Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/141887-5507-45a5-8b0a-57a1f0b32f01/1/3Fncb39_Bs14fZAyJA3j8FQ0EZE.roa
File: 3Fncb39_Bs14fZAyJA3j8FQ0EZE.roa (raw, json)
Hash identifier: 8LPQFmJNKO7x8JcNNb3jtGBTqX2vSmX+3UaKljyFUXs=
Subject key identifier: DC:59:DC:6F:7F:7F:06:CD:78:7D:90:32:24:0D:E3:F0:54:34:11:91
Certificate issuer: /CN=ed89298644ed486ded509d946a6d6d839589ce11
Certificate serial: 018DA7849A2057E5A6DDDF5DCA5A17C7F43F
Authority key identifier: ED:89:29:86:44:ED:48:6D:ED:50:9D:94:6A:6D:6D:83:95:89:CE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7YkphkTtSG3tUJ2Uam1tg5WJzhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/141887-5507-45a5-8b0a-57a1f0b32f01/1/3Fncb39_Bs14fZAyJA3j8FQ0EZE.roa
Signing time: Wed 14 Feb 2024 12:08:21 +0000
ROA not before: Wed 14 Feb 2024 12:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50689
IP address blocks: 195.191.222.0/24 maxlen: 24
195.191.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:84:9a:20:57:e5:a6:dd:df:5d:ca:5a:17:c7:f4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed89298644ed486ded509d946a6d6d839589ce11
Validity
Not Before: Feb 14 12:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc59dc6f7f7f06cd787d9032240de3f054341191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:07:11:d0:f6:e2:6f:ec:71:f2:67:4e:f5:ff:
46:84:9d:1d:b8:c2:4d:7a:12:f0:a3:57:b6:bf:3a:
1b:e5:8c:fe:c9:86:4f:78:d2:43:b9:9d:d6:4a:99:
0e:66:4c:f2:ea:d3:e6:f1:51:3c:7b:8a:d8:2a:5f:
3a:92:ab:6f:37:1a:76:86:f1:c1:c8:aa:40:54:31:
8c:d1:4d:1f:cb:b7:97:07:59:e6:88:88:ad:15:56:
bb:de:6a:ee:c7:9c:1a:05:24:94:e7:5e:bd:9d:6a:
75:41:24:e6:11:fb:8a:71:f3:37:4d:ca:f9:d1:a1:
a9:ce:7c:af:3f:54:d7:77:f8:0f:22:7a:48:f6:72:
0c:10:b9:59:8c:58:8e:64:33:a2:84:b9:84:3e:53:
c8:0a:6d:1c:c9:41:d3:79:25:03:07:f9:da:db:dd:
3d:4d:6c:08:ac:21:35:96:06:15:22:33:b2:3e:63:
cf:af:60:cb:4c:ab:06:d9:10:3a:b4:5f:63:0e:9f:
81:a0:26:50:f1:26:a2:5e:2a:b4:e1:40:6d:77:be:
68:d6:d3:73:93:26:27:72:25:1d:66:86:d8:81:c7:
1e:93:18:bc:0d:4e:71:b2:ce:f9:98:23:e0:39:b9:
90:23:b8:ab:7a:05:ab:5f:1d:40:f6:48:f0:04:14:
b0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:59:DC:6F:7F:7F:06:CD:78:7D:90:32:24:0D:E3:F0:54:34:11:91
X509v3 Authority Key Identifier:
keyid:ED:89:29:86:44:ED:48:6D:ED:50:9D:94:6A:6D:6D:83:95:89:CE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7YkphkTtSG3tUJ2Uam1tg5WJzhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/141887-5507-45a5-8b0a-57a1f0b32f01/1/3Fncb39_Bs14fZAyJA3j8FQ0EZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/141887-5507-45a5-8b0a-57a1f0b32f01/1/7YkphkTtSG3tUJ2Uam1tg5WJzhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.222.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:c8:95:5f:0e:5c:a7:74:f2:43:d3:87:3f:5b:2d:61:7f:58:
15:be:35:f6:72:18:66:01:92:86:5a:19:47:91:13:8c:6f:54:
2e:ea:62:27:31:fe:95:a1:a7:16:20:3b:89:71:af:28:75:36:
4e:ae:b6:6d:d3:59:03:9e:c3:e3:85:05:47:4c:5e:40:c7:48:
d4:5e:f4:62:ff:3f:45:46:b7:7e:34:db:4b:e9:70:8e:77:2d:
07:12:ba:1f:3d:bf:26:c1:4c:bd:d4:08:a3:a9:c1:31:4e:6d:
4e:76:62:d5:f2:3c:bb:04:81:aa:b3:92:9e:8d:a4:7e:58:6e:
55:c4:d0:59:df:2f:cd:ea:5d:48:63:d8:ec:f7:36:b3:25:62:
c5:50:34:19:24:62:74:d0:34:1a:fa:7f:ad:72:02:c5:94:61:
ac:a4:f9:2e:08:fd:f7:ae:da:18:30:d4:98:01:d3:3d:ac:f8:
af:dc:0f:a7:e6:a1:1e:e0:f5:19:d0:32:97:86:c4:80:f6:66:
e0:2e:a0:d8:2a:05:db:b5:cd:32:39:45:72:f0:c6:64:4e:d1:
88:ec:f2:03:6c:04:4a:7b:b8:e4:1a:ea:0a:38:9b:f2:14:16:
9f:32:11:c1:d4:f7:e3:8f:1e:53:23:14:62:f2:a2:0c:c7:fe:
04:73:c0:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2nhJogV+Wm3d9dyloXx/Q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkODkyOTg2NDRlZDQ4NmRlZDUwOWQ5NDZhNmQ2ZDgzOTU4
OWNlMTEwHhcNMjQwMjE0MTIwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU5ZGM2ZjdmN2YwNmNkNzg3ZDkwMzIyNDBkZTNmMDU0MzQxMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAcR0Pbib+xx8mdO9f9GhJ0duMJN
ehLwo1e2vzob5Yz+yYZPeNJDuZ3WSpkOZkzy6tPm8VE8e4rYKl86kqtvNxp2hvHB
yKpAVDGM0U0fy7eXB1nmiIitFVa73mrux5waBSSU5169nWp1QSTmEfuKcfM3Tcr5
0aGpznyvP1TXd/gPInpI9nIMELlZjFiOZDOihLmEPlPICm0cyUHTeSUDB/na2909
TWwIrCE1lgYVIjOyPmPPr2DLTKsG2RA6tF9jDp+BoCZQ8SaiXiq04UBtd75o1tNz
kyYnciUdZobYgccekxi8DU5xss75mCPgObmQI7iregWrXx1A9kjwBBSwIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxZ3G9/fwbNeH2QMiQN4/BUNBGRMB8GA1UdIwQY
MBaAFO2JKYZE7Uht7VCdlGptbYOVic4RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1lrcGhrVHRTRzN0VUoyVWFtMXRnNVdKemhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xNDE4ODctNTUwNy00NWE1LThiMGEt
NTdhMWYwYjMyZjAxLzEvM0ZuY2IzOV9CczE0ZlpBeUpBM2o4RlEwRVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xNDE4ODctNTUwNy00NWE1LThiMGEtNTdhMWYwYjMyZjAx
LzEvN1lrcGhrVHRTRzN0VUoyVWFtMXRnNVdKemhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7/eMA0G
CSqGSIb3DQEBCwUAA4IBAQB6yJVfDlyndPJD04c/Wy1hf1gVvjX2chhmAZKGWhlH
kROMb1Qu6mInMf6VoacWIDuJca8odTZOrrZt01kDnsPjhQVHTF5Ax0jUXvRi/z9F
Rrd+NNtL6XCOdy0HErofPb8mwUy91AijqcExTm1OdmLV8jy7BIGqs5KejaR+WG5V
xNBZ3y/N6l1IY9js9zazJWLFUDQZJGJ00DQa+n+tcgLFlGGspPkuCP33rtoYMNSY
AdM9rPiv3A+n5qEe4PUZ0DKXhsSA9mbgLqDYKgXbtc0yOUVy8MZkTtGI7PIDbARK
e7jkGuoKOJvyFBafMhHB1Pfjjx5TIxRi8qIMx/4Ec8Ah
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:00 2025 by rpki-client