Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/1srYH8Osh-RP_71MbwSfIzbM-ZY.roa
File: 1srYH8Osh-RP_71MbwSfIzbM-ZY.roa (raw, json)
Hash identifier: j3oFf9wPBHjhJIZYrnm/15tSmF325ETmu17GUrAlZ50=
Subject key identifier: D6:CA:D8:1F:C3:AC:87:E4:4F:FF:BD:4C:6F:04:9F:23:36:CC:F9:96
Certificate issuer: /CN=204d7d8652a99fc17fff2d7decc49e556aa0eb80
Certificate serial: 01927A721E98F995A305790606CF96962E29
Authority key identifier: 20:4D:7D:86:52:A9:9F:C1:7F:FF:2D:7D:EC:C4:9E:55:6A:A0:EB:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IE19hlKpn8F__y197MSeVWqg64A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/1srYH8Osh-RP_71MbwSfIzbM-ZY.roa
Signing time: Fri 11 Oct 2024 07:19:12 +0000
ROA not before: Fri 11 Oct 2024 07:19:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 195.242.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:72:1e:98:f9:95:a3:05:79:06:06:cf:96:96:2e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204d7d8652a99fc17fff2d7decc49e556aa0eb80
Validity
Not Before: Oct 11 07:19:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6cad81fc3ac87e44fffbd4c6f049f2336ccf996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:6a:c8:4c:e7:8d:a2:79:d9:0f:20:2d:b8:
15:50:02:bf:18:2b:b0:76:2c:f3:89:2a:16:66:40:
d5:78:b7:80:ab:0d:c2:cb:90:7f:3b:67:f4:cb:65:
26:b2:f9:06:0a:66:1d:31:3c:47:fb:54:27:e6:88:
92:50:ba:85:be:26:7f:07:9a:7d:7f:cf:17:04:d1:
8e:6b:1a:74:fb:ec:67:f1:9d:89:bc:70:db:d2:d1:
58:1c:74:59:30:1c:56:03:bc:90:33:d5:2e:2a:05:
a7:55:7f:42:98:29:b4:c6:73:83:e0:f4:cc:52:71:
cd:94:5c:d9:13:96:cb:3f:05:14:ef:72:37:4c:49:
9b:89:71:32:f3:df:5c:08:00:fd:ec:e8:10:06:8c:
41:fc:cf:09:41:85:e1:ee:c6:81:03:a9:6c:d7:b6:
e4:41:c2:52:83:17:7b:23:07:11:ea:aa:f1:ee:a3:
a3:ef:9e:16:9a:b9:f1:f1:e0:b8:0a:98:21:14:62:
8d:29:d2:88:b0:73:36:91:fe:14:f0:cc:c1:71:b5:
ac:6e:7b:db:5a:08:eb:22:33:2f:f9:90:63:4f:75:
be:a9:5a:40:ea:ba:94:a4:ea:88:63:76:05:6c:f3:
ae:0d:5d:f9:72:ad:2d:a6:86:bc:b9:27:67:9f:87:
41:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:CA:D8:1F:C3:AC:87:E4:4F:FF:BD:4C:6F:04:9F:23:36:CC:F9:96
X509v3 Authority Key Identifier:
keyid:20:4D:7D:86:52:A9:9F:C1:7F:FF:2D:7D:EC:C4:9E:55:6A:A0:EB:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IE19hlKpn8F__y197MSeVWqg64A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/1srYH8Osh-RP_71MbwSfIzbM-ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ac0694-1e22-436d-82c9-17ce620e74f1/1/IE19hlKpn8F__y197MSeVWqg64A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.170.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:9c:2a:35:fb:25:b8:bf:ff:86:83:d5:c5:57:ec:c4:c2:bc:
d7:1c:bc:21:4b:ca:f9:ea:f5:d6:23:1e:9e:07:37:1e:a3:ea:
46:aa:a7:7f:87:78:f4:9e:3b:0a:06:70:9e:e6:e1:4e:f6:2e:
a2:7a:53:5e:7f:27:78:c4:aa:fc:1f:30:c8:3b:8b:ab:9b:10:
8b:9c:43:ae:94:ad:3d:96:76:94:34:6f:13:c3:d5:58:18:72:
c2:91:10:14:2e:96:af:6c:93:b0:22:2e:03:3a:e3:43:c5:0a:
41:d2:e4:52:5f:3c:11:b4:04:cf:56:5c:d2:59:31:06:85:bc:
ee:49:3d:b3:34:8a:50:f7:91:2b:8d:28:2d:47:f6:a0:3d:ac:
15:2b:03:27:0e:1a:67:6f:d0:de:8a:db:28:7b:0b:7b:b7:08:
51:f5:26:6f:e6:38:fa:98:62:85:58:94:a7:88:27:48:73:9d:
b7:79:b7:bb:51:64:2c:27:40:7a:56:b7:b0:c1:ee:b1:df:c0:
95:54:3e:35:76:a3:70:45:5c:05:ac:a7:21:85:a2:0c:e1:40:
61:94:53:c7:77:4d:31:a4:b9:92:8b:ff:56:ec:86:f7:d4:72:
25:68:3c:f7:f4:8c:96:cd:eb:23:63:ca:99:f9:5e:d7:d0:ae:
cd:47:76:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ6ch6Y+ZWjBXkGBs+Wli4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGQ3ZDg2NTJhOTlmYzE3ZmZmMmQ3ZGVjYzQ5ZTU1NmFh
MGViODAwHhcNMjQxMDExMDcxOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmNhZDgxZmMzYWM4N2U0NGZmZmJkNGM2ZjA0OWYyMzM2Y2NmOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFpqyEznjaJ52Q8gLbgVUAK/GCuw
dizziSoWZkDVeLeAqw3Cy5B/O2f0y2UmsvkGCmYdMTxH+1Qn5oiSULqFviZ/B5p9
f88XBNGOaxp0++xn8Z2JvHDb0tFYHHRZMBxWA7yQM9UuKgWnVX9CmCm0xnOD4PTM
UnHNlFzZE5bLPwUU73I3TEmbiXEy899cCAD97OgQBoxB/M8JQYXh7saBA6ls17bk
QcJSgxd7IwcR6qrx7qOj754Wmrnx8eC4CpghFGKNKdKIsHM2kf4U8MzBcbWsbnvb
WgjrIjMv+ZBjT3W+qVpA6rqUpOqIY3YFbPOuDV35cq0tpoa8uSdnn4dBUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbK2B/DrIfkT/+9TG8EnyM2zPmWMB8GA1UdIwQY
MBaAFCBNfYZSqZ/Bf/8tfezEnlVqoOuAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUUxOWhsS3BuOEZfX3kxOTdNU2VWV3FnNjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYzA2OTQtMWUyMi00MzZkLTgyYzkt
MTdjZTYyMGU3NGYxLzEvMXNyWUg4T3NoLVJQXzcxTWJ3U2ZJemJNLVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYzA2OTQtMWUyMi00MzZkLTgyYzktMTdjZTYyMGU3NGYx
LzEvSUUxOWhsS3BuOEZfX3kxOTdNU2VWV3FnNjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/KqMA0G
CSqGSIb3DQEBCwUAA4IBAQBunCo1+yW4v/+Gg9XFV+zEwrzXHLwhS8r56vXWIx6e
Bzceo+pGqqd/h3j0njsKBnCe5uFO9i6ielNefyd4xKr8HzDIO4urmxCLnEOulK09
lnaUNG8Tw9VYGHLCkRAULpavbJOwIi4DOuNDxQpB0uRSXzwRtATPVlzSWTEGhbzu
ST2zNIpQ95ErjSgtR/agPawVKwMnDhpnb9Deitsoewt7twhR9SZv5jj6mGKFWJSn
iCdIc523ebe7UWQsJ0B6Vrewwe6x38CVVD41dqNwRVwFrKchhaIM4UBhlFPHd00x
pLmSi/9W7Ib31HIlaDz39IyWzesjY8qZ+V7X0K7NR3Zj
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:21 2025 by rpki-client