Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/sAzkxFGP5o0utDnnxdUE3olRcuk.roa
File: sAzkxFGP5o0utDnnxdUE3olRcuk.roa (raw, json)
Hash identifier: mL0zB1B86bveIaFkdgJxHjlg9tjTO9NqggkCb3Jio4o=
Subject key identifier: B0:0C:E4:C4:51:8F:E6:8D:2E:B4:39:E7:C5:D5:04:DE:89:51:72:E9
Certificate issuer: /CN=868256ae34e54526c5b25aac2b9d5f5fa87d061e
Certificate serial: 018CC726DED54336ABD3856F5DBF5E5B5553
Authority key identifier: 86:82:56:AE:34:E5:45:26:C5:B2:5A:AC:2B:9D:5F:5F:A8:7D:06:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoJWrjTlRSbFslqsK51fX6h9Bh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/sAzkxFGP5o0utDnnxdUE3olRcuk.roa
Signing time: Mon 01 Jan 2024 22:31:02 +0000
ROA not before: Mon 01 Jan 2024 22:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39809
IP address blocks: 195.170.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:de:d5:43:36:ab:d3:85:6f:5d:bf:5e:5b:55:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=868256ae34e54526c5b25aac2b9d5f5fa87d061e
Validity
Not Before: Jan 1 22:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b00ce4c4518fe68d2eb439e7c5d504de895172e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1c:fb:74:34:17:7a:47:9a:36:69:09:57:56:
08:2c:00:e4:be:6c:8b:92:fc:63:d3:dc:14:8e:bd:
1e:8a:8b:f6:e1:cc:8a:3e:ba:52:da:34:c5:8b:a6:
71:5a:76:e7:e7:ac:bc:f4:6d:89:7d:79:d2:c1:10:
e1:79:31:82:a6:a0:ff:a5:1f:25:d4:23:5c:4d:6c:
32:3b:0e:43:f9:26:55:96:4b:12:08:34:ce:c3:2b:
ed:c4:1a:ef:e1:70:d4:2c:31:78:fb:16:43:ac:1f:
2f:a9:cb:eb:9c:0b:65:e3:99:72:4e:80:af:02:bf:
85:fa:fb:96:6c:e8:04:3e:7d:4b:5c:49:9d:ce:7a:
46:dc:1b:7d:53:1c:ef:ee:ad:17:94:69:68:bf:35:
de:0e:f0:62:c9:94:46:ea:4c:38:7e:58:ce:65:d6:
76:91:69:30:89:83:b9:ae:07:8c:e8:63:b0:3d:c4:
ca:6d:6b:a3:de:86:8c:4f:0f:e4:b9:2a:0c:db:9d:
90:52:92:ed:ea:79:01:8d:79:f2:91:c4:e1:2f:ab:
3f:e1:32:e7:eb:cc:e0:cc:ac:7c:6b:5b:87:89:75:
ba:db:67:7b:da:f8:f7:e8:d7:31:ff:c5:87:ad:0e:
c9:7f:2a:63:96:8c:cc:72:27:d1:ed:47:73:6a:21:
ea:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0C:E4:C4:51:8F:E6:8D:2E:B4:39:E7:C5:D5:04:DE:89:51:72:E9
X509v3 Authority Key Identifier:
keyid:86:82:56:AE:34:E5:45:26:C5:B2:5A:AC:2B:9D:5F:5F:A8:7D:06:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoJWrjTlRSbFslqsK51fX6h9Bh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/sAzkxFGP5o0utDnnxdUE3olRcuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7b296a-fd03-4afa-bcd2-cbf60700eb92/1/hoJWrjTlRSbFslqsK51fX6h9Bh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.161.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6c:ed:c6:a0:20:2c:2d:1c:4a:0f:a8:e2:90:88:63:e5:fa:
6d:91:20:c0:c9:d7:7a:9d:e8:bb:f4:2d:6d:ed:b6:0c:8b:93:
a5:2d:88:3e:e7:ba:f2:fb:5d:36:5b:43:fa:5f:2d:9e:b1:69:
66:f4:f9:1d:00:50:ff:0a:6f:62:6b:a3:de:24:d1:d2:68:bc:
13:b5:19:9e:b8:a1:11:8a:69:06:48:f2:7f:c7:7d:90:84:15:
f2:52:97:b5:a2:b8:11:76:9c:8a:ea:89:22:cf:1d:6d:c2:e9:
89:c8:0c:30:55:a0:32:af:e1:3c:0a:95:cf:8c:35:96:24:e6:
b4:e3:4b:ee:5c:4f:be:6e:96:b5:46:d9:2f:dc:f5:ce:ab:c0:
5d:6e:67:ca:37:92:ce:69:8e:d8:0a:60:c2:e4:2e:55:2e:9a:
71:42:d7:22:56:23:78:5a:9c:5e:ed:c1:ad:2f:3b:35:03:7d:
c4:85:e4:49:88:9c:e5:6b:b5:cf:ae:7f:41:df:8e:73:75:af:
6d:83:6e:bd:95:e1:3c:f4:d7:4e:33:2d:6e:50:25:3b:ec:20:
b5:5e:1a:04:7a:51:bd:d7:ff:dc:ca:34:d4:f1:9d:1c:9d:03:
8a:ce:a4:de:86:6e:03:a0:bc:3a:84:e3:a3:bd:b4:a2:4e:c9:
49:c1:6e:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJt7VQzar04VvXb9eW1VTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODI1NmFlMzRlNTQ1MjZjNWIyNWFhYzJiOWQ1ZjVmYTg3
ZDA2MWUwHhcNMjQwMTAxMjIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDBjZTRjNDUxOGZlNjhkMmViNDM5ZTdjNWQ1MDRkZTg5NTE3MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBz7dDQXekeaNmkJV1YILADkvmyL
kvxj09wUjr0eiov24cyKPrpS2jTFi6ZxWnbn56y89G2JfXnSwRDheTGCpqD/pR8l
1CNcTWwyOw5D+SZVlksSCDTOwyvtxBrv4XDULDF4+xZDrB8vqcvrnAtl45lyToCv
Ar+F+vuWbOgEPn1LXEmdznpG3Bt9Uxzv7q0XlGlovzXeDvBiyZRG6kw4fljOZdZ2
kWkwiYO5rgeM6GOwPcTKbWuj3oaMTw/kuSoM252QUpLt6nkBjXnykcThL6s/4TLn
68zgzKx8a1uHiXW622d72vj36Ncx/8WHrQ7JfypjlozMcifR7UdzaiHqPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAM5MRRj+aNLrQ558XVBN6JUXLpMB8GA1UdIwQY
MBaAFIaCVq405UUmxbJarCudX1+ofQYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9KV3JqVGxSU2JGc2xxc0s1MWZYNmg5Qmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YjI5NmEtZmQwMy00YWZhLWJjZDIt
Y2JmNjA3MDBlYjkyLzEvc0F6a3hGR1A1bzB1dERubnhkVUUzb2xSY3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YjI5NmEtZmQwMy00YWZhLWJjZDItY2JmNjA3MDBlYjky
LzEvaG9KV3JqVGxSU2JGc2xxc0s1MWZYNmg5Qmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qhMA0G
CSqGSIb3DQEBCwUAA4IBAQBhbO3GoCAsLRxKD6jikIhj5fptkSDAydd6nei79C1t
7bYMi5OlLYg+57ry+102W0P6Xy2esWlm9PkdAFD/Cm9ia6PeJNHSaLwTtRmeuKER
imkGSPJ/x32QhBXyUpe1orgRdpyK6okizx1twumJyAwwVaAyr+E8CpXPjDWWJOa0
40vuXE++bpa1Rtkv3PXOq8BdbmfKN5LOaY7YCmDC5C5VLppxQtciViN4Wpxe7cGt
Lzs1A33EheRJiJzla7XPrn9B345zda9tg269leE89NdOMy1uUCU77CC1XhoEelG9
1//cyjTU8Z0cnQOKzqTehm4DoLw6hOOjvbSiTslJwW6w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:49 2025 by rpki-client