Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/kd6rwa8a2-dLv4f-D7ZePfxxr8w.roa
File: kd6rwa8a2-dLv4f-D7ZePfxxr8w.roa (raw, json)
Hash identifier: xVXj/FNWfkko06MS/2KjKGltnZ7O569wX47MWJVEptg=
Subject key identifier: 91:DE:AB:C1:AF:1A:DB:E7:4B:BF:87:FE:0F:B6:5E:3D:FC:71:AF:CC
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 01857067559C94A6D94E3D8EBFE22868F2DE
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/kd6rwa8a2-dLv4f-D7ZePfxxr8w.roa
Signing time: Mon 02 Jan 2023 02:54:58 +0000
ROA not before: Mon 02 Jan 2023 02:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59642
IP address blocks: 195.189.96.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 Mar 2023 06:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:55:9c:94:a6:d9:4e:3d:8e:bf:e2:28:68:f2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Jan 2 02:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91deabc1af1adbe74bbf87fe0fb65e3dfc71afcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:5b:7f:38:8a:be:53:4c:5f:c8:e5:f8:bd:
59:1d:40:df:58:9e:31:08:82:56:96:8b:9a:6f:4f:
6e:a6:d0:76:59:89:ff:4d:ed:d6:7b:b4:70:72:bd:
82:57:9d:37:de:8f:56:65:5a:4f:54:a4:c5:01:5e:
d0:5b:11:de:e7:cb:97:e1:91:1f:fd:ca:97:11:8c:
13:96:a0:5e:2a:15:c2:b5:2c:05:87:ff:08:37:16:
10:f4:0f:7e:93:4c:d3:a9:18:ec:97:e2:c2:fb:07:
02:4f:38:19:96:d9:fc:81:91:54:6f:cf:89:4d:69:
ea:34:0d:f1:df:4a:53:50:e6:30:d2:bd:da:6e:58:
af:4a:0b:09:f7:13:f4:8e:ed:90:5a:0e:f5:16:0e:
45:50:91:ef:20:fe:2a:50:8e:84:19:e9:3f:b6:b4:
f8:c5:52:9c:95:78:ec:04:fb:4a:45:46:07:64:ba:
a8:b0:57:cd:fc:85:fb:fb:b1:1c:8e:52:6e:30:a0:
2c:f7:63:f9:95:be:f9:6c:0b:9f:ac:3c:f1:9e:01:
04:d3:9d:34:de:5b:24:f0:11:36:97:17:69:2a:69:
51:81:36:80:ab:fe:53:b3:9e:ea:44:0f:9e:07:28:
33:40:78:1b:78:4f:03:1c:08:fa:10:ad:ff:9e:b6:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:AB:C1:AF:1A:DB:E7:4B:BF:87:FE:0F:B6:5E:3D:FC:71:AF:CC
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/kd6rwa8a2-dLv4f-D7ZePfxxr8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.96.0/22
Signature Algorithm: sha256WithRSAEncryption
de:5c:83:f4:e8:c4:d7:e4:33:99:1f:8d:72:bb:ba:79:fb:d3:
df:21:85:3d:a8:08:ba:21:5f:cd:de:fa:f8:99:79:f7:fa:40:
6f:24:5f:1b:76:f9:b3:5e:8a:2f:0a:89:5d:9b:56:5c:f3:5f:
6d:9c:44:85:35:b2:5c:8c:d1:78:ae:e3:92:07:05:de:2c:4a:
04:37:e0:98:03:52:f3:34:dd:bd:0b:ef:7e:11:cb:58:f4:9f:
56:fe:40:3d:a1:db:86:c0:50:b0:cc:fb:ef:e0:21:4c:7e:09:
65:d3:8c:66:c6:97:6a:88:c2:f3:35:5a:07:3a:79:6a:0e:09:
8a:2f:39:c7:c6:26:c3:73:ba:a3:4d:c5:fd:59:3f:e2:63:e8:
c5:91:98:43:2f:90:87:fd:7d:18:61:29:68:f1:6d:57:13:17:
b3:e2:72:96:5c:ba:58:b8:a4:ca:c7:98:80:69:bd:78:e3:42:
65:4f:19:d1:78:1c:6c:1c:d0:9a:75:a6:c2:1c:8c:e5:46:1c:
c4:14:23:c9:dc:17:d5:3a:58:13:54:be:c0:d3:92:4e:01:88:
01:4e:db:db:e8:a0:8d:0e:5a:1f:c3:98:cb:9d:8d:ab:fe:c5:
71:ed:89:68:88:f3:9a:f3:97:6c:f9:85:35:6a:19:7c:b2:2d:
42:43:4a:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1WclKbZTj2Ov+IoaPLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMwMTAyMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRlYWJjMWFmMWFkYmU3NGJiZjg3ZmUwZmI2NWUzZGZjNzFhZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0ZbfziKvlNMX8jl+L1ZHUDfWJ4x
CIJWlouab09uptB2WYn/Te3We7Rwcr2CV5033o9WZVpPVKTFAV7QWxHe58uX4ZEf
/cqXEYwTlqBeKhXCtSwFh/8INxYQ9A9+k0zTqRjsl+LC+wcCTzgZltn8gZFUb8+J
TWnqNA3x30pTUOYw0r3ablivSgsJ9xP0ju2QWg71Fg5FUJHvIP4qUI6EGek/trT4
xVKclXjsBPtKRUYHZLqosFfN/IX7+7EcjlJuMKAs92P5lb75bAufrDzxngEE0500
3lsk8BE2lxdpKmlRgTaAq/5Ts57qRA+eBygzQHgbeE8DHAj6EK3/nrYSRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHeq8GvGtvnS7+H/g+2Xj38ca/MMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEva2Q2cndhOGEyLWRMdjRmLUQ3WmVQZnh4cjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw71gMA0G
CSqGSIb3DQEBCwUAA4IBAQDeXIP06MTX5DOZH41yu7p5+9PfIYU9qAi6IV/N3vr4
mXn3+kBvJF8bdvmzXoovColdm1Zc819tnESFNbJcjNF4ruOSBwXeLEoEN+CYA1Lz
NN29C+9+EctY9J9W/kA9oduGwFCwzPvv4CFMfgll04xmxpdqiMLzNVoHOnlqDgmK
LznHxibDc7qjTcX9WT/iY+jFkZhDL5CH/X0YYSlo8W1XExez4nKWXLpYuKTKx5iA
ab1440JlTxnReBxsHNCadabCHIzlRhzEFCPJ3BfVOlgTVL7A05JOAYgBTtvb6KCN
Dlofw5jLnY2r/sVx7YloiPOa85ds+YU1ahl8si1CQ0q4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org