Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/xfuNOh0yMdFoADbl8KtdRHnnp6w.roa
File: xfuNOh0yMdFoADbl8KtdRHnnp6w.roa (raw, json)
Hash identifier: zuEf3YDKE5SjXF3Nuvw4821volWhZWAIeU/9ZUwTKLA=
Subject key identifier: C5:FB:8D:3A:1D:32:31:D1:68:00:36:E5:F0:AB:5D:44:79:E7:A7:AC
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0185FBA53C47059562E3C685B69512D836D9
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/xfuNOh0yMdFoADbl8KtdRHnnp6w.roa
Signing time: Sun 29 Jan 2023 03:49:48 +0000
ROA not before: Sun 29 Jan 2023 03:49:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34636
IP address blocks: 195.190.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fb:a5:3c:47:05:95:62:e3:c6:85:b6:95:12:d8:36:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Jan 29 03:49:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5fb8d3a1d3231d1680036e5f0ab5d4479e7a7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1c:58:ae:35:55:8d:7c:29:73:58:9e:68:0b:
c9:06:7a:13:82:81:1b:c2:6b:b1:38:5a:c7:d0:62:
aa:fe:91:40:f6:9f:19:b4:8b:39:66:8c:8e:65:dc:
65:4b:9e:0e:7b:66:8f:81:de:02:3f:fe:8d:bd:a4:
8b:98:df:8b:da:3e:c5:4d:10:f2:2a:62:31:9e:5f:
50:5c:69:41:fe:36:39:ac:88:b8:b1:a1:af:85:60:
bb:7e:70:41:3b:b7:a0:0a:bc:3f:0a:1a:d3:56:64:
aa:c7:f6:b9:77:55:c7:de:b1:b1:55:6e:54:2b:f1:
ba:5f:a7:2f:e0:57:17:d2:32:01:35:47:41:ee:b9:
34:f6:9e:fe:76:f5:8f:8f:fe:b5:19:23:0f:20:da:
13:0e:08:b6:dd:c8:e4:56:97:bf:fc:e1:61:ec:61:
f0:60:f3:48:32:f5:14:cb:3e:f5:4c:f6:e5:c4:78:
3b:ae:51:f6:b4:0c:7d:ff:71:8c:43:6e:7e:09:0a:
b1:dd:e9:93:c0:25:79:71:2a:01:42:ed:3b:fd:bf:
7c:27:47:f8:39:44:7c:2d:64:fb:3b:aa:ff:7c:f9:
75:11:ab:88:82:45:06:80:44:57:c0:26:00:65:f1:
94:06:b7:cf:77:81:69:d6:b0:0e:ab:d3:cf:67:5c:
f7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FB:8D:3A:1D:32:31:D1:68:00:36:E5:F0:AB:5D:44:79:E7:A7:AC
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/xfuNOh0yMdFoADbl8KtdRHnnp6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:94:5c:2c:35:18:2b:1b:1f:91:20:8e:3f:d0:e2:66:01:ec:
92:63:24:49:87:33:90:b9:f2:8a:e5:58:da:f4:f9:b2:fd:b9:
09:07:96:34:33:d2:9b:8c:93:68:13:51:af:a2:87:cb:05:70:
3d:ef:50:63:08:41:dd:e9:26:5b:0e:d5:cd:15:3f:e3:1e:9e:
69:42:29:68:64:38:52:82:4e:81:e6:39:4d:bf:79:fa:07:54:
ad:76:76:fd:c3:49:93:a4:77:d7:af:0b:43:94:fa:cc:f0:bc:
42:65:04:79:49:81:21:5b:3d:4f:2d:e8:8e:1e:d6:75:8d:54:
97:30:ab:6d:a0:7e:98:c4:69:ff:6e:14:bd:ad:9a:91:72:c2:
a9:b6:07:f4:e0:f5:41:8e:c1:37:d9:96:9c:aa:19:ae:2c:28:
04:7b:37:ff:58:47:a5:33:50:7e:bc:fa:01:de:fe:75:22:98:
58:a1:bf:78:3e:64:7a:af:41:f9:54:e5:d6:2e:91:fa:aa:32:
0c:39:6c:27:8c:56:10:9c:be:11:f6:aa:a6:d2:74:1f:c1:71:
2b:06:ea:0c:73:bb:0d:08:be:c2:ab:dc:90:2c:4f:df:40:70:
fe:6f:b8:cf:12:19:e0:5f:be:99:bc:b7:95:1f:fe:13:18:a6:
eb:36:4c:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYX7pTxHBZVi48aFtpUS2DbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwMTI5MDM0OTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZiOGQzYTFkMzIzMWQxNjgwMDM2ZTVmMGFiNWQ0NDc5ZTdhN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhxYrjVVjXwpc1ieaAvJBnoTgoEb
wmuxOFrH0GKq/pFA9p8ZtIs5ZoyOZdxlS54Oe2aPgd4CP/6NvaSLmN+L2j7FTRDy
KmIxnl9QXGlB/jY5rIi4saGvhWC7fnBBO7egCrw/ChrTVmSqx/a5d1XH3rGxVW5U
K/G6X6cv4FcX0jIBNUdB7rk09p7+dvWPj/61GSMPINoTDgi23cjkVpe//OFh7GHw
YPNIMvUUyz71TPblxHg7rlH2tAx9/3GMQ25+CQqx3emTwCV5cSoBQu07/b98J0f4
OUR8LWT7O6r/fPl1EauIgkUGgERXwCYAZfGUBrfPd4Fp1rAOq9PPZ1z3xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX7jTodMjHRaAA25fCrXUR556esMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEveGZ1Tk9oMHlNZEZvQURibDhLdGRSSG5ucDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76QMA0G
CSqGSIb3DQEBCwUAA4IBAQA+lFwsNRgrGx+RII4/0OJmAeySYyRJhzOQufKK5Vja
9Pmy/bkJB5Y0M9KbjJNoE1GvoofLBXA971BjCEHd6SZbDtXNFT/jHp5pQiloZDhS
gk6B5jlNv3n6B1Stdnb9w0mTpHfXrwtDlPrM8LxCZQR5SYEhWz1PLeiOHtZ1jVSX
MKttoH6YxGn/bhS9rZqRcsKptgf04PVBjsE32ZacqhmuLCgEezf/WEelM1B+vPoB
3v51IphYob94PmR6r0H5VOXWLpH6qjIMOWwnjFYQnL4R9qqm0nQfwXErBuoMc7sN
CL7Cq9yQLE/fQHD+b7jPEhngX76ZvLeVH/4TGKbrNkyN
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:00 2024 by rpki-client on console-ams.rpki-client.org