:ce:75:79:c6:30:5e:
7a:ce:74:e4:e9:98:8b:e3:a1:06:62:0a:68:e1:65:d8:b5:fa:
e7:d7:f3:ba:23:f8:33:57:91:99:cf:e1:c8:e9:ac:73:f8:8f:
47:d0:68:98:3d:08:1e:5e:61:a8:29:3f:f5:b4:83:07:0a:97:
a5:25:99:ed:11:da:00:16:ee:28:5d:08:56:14:02:82:bb:f0:
e5:96:86:85:69:b9:5b:de:9c:ec:6c:e5:12:6e:53:6a:1d:4f:
73:23:f3:1d:14:57:be:79:53:1d:ea:5e:b5:d1:ed:9d:fe:f0:
52:f7:f4:be:cb:12:48:20:14:1b:21:71:58:b3:45:c6:34:53:
27:ac:50:d0:de:f8:a3:eb:65:14:a8:23:05:85:84:7a:c1:dd:
53:3f:cd:4a:a9:92:f6:bf:c8:d3:f1:75:9e:73:5d:72:72:e7:
58:80:2c:cc:30:0f:af:fb:0a:08:2e:6b:fb:d1:80:0f:ee:6c:
8a:62:7d:14:2c:d9:47:50:f2:b2:c4:eb:23:a4:9d:22:e3:0c:
3f:81:f6:a9:1f:34:d3:56:a3:23:8a:c0:cf:1a:ba:3a:1f:5a:
e9:db:c6:ce:c0:20:6b:71:9c:a2:0b:19:a2:ef:8a:c8:3c:8d:
2e:46:dc:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub9vsgdI1kM62adeYR0LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGEyZmY1YTc3ZTc4ZWVjMzAzM2RkYTU3NDlhNGE4YzFl
NTUxNjQwHhcNMjMwMTAxMTc0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIyOWRhYTNmN2NhZTBjNTcxMzE5NWZmYWJmYTY5Y2M2NGI3OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8MwTaqY/z95uZbLOtuS4TBLUgrG
+JRm+fuYr6G5xlegSrkiKJa+5f9cf+osE9n29CZjST+7LgfFH0rR7UxCd+tMPwxb
pBu0FQNGreGkFpI8mW2X86d2NEQADEDrxx71wNx9B1S6F76EgduyOC3jmyD3/GS4
BCMtHLWf40nwCapo3sAsIF+SOPnw8ZQLs3rTmCj1RV0x/+N1BnmFUR20Mwt88kPi
r8kgo1qTAhecEikq5JYDPjD8UMnXF/l88sV6l03y+B+GzQi4rOKjY8z9/LT0bekE
Y238SeJr7OHH55Jh9Sx2PdjL0U5Fy/iqJrJ5E4qstFVexfFeqc863GzXeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiynao/fK4MVxMZX/q/ppzGS3ncMB8GA1UdIwQY
MBaAFMnaL/WnfnjuwwM92ldJpKjB5VFkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRvdjlhZC1lTzdEQXozYVYwbWtxTUhsVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zYzA4YWUtZWI2ZC00NjA4LTgyYzMt
NmMwNGE2ZWQxM2M1LzEvMkxLZHFqOThyZ3hYRXhsZi1yLW1uTVpMZWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zYzA4YWUtZWI2ZC00NjA4LTgyYzMtNmMwNGE2ZWQxM2M1
LzEveWRvdjlhZC1lTzdEQXozYVYwbWtxTUhsVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BzMA0G
CSqGSIb3DQEBCwUAA4IBAQCS3JD8G6gepaKEIYvOdXnGMF56znTk6ZiL46EGYgpo
4WXYtfrn1/O6I/gzV5GZz+HI6axz+I9H0GiYPQgeXmGoKT/1tIMHCpelJZntEdoA
Fu4oXQhWFAKCu/DlloaFablb3pzsbOUSblNqHU9zI/MdFFe+eVMd6l610e2d/vBS
9/S+yxJIIBQbIXFYs0XGNFMnrFDQ3vij62UUqCMFhYR6wd1TP81KqZL2v8jT8XWe
c11ycudYgCzMMA+v+woILmv70YAP7myKYn0ULNlHUPKyxOsjpJ0i4ww/gfapHzTT
VqMjisDPGro6H1rp28bOwCBrcZyiCxmi74rIPI0uRtw4
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:27 2024 by rpki-client on console-fra.rpki-client.org