Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2f91ed-a1fd-4bfe-8131-fd483de9e7e4/1/pFBrcJHjqOuBhEh4Vly6NCftXxQ.roa
File: pFBrcJHjqOuBhEh4Vly6NCftXxQ.roa (raw, json)
Hash identifier: 0ohUQa9L77odUyMHqWJ3RmO1hgnQ5VoWsLOVHzoP4o8=
Subject key identifier: A4:50:6B:70:91:E3:A8:EB:81:84:48:78:56:5C:BA:34:27:ED:5F:14
Certificate issuer: /CN=232b798ff76e8d5cec5ba47f7be7832983db3335
Certificate serial: 019249A1BAB9E5569A4D75E87C6C91C7BCEB
Authority key identifier: 23:2B:79:8F:F7:6E:8D:5C:EC:5B:A4:7F:7B:E7:83:29:83:DB:33:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyt5j_dujVzsW6R_e-eDKYPbMzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/2f91ed-a1fd-4bfe-8131-fd483de9e7e4/1/pFBrcJHjqOuBhEh4Vly6NCftXxQ.roa
Signing time: Tue 01 Oct 2024 19:49:48 +0000
ROA not before: Tue 01 Oct 2024 19:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44381
IP address blocks: 195.191.30.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:a1:ba:b9:e5:56:9a:4d:75:e8:7c:6c:91:c7:bc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232b798ff76e8d5cec5ba47f7be7832983db3335
Validity
Not Before: Oct 1 19:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4506b7091e3a8eb81844878565cba3427ed5f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3e:c9:3a:de:07:42:22:11:ad:51:56:c5:42:
f9:4e:d9:44:44:20:71:c4:bc:94:fb:10:eb:3c:dd:
22:9a:fb:ab:4f:cc:96:d2:07:77:b6:f7:e1:9c:33:
39:f4:f8:61:95:d0:de:06:e2:17:14:4c:c4:48:6c:
c8:2c:26:96:1d:d6:43:76:f7:24:78:91:9e:02:f1:
45:3c:35:11:e0:1d:e4:9d:1c:50:43:d7:89:3d:b7:
8a:15:4a:be:1a:fe:4c:1e:2f:19:4f:9c:a3:bd:08:
a1:8e:e0:ce:79:d6:1a:46:74:a0:5d:bd:99:74:44:
b5:2c:7b:45:d1:e9:a4:85:a2:4f:22:dc:cb:f5:17:
a0:9b:35:60:61:01:ea:2d:56:90:0f:dc:92:cd:11:
85:b3:9c:e0:07:e9:ce:43:6a:07:a9:c5:b0:7e:f0:
a6:4b:be:1e:bd:fa:9a:ca:d2:98:03:0b:fe:91:3a:
05:24:8d:24:2f:de:c8:2c:64:67:87:dc:ad:e0:61:
49:28:f1:ad:08:00:da:b6:cd:8a:66:59:23:ea:d8:
86:6c:fe:c2:7f:36:5f:0f:ec:03:0e:9b:56:df:77:
c7:fd:d8:4f:b9:15:f4:31:fb:7d:a8:25:5f:25:7c:
84:00:eb:31:24:8e:8e:fb:59:57:2e:f5:28:f8:d3:
7d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:50:6B:70:91:E3:A8:EB:81:84:48:78:56:5C:BA:34:27:ED:5F:14
X509v3 Authority Key Identifier:
keyid:23:2B:79:8F:F7:6E:8D:5C:EC:5B:A4:7F:7B:E7:83:29:83:DB:33:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyt5j_dujVzsW6R_e-eDKYPbMzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2f91ed-a1fd-4bfe-8131-fd483de9e7e4/1/pFBrcJHjqOuBhEh4Vly6NCftXxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2f91ed-a1fd-4bfe-8131-fd483de9e7e4/1/Iyt5j_dujVzsW6R_e-eDKYPbMzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.30.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:68:3f:cf:c6:75:04:c9:22:04:30:97:1a:c8:9f:5a:9f:08:
cd:38:e3:7b:fc:52:66:69:4a:18:20:49:4c:e2:4a:e3:57:67:
37:74:29:be:ac:22:57:69:c0:4c:7b:9e:58:fe:5a:86:4c:fe:
0b:48:93:4b:ac:b7:f8:3a:a0:34:80:a8:a2:76:fd:c3:70:5b:
60:bf:8b:ac:56:0f:1e:26:45:18:2c:e1:92:5c:ac:8e:18:7b:
8a:a8:0b:dd:b6:30:c9:77:de:ae:23:65:4e:08:be:14:d0:3d:
75:98:e4:02:7e:8e:ba:08:34:00:93:3f:10:d2:1d:39:8a:47:
a5:dc:40:31:77:a0:8f:99:58:60:e6:81:60:ca:57:69:1f:7b:
02:a5:84:76:0f:7c:6d:e6:f1:9d:18:76:85:41:fa:e9:64:f1:
81:ca:03:81:00:74:b7:cc:22:2c:55:9b:c3:b9:9d:99:ea:8b:
70:f8:50:98:48:39:85:2b:01:5e:28:af:2e:17:eb:15:5d:ba:
d0:ed:cd:ff:dd:de:18:39:c1:37:60:d0:47:70:18:28:43:ae:
7d:e9:3f:c3:02:13:e9:5f:d0:91:0f:05:55:a1:23:86:74:b7:
a5:27:40:da:04:da:18:b1:2b:5c:fa:53:32:69:74:c5:a2:59:
b4:a6:4c:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJJobq55VaaTXXofGyRx7zrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmI3OThmZjc2ZThkNWNlYzViYTQ3ZjdiZTc4MzI5ODNk
YjMzMzUwHhcNMjQxMDAxMTk0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUwNmI3MDkxZTNhOGViODE4NDQ4Nzg1NjVjYmEzNDI3ZWQ1ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT7JOt4HQiIRrVFWxUL5TtlERCBx
xLyU+xDrPN0imvurT8yW0gd3tvfhnDM59PhhldDeBuIXFEzESGzILCaWHdZDdvck
eJGeAvFFPDUR4B3knRxQQ9eJPbeKFUq+Gv5MHi8ZT5yjvQihjuDOedYaRnSgXb2Z
dES1LHtF0emkhaJPItzL9RegmzVgYQHqLVaQD9ySzRGFs5zgB+nOQ2oHqcWwfvCm
S74evfqaytKYAwv+kToFJI0kL97ILGRnh9yt4GFJKPGtCADats2KZlkj6tiGbP7C
fzZfD+wDDptW33fH/dhPuRX0Mft9qCVfJXyEAOsxJI6O+1lXLvUo+NN9+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRQa3CR46jrgYRIeFZcujQn7V8UMB8GA1UdIwQY
MBaAFCMreY/3bo1c7Fukf3vngymD2zM1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXl0NWpfZHVqVnpzVzZSX2UtZURLWVBiTXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yZjkxZWQtYTFmZC00YmZlLTgxMzEt
ZmQ0ODNkZTllN2U0LzEvcEZCcmNKSGpxT3VCaEVoNFZseTZOQ2Z0WHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yZjkxZWQtYTFmZC00YmZlLTgxMzEtZmQ0ODNkZTllN2U0
LzEvSXl0NWpfZHVqVnpzVzZSX2UtZURLWVBiTXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw78eMA0G
CSqGSIb3DQEBCwUAA4IBAQB9aD/PxnUEySIEMJcayJ9anwjNOON7/FJmaUoYIElM
4krjV2c3dCm+rCJXacBMe55Y/lqGTP4LSJNLrLf4OqA0gKiidv3DcFtgv4usVg8e
JkUYLOGSXKyOGHuKqAvdtjDJd96uI2VOCL4U0D11mOQCfo66CDQAkz8Q0h05ikel
3EAxd6CPmVhg5oFgyldpH3sCpYR2D3xt5vGdGHaFQfrpZPGBygOBAHS3zCIsVZvD
uZ2Z6otw+FCYSDmFKwFeKK8uF+sVXbrQ7c3/3d4YOcE3YNBHcBgoQ6596T/DAhPp
X9CRDwVVoSOGdLelJ0DaBNoYsStc+lMyaXTFolm0pkwL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:24 2025 by rpki-client