Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/p1959YEU1zRu7tp8-4BfLJSrh-M.roa
File: p1959YEU1zRu7tp8-4BfLJSrh-M.roa (raw, json)
Hash identifier: MoXq2rn550q/siGp+RXYlSvgKBRjLr9t9YpMYAKaUys=
Subject key identifier: A7:5F:79:F5:81:14:D7:34:6E:EE:DA:7C:FB:80:5F:2C:94:AB:87:E3
Certificate issuer: /CN=60325c21d2fafe743398dc1e5574433280110469
Certificate serial: 01856FDDC1D569B43BE0A76CE7379AD3A211
Authority key identifier: 60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/p1959YEU1zRu7tp8-4BfLJSrh-M.roa
Signing time: Mon 02 Jan 2023 00:24:42 +0000
ROA not before: Mon 02 Jan 2023 00:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47856
IP address blocks: 195.10.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:c1:d5:69:b4:3b:e0:a7:6c:e7:37:9a:d3:a2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60325c21d2fafe743398dc1e5574433280110469
Validity
Not Before: Jan 2 00:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a75f79f58114d7346eeeda7cfb805f2c94ab87e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:90:11:94:1a:eb:78:f7:28:9c:72:0c:97:4d:
67:fc:37:e1:27:ea:96:8b:79:43:1a:0c:6e:1d:38:
97:68:4f:27:56:b6:7f:c1:be:e0:9c:df:b2:25:f5:
7b:78:55:16:3e:1d:22:50:26:cb:21:19:94:52:e1:
e3:ee:4a:ab:6d:80:a3:06:51:71:d6:3a:38:16:5f:
76:8d:1f:2d:e4:ee:e7:c4:97:12:42:00:9d:eb:c0:
d0:40:db:48:74:81:26:38:b0:dc:b2:d9:8c:7d:9c:
26:69:40:05:70:5d:04:bc:c6:d5:87:e7:a4:c7:a4:
18:e3:09:f6:4f:cd:37:94:46:d8:54:f1:80:bb:8e:
5a:4b:ab:06:64:35:e3:ad:68:e5:c2:92:08:a6:e2:
fb:b8:a9:0f:c5:88:f1:b9:99:e0:18:5a:6a:56:2b:
72:b8:b6:a3:2f:5b:29:00:31:a5:8e:ae:53:56:fd:
be:66:e7:16:4c:95:97:35:ce:c9:31:f4:03:5a:bf:
3e:32:0c:8a:18:29:fe:96:e3:95:96:d9:b0:e7:9c:
53:db:cc:81:2d:ac:40:7d:b4:f7:7b:3e:30:39:fe:
04:3f:88:bd:12:7b:50:f1:43:bb:17:37:23:82:4a:
af:43:a9:d6:68:cb:70:b5:b1:fc:d3:2b:d6:e9:bf:
ae:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5F:79:F5:81:14:D7:34:6E:EE:DA:7C:FB:80:5F:2C:94:AB:87:E3
X509v3 Authority Key Identifier:
keyid:60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/p1959YEU1zRu7tp8-4BfLJSrh-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/YDJcIdL6_nQzmNweVXRDMoARBGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.217.0/24
Signature Algorithm: sha256WithRSAEncryption
04:98:d4:5d:f8:9c:0f:01:26:ec:5e:28:ff:05:5d:46:b2:30:
ca:6e:67:eb:a3:6a:77:4e:51:56:31:1f:3d:13:49:1f:57:ca:
5d:7f:51:32:cb:1c:16:51:c9:0b:b9:dd:bf:99:5b:75:8e:6b:
d5:08:1d:69:ee:83:c6:8d:c8:db:c1:7a:84:b3:3d:08:85:27:
fb:14:bb:8b:28:93:96:54:14:e5:e0:6a:dd:d8:3a:8d:85:fd:
40:d2:b0:f7:80:ae:f0:98:4c:a6:96:1c:a5:25:91:03:98:65:
a8:40:2a:d6:b9:a0:29:e1:2a:04:27:0b:bd:93:49:00:85:c3:
6f:4e:7d:b4:8c:bc:92:17:65:d8:2b:12:5e:c9:8b:81:62:1e:
21:d2:3e:cb:4c:77:3a:a3:0d:ff:11:8e:59:7f:b2:26:e3:bb:
31:21:db:71:76:47:9d:1f:cf:04:17:41:e5:f3:a8:20:3c:06:
74:8e:2b:98:af:03:d5:b3:39:1c:70:4e:d7:76:7f:89:bc:a7:
79:1e:2d:19:2c:ab:95:7d:d1:c8:2c:f3:7b:46:54:c4:75:b1:
80:a8:e8:4b:a1:f4:ef:9c:ba:b0:7a:3e:a0:d9:e5:c0:b4:1c:
51:50:ba:1e:b5:b9:58:d6:8e:69:9e:ab:f6:31:88:6e:23:2a:
0c:bf:dd:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3cHVabQ74Kds5zea06IRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzI1YzIxZDJmYWZlNzQzMzk4ZGMxZTU1NzQ0MzMyODAx
MTA0NjkwHhcNMjMwMTAyMDAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVmNzlmNTgxMTRkNzM0NmVlZWRhN2NmYjgwNWYyYzk0YWI4N2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5ARlBrrePconHIMl01n/DfhJ+qW
i3lDGgxuHTiXaE8nVrZ/wb7gnN+yJfV7eFUWPh0iUCbLIRmUUuHj7kqrbYCjBlFx
1jo4Fl92jR8t5O7nxJcSQgCd68DQQNtIdIEmOLDcstmMfZwmaUAFcF0EvMbVh+ek
x6QY4wn2T803lEbYVPGAu45aS6sGZDXjrWjlwpIIpuL7uKkPxYjxuZngGFpqVity
uLajL1spADGljq5TVv2+ZucWTJWXNc7JMfQDWr8+MgyKGCn+luOVltmw55xT28yB
LaxAfbT3ez4wOf4EP4i9EntQ8UO7FzcjgkqvQ6nWaMtwtbH80yvW6b+utwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdfefWBFNc0bu7afPuAXyyUq4fjMB8GA1UdIwQY
MBaAFGAyXCHS+v50M5jcHlV0QzKAEQRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQt
YzU4ZTk1Y2Q0Mjc3LzEvcDE5NTlZRVUxelJ1N3RwOC00QmZMSlNyaC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQtYzU4ZTk1Y2Q0Mjc3
LzEvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrZMA0G
CSqGSIb3DQEBCwUAA4IBAQAEmNRd+JwPASbsXij/BV1GsjDKbmfro2p3TlFWMR89
E0kfV8pdf1EyyxwWUckLud2/mVt1jmvVCB1p7oPGjcjbwXqEsz0IhSf7FLuLKJOW
VBTl4Grd2DqNhf1A0rD3gK7wmEymlhylJZEDmGWoQCrWuaAp4SoEJwu9k0kAhcNv
Tn20jLySF2XYKxJeyYuBYh4h0j7LTHc6ow3/EY5Zf7Im47sxIdtxdkedH88EF0Hl
86ggPAZ0jiuYrwPVszkccE7Xdn+JvKd5Hi0ZLKuVfdHILPN7RlTEdbGAqOhLofTv
nLqwej6g2eXAtBxRULoetblY1o5pnqv2MYhuIyoMv92d
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:14 2024 by rpki-client on console-ams.rpki-client.org