Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e78bc1-bd64-4453-97c9-ac092140967e/1/DO35Wmt5KZnP0oo2gRKwTgIqsa4.roa
File: DO35Wmt5KZnP0oo2gRKwTgIqsa4.roa (raw, json)
Hash identifier: /ejp8HGbPSmewD5gAFzqqbN+HQtpCC+pk6vncBZM3Jk=
Subject key identifier: 0C:ED:F9:5A:6B:79:29:99:CF:D2:8A:36:81:12:B0:4E:02:2A:B1:AE
Certificate issuer: /CN=481fe2efddaa00ac5e47d1c2d54b04b96107a945
Certificate serial: 018F9B0D3315D32741AEEBE54FCC00CB2902
Authority key identifier: 48:1F:E2:EF:DD:AA:00:AC:5E:47:D1:C2:D5:4B:04:B9:61:07:A9:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SB_i792qAKxeR9HC1UsEuWEHqUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e78bc1-bd64-4453-97c9-ac092140967e/1/DO35Wmt5KZnP0oo2gRKwTgIqsa4.roa
Signing time: Tue 21 May 2024 12:08:04 +0000
ROA not before: Tue 21 May 2024 12:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57268
IP address blocks: 195.60.220.0/22 maxlen: 22
195.60.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:0d:33:15:d3:27:41:ae:eb:e5:4f:cc:00:cb:29:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=481fe2efddaa00ac5e47d1c2d54b04b96107a945
Validity
Not Before: May 21 12:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cedf95a6b792999cfd28a368112b04e022ab1ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bf:07:a2:38:be:b4:fc:3f:31:b6:6a:d8:d4:
74:38:66:bc:f1:2d:ab:43:8f:b4:0d:b1:a0:a7:2a:
c3:d4:61:fb:a8:a1:c7:4f:a6:84:90:dc:d5:82:7a:
85:4a:dd:4e:3c:3a:e5:bc:82:76:66:2e:9b:dc:0d:
bd:34:67:c7:6c:63:c6:69:f2:1e:b4:43:8a:84:52:
a9:42:39:05:72:3b:21:eb:1d:8a:f1:00:68:22:cb:
0f:f7:24:81:75:ae:c2:bf:c9:08:33:fc:f0:cf:5b:
b2:d1:42:3c:87:30:f7:b5:24:75:82:52:73:6c:91:
ba:b4:eb:75:0a:76:63:e3:df:81:34:76:31:8a:8a:
d1:48:e5:95:80:4b:64:e4:26:b2:b7:fd:af:a5:b0:
cb:90:d8:45:80:01:51:49:de:38:1c:3d:13:17:fd:
ab:7f:7a:19:49:b3:3e:48:35:3c:27:2b:81:72:bc:
5c:84:6b:a7:06:44:fc:08:e3:92:61:6b:f2:02:27:
05:41:eb:61:8d:20:59:98:08:0a:b9:0a:40:76:de:
e2:43:84:d2:7f:ae:11:ce:f5:cf:85:86:63:49:33:
8e:28:6b:d8:e2:48:80:36:1a:ab:c7:ca:d6:4c:0f:
08:44:65:62:17:19:fa:29:7d:c5:11:3d:61:d1:bd:
d8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:ED:F9:5A:6B:79:29:99:CF:D2:8A:36:81:12:B0:4E:02:2A:B1:AE
X509v3 Authority Key Identifier:
keyid:48:1F:E2:EF:DD:AA:00:AC:5E:47:D1:C2:D5:4B:04:B9:61:07:A9:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SB_i792qAKxeR9HC1UsEuWEHqUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e78bc1-bd64-4453-97c9-ac092140967e/1/DO35Wmt5KZnP0oo2gRKwTgIqsa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e78bc1-bd64-4453-97c9-ac092140967e/1/SB_i792qAKxeR9HC1UsEuWEHqUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:21:b9:7d:8a:e8:67:81:5e:16:bd:81:44:96:30:77:7c:fe:
34:84:0c:94:4f:f1:a7:6e:62:82:27:d7:1e:03:35:72:12:55:
6f:a5:03:f3:0a:a9:9f:63:7a:cf:ef:6f:f3:bf:40:50:ed:3c:
76:85:25:06:a0:8b:0d:76:bf:54:94:c0:90:52:de:a6:b9:77:
e5:d1:ae:23:5f:e8:14:a0:30:e4:28:2d:d4:25:27:e2:44:61:
e7:e3:e3:65:e9:25:52:df:de:31:da:4a:4a:2b:72:a1:36:17:
09:ad:2d:59:a4:b1:5d:ab:67:08:83:39:ef:0a:8a:17:62:e5:
5d:b8:7d:05:41:18:9c:d8:e5:9b:a5:c1:d7:27:d4:1a:2a:f4:
33:c0:84:59:50:dc:6b:cb:4b:29:bf:be:22:0f:60:40:cf:7f:
7e:b0:de:78:06:f6:00:43:94:64:32:af:c0:c1:8d:87:af:de:
c6:67:6b:2d:3b:3f:51:b9:d9:ea:14:b9:a4:5b:e2:70:8f:1d:
5e:28:bc:fd:fe:5b:37:07:73:55:ea:53:e5:6c:45:86:c0:15:
5c:5c:f4:48:9a:bc:1e:24:42:8e:d8:17:b9:42:f6:d5:5b:6d:
d1:39:97:10:65:70:53:fe:68:3a:78:1b:01:b8:ce:53:bf:b2:
cc:a8:f4:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+bDTMV0ydBruvlT8wAyykCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MWZlMmVmZGRhYTAwYWM1ZTQ3ZDFjMmQ1NGIwNGI5NjEw
N2E5NDUwHhcNMjQwNTIxMTIwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VkZjk1YTZiNzkyOTk5Y2ZkMjhhMzY4MTEyYjA0ZTAyMmFiMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl78Hoji+tPw/MbZq2NR0OGa88S2r
Q4+0DbGgpyrD1GH7qKHHT6aEkNzVgnqFSt1OPDrlvIJ2Zi6b3A29NGfHbGPGafIe
tEOKhFKpQjkFcjsh6x2K8QBoIssP9ySBda7Cv8kIM/zwz1uy0UI8hzD3tSR1glJz
bJG6tOt1CnZj49+BNHYxiorRSOWVgEtk5Cayt/2vpbDLkNhFgAFRSd44HD0TF/2r
f3oZSbM+SDU8JyuBcrxchGunBkT8COOSYWvyAicFQethjSBZmAgKuQpAdt7iQ4TS
f64RzvXPhYZjSTOOKGvY4kiANhqrx8rWTA8IRGViFxn6KX3FET1h0b3Y7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzt+VpreSmZz9KKNoESsE4CKrGuMB8GA1UdIwQY
MBaAFEgf4u/dqgCsXkfRwtVLBLlhB6lFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JfaTc5MnFBS3hlUjlIQzFVc0V1V0VIcVVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lNzhiYzEtYmQ2NC00NDUzLTk3Yzkt
YWMwOTIxNDA5NjdlLzEvRE8zNVdtdDVLWm5QMG9vMmdSS3dUZ0lxc2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lNzhiYzEtYmQ2NC00NDUzLTk3YzktYWMwOTIxNDA5Njdl
LzEvU0JfaTc5MnFBS3hlUjlIQzFVc0V1V0VIcVVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzzcMA0G
CSqGSIb3DQEBCwUAA4IBAQAKIbl9iuhngV4WvYFEljB3fP40hAyUT/GnbmKCJ9ce
AzVyElVvpQPzCqmfY3rP72/zv0BQ7Tx2hSUGoIsNdr9UlMCQUt6muXfl0a4jX+gU
oDDkKC3UJSfiRGHn4+Nl6SVS394x2kpKK3KhNhcJrS1ZpLFdq2cIgznvCooXYuVd
uH0FQRic2OWbpcHXJ9QaKvQzwIRZUNxry0spv74iD2BAz39+sN54BvYAQ5RkMq/A
wY2Hr97GZ2stOz9RudnqFLmkW+Jwjx1eKLz9/ls3B3NV6lPlbEWGwBVcXPRImrwe
JEKO2Be5QvbVW23ROZcQZXBT/mg6eBsBuM5Tv7LMqPTY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:46 2025 by rpki-client