Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/44xKMqfhGYehcNXCIRTaxwtLkN8.roa
File: 44xKMqfhGYehcNXCIRTaxwtLkN8.roa (raw, json)
Hash identifier: FtAhHLbgn7Zjf9O7/PxNSEUqgroUa65IlC0i8qJpkcs=
Subject key identifier: E3:8C:4A:32:A7:E1:19:87:A1:70:D5:C2:21:14:DA:C7:0B:4B:90:DF
Certificate issuer: /CN=856caf1f2f0291401105ef68b25957dc555510d2
Certificate serial: 01856D0A8A42E5D9F288DCAD6ECB3A511C22
Authority key identifier: 85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/44xKMqfhGYehcNXCIRTaxwtLkN8.roa
Signing time: Sun 01 Jan 2023 11:14:45 +0000
ROA not before: Sun 01 Jan 2023 11:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50074
IP address blocks: 195.211.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:8a:42:e5:d9:f2:88:dc:ad:6e:cb:3a:51:1c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856caf1f2f0291401105ef68b25957dc555510d2
Validity
Not Before: Jan 1 11:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e38c4a32a7e11987a170d5c22114dac70b4b90df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:95:1a:de:bb:65:48:ea:94:8a:d2:34:c8:
0a:c4:aa:20:02:f4:15:68:00:80:09:8d:1b:d8:1a:
6d:88:97:12:17:27:f8:ae:fe:78:dc:ce:c3:b1:69:
d6:d6:16:7e:0d:3a:4a:01:38:15:9e:b2:43:b6:d5:
b9:68:64:fa:c4:6a:95:cd:23:e7:0f:2f:63:f7:c2:
c1:06:ac:bd:d6:a1:e2:d2:c5:fc:8f:f6:92:5b:36:
4d:da:be:74:d0:69:cd:08:2b:0b:4b:5c:ea:a8:ed:
e0:74:be:9d:d4:7c:07:a7:7d:1a:8d:4f:dd:5e:61:
26:14:7b:2b:85:67:60:d3:b0:85:cb:bd:99:44:f1:
83:8a:a4:b3:55:19:a9:fc:8c:3d:ca:9c:6a:be:5e:
cd:e5:da:f4:d5:09:57:09:54:f4:7d:f8:f2:91:d4:
5a:96:cf:a7:18:87:ac:13:fc:f8:ea:72:6f:67:e8:
2e:29:02:ae:95:8b:ee:88:77:34:0c:40:2b:6d:2d:
f1:ea:7a:18:95:f6:15:a2:6b:bc:76:98:9b:bb:95:
92:27:d3:93:75:4e:68:af:c2:80:a5:f1:ea:8c:e6:
90:79:51:82:59:ba:13:da:06:a0:1a:c3:e3:31:d8:
ef:2a:fb:68:52:ff:c4:4b:ec:ad:82:31:33:8f:63:
67:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8C:4A:32:A7:E1:19:87:A1:70:D5:C2:21:14:DA:C7:0B:4B:90:DF
X509v3 Authority Key Identifier:
keyid:85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/44xKMqfhGYehcNXCIRTaxwtLkN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.208.0/22
Signature Algorithm: sha256WithRSAEncryption
24:47:3e:07:ee:d9:1e:04:17:59:60:f2:af:da:90:94:8c:4f:
41:d2:fe:bb:fc:05:2c:4b:64:84:f6:d7:86:f1:c2:31:a4:86:
59:d1:50:d8:77:e2:5e:f9:c3:b8:83:ae:f6:8d:63:ec:39:f4:
ef:0b:9f:3b:c8:1d:51:56:62:44:fc:5b:74:13:1c:d8:28:99:
6d:35:5c:28:60:56:1f:06:e8:ff:e9:e3:14:12:ae:52:a2:9b:
54:1d:7b:c3:6f:6b:d5:5a:05:05:0a:b8:b7:32:07:c4:47:23:
9c:39:f5:74:04:9b:3f:3b:24:67:67:06:f0:56:7a:08:5b:a4:
16:78:e0:4d:b2:45:35:b7:59:21:0d:87:9a:c9:74:27:5d:31:
5c:5d:ed:d0:bb:92:07:a1:71:ca:67:0c:52:3d:56:16:d1:0d:
5f:40:77:24:30:9e:f3:b8:23:86:30:2f:c7:02:3e:6b:c5:03:
b8:7f:97:e8:36:c9:80:93:b1:bd:02:6f:1e:72:89:ce:9a:5e:
8f:a3:e8:06:d5:bf:e6:91:82:ac:55:78:6a:3e:2e:ce:32:53:
8a:c8:37:c7:69:d6:e8:d3:3f:d7:d2:6f:e4:9e:c8:45:45:d3:
da:1f:d9:47:12:c9:b0:6a:96:17:72:1c:0d:6d:f0:10:be:6b:
f6:ef:bb:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCopC5dnyiNytbss6URwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmNhZjFmMmYwMjkxNDAxMTA1ZWY2OGIyNTk1N2RjNTU1
NTEwZDIwHhcNMjMwMTAxMTExNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzhjNGEzMmE3ZTExOTg3YTE3MGQ1YzIyMTE0ZGFjNzBiNGI5MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+6VGt67ZUjqlIrSNMgKxKogAvQV
aACACY0b2BptiJcSFyf4rv543M7DsWnW1hZ+DTpKATgVnrJDttW5aGT6xGqVzSPn
Dy9j98LBBqy91qHi0sX8j/aSWzZN2r500GnNCCsLS1zqqO3gdL6d1HwHp30ajU/d
XmEmFHsrhWdg07CFy72ZRPGDiqSzVRmp/Iw9ypxqvl7N5dr01QlXCVT0ffjykdRa
ls+nGIesE/z46nJvZ+guKQKulYvuiHc0DEArbS3x6noYlfYVomu8dpibu5WSJ9OT
dU5or8KApfHqjOaQeVGCWboT2gagGsPjMdjvKvtoUv/ES+ytgjEzj2NnswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOMSjKn4RmHoXDVwiEU2scLS5DfMB8GA1UdIwQY
MBaAFIVsrx8vApFAEQXvaLJZV9xVVRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTct
YjBkMGJjZDkwZmFlLzEvNDR4S01xZmhHWWVoY05YQ0lSVGF4d3RMa044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTctYjBkMGJjZDkwZmFl
LzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9PQMA0G
CSqGSIb3DQEBCwUAA4IBAQAkRz4H7tkeBBdZYPKv2pCUjE9B0v67/AUsS2SE9teG
8cIxpIZZ0VDYd+Je+cO4g672jWPsOfTvC587yB1RVmJE/Ft0ExzYKJltNVwoYFYf
Buj/6eMUEq5SoptUHXvDb2vVWgUFCri3MgfERyOcOfV0BJs/OyRnZwbwVnoIW6QW
eOBNskU1t1khDYeayXQnXTFcXe3Qu5IHoXHKZwxSPVYW0Q1fQHckMJ7zuCOGMC/H
Aj5rxQO4f5foNsmAk7G9Am8econOml6Po+gG1b/mkYKsVXhqPi7OMlOKyDfHadbo
0z/X0m/knshFRdPaH9lHEsmwapYXchwNbfAQvmv277vy
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:43 2024 by rpki-client on console-ams.rpki-client.org