Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/4855-4AWZlwAL9AZ4HkRW2kZn5Q.roa
File: 4855-4AWZlwAL9AZ4HkRW2kZn5Q.roa (raw, json)
Hash identifier: TaQFrLkJ0EgrmdYTOrHytsbmXf1ysU1EBV2fAewT5kU=
Subject key identifier: E3:CE:79:FB:80:16:66:5C:00:2F:D0:19:E0:79:11:5B:69:19:9F:94
Certificate issuer: /CN=807709e7b0efba127025c83e5d3194c71ba428c3
Certificate serial: 018570304CFAF976CA75D547F1E827C2C947
Authority key identifier: 80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/4855-4AWZlwAL9AZ4HkRW2kZn5Q.roa
Signing time: Mon 02 Jan 2023 01:54:51 +0000
ROA not before: Mon 02 Jan 2023 01:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 195.238.242.0/23 maxlen: 24
195.238.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:4c:fa:f9:76:ca:75:d5:47:f1:e8:27:c2:c9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=807709e7b0efba127025c83e5d3194c71ba428c3
Validity
Not Before: Jan 2 01:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3ce79fb8016665c002fd019e079115b69199f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:d4:20:85:36:82:bd:3d:df:b8:23:5c:c2:
9a:a6:05:14:14:6e:b4:84:5b:94:2f:a9:cf:04:44:
37:58:74:68:07:29:24:cc:4e:e1:49:6a:21:16:5a:
c7:55:d1:df:b3:3a:7b:c0:1d:9d:d0:80:61:b7:fe:
cd:c6:17:6c:d4:73:19:95:1d:8b:35:99:1d:72:41:
74:48:e6:6f:b5:cb:6b:8a:8e:9e:0b:60:ce:77:7b:
06:40:28:2c:b0:b2:84:ee:ca:35:3c:4b:18:e9:17:
90:54:5c:c3:42:47:0c:19:43:27:1b:30:8f:7c:0f:
fa:4a:97:34:2c:61:06:25:40:5f:06:49:82:76:8a:
fc:e8:b7:41:0c:d0:26:60:d2:b3:3c:8b:b1:6c:94:
9f:79:b6:0a:ff:b8:ab:07:57:62:72:f2:77:14:01:
20:f6:8c:b4:61:40:a0:54:22:04:ef:98:c4:a9:56:
c1:b3:03:18:33:33:b1:20:e0:71:a0:82:bb:ad:aa:
bd:cb:f0:ec:b9:32:15:00:89:a6:0b:f3:43:bb:81:
f4:d9:15:32:76:b0:a1:4b:76:74:c8:71:9a:f8:29:
1b:25:cd:29:84:50:1e:1a:19:95:b8:e7:7d:cc:e4:
ca:cf:5f:4f:a1:5b:b4:61:ff:dc:de:98:93:07:fe:
6d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CE:79:FB:80:16:66:5C:00:2F:D0:19:E0:79:11:5B:69:19:9F:94
X509v3 Authority Key Identifier:
keyid:80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/4855-4AWZlwAL9AZ4HkRW2kZn5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.95.0/24
195.238.242.0/23
Signature Algorithm: sha256WithRSAEncryption
62:c4:bd:28:49:64:c8:e3:3e:21:3d:c2:a6:69:4d:48:02:c7:
da:63:f1:5a:09:94:81:ab:1c:01:d8:2f:89:e1:c4:6f:fc:5b:
4a:70:c1:e7:9a:bd:aa:d6:7a:65:72:5c:74:dd:1f:18:d2:a7:
ab:c7:ca:21:57:79:6a:70:06:4d:e5:fe:6d:69:90:17:6d:0a:
95:8f:5d:4d:e9:be:3d:8c:23:c1:fc:5b:8f:66:ac:4b:0c:3e:
67:2e:5a:f8:58:c0:5c:2d:3b:d3:4c:36:73:68:0e:eb:f7:66:
d5:66:10:31:53:c8:73:78:5e:82:65:22:54:02:1f:93:88:09:
26:0a:ba:b2:4d:39:ee:a6:d1:a5:cf:67:7a:52:3a:9d:1f:f5:
17:13:b7:c4:83:2a:ae:d0:6d:a6:33:13:ac:0a:cf:bd:5c:07:
47:50:44:42:c9:d5:6d:e6:2e:04:0b:02:95:52:62:12:7e:8b:
8f:73:71:5f:57:a9:0c:99:a7:bc:47:ae:35:15:be:2b:3a:09:
c0:ac:dd:2c:c0:32:3c:43:d3:e1:72:2c:09:68:29:15:e1:41:
3b:f7:11:ea:9a:33:ee:0c:d7:7c:bf:50:67:13:c9:38:a8:99:
98:a2:01:54:b5:8f:6a:ee:e9:ba:e8:2b:61:c1:d9:db:c0:77:
bd:7a:57:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwMEz6+XbKddVH8egnwslHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzcwOWU3YjBlZmJhMTI3MDI1YzgzZTVkMzE5NGM3MWJh
NDI4YzMwHhcNMjMwMTAyMDE1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NlNzlmYjgwMTY2NjVjMDAyZmQwMTllMDc5MTE1YjY5MTk5Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxTUIIU2gr0937gjXMKapgUUFG60
hFuUL6nPBEQ3WHRoBykkzE7hSWohFlrHVdHfszp7wB2d0IBht/7Nxhds1HMZlR2L
NZkdckF0SOZvtctrio6eC2DOd3sGQCgssLKE7so1PEsY6ReQVFzDQkcMGUMnGzCP
fA/6Spc0LGEGJUBfBkmCdor86LdBDNAmYNKzPIuxbJSfebYK/7irB1dicvJ3FAEg
9oy0YUCgVCIE75jEqVbBswMYMzOxIOBxoIK7raq9y/DsuTIVAImmC/NDu4H02RUy
drChS3Z0yHGa+CkbJc0phFAeGhmVuOd9zOTKz19PoVu0Yf/c3piTB/5tSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOPOefuAFmZcAC/QGeB5EVtpGZ+UMB8GA1UdIwQY
MBaAFIB3Ceew77oScCXIPl0xlMcbpCjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgt
YmU5YWQyYmY3MjVmLzEvNDg1NS00QVdabHdBTDlBWjRIa1JXMmtabjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgtYmU5YWQyYmY3MjVm
LzEvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+5fAwQB
w+7yMA0GCSqGSIb3DQEBCwUAA4IBAQBixL0oSWTI4z4hPcKmaU1IAsfaY/FaCZSB
qxwB2C+J4cRv/FtKcMHnmr2q1nplclx03R8Y0qerx8ohV3lqcAZN5f5taZAXbQqV
j11N6b49jCPB/FuPZqxLDD5nLlr4WMBcLTvTTDZzaA7r92bVZhAxU8hzeF6CZSJU
Ah+TiAkmCrqyTTnuptGlz2d6UjqdH/UXE7fEgyqu0G2mMxOsCs+9XAdHUERCydVt
5i4ECwKVUmISfouPc3FfV6kMmae8R641Fb4rOgnArN0swDI8Q9PhciwJaCkV4UE7
9xHqmjPuDNd8v1BnE8k4qJmYogFUtY9q7um66CthwdnbwHe9elf/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:49 2024 by rpki-client on console-fra.rpki-client.org