Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/M30qdzRsMP2YPqrzHGCwtj-K1xM.roa
File: M30qdzRsMP2YPqrzHGCwtj-K1xM.roa (raw, json)
Hash identifier: E5xAz396/eCwarpPULGhjka6lDBDI15Uw0OvBDxZZ38=
Subject key identifier: 33:7D:2A:77:34:6C:30:FD:98:3E:AA:F3:1C:60:B0:B6:3F:8A:D7:13
Certificate issuer: /CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Certificate serial: 018A6535A05C2417D28945FA31F550EA1990
Authority key identifier: 60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/M30qdzRsMP2YPqrzHGCwtj-K1xM.roa
Signing time: Tue 05 Sep 2023 11:58:47 +0000
ROA not before: Tue 05 Sep 2023 11:58:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41085
IP address blocks: 195.189.102.0/24 maxlen: 24
195.189.102.0/23 maxlen: 23
195.189.100.0/23 maxlen: 24
195.189.100.0/22 maxlen: 22
195.189.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:35:a0:5c:24:17:d2:89:45:fa:31:f5:50:ea:19:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Validity
Not Before: Sep 5 11:58:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=337d2a77346c30fd983eaaf31c60b0b63f8ad713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:79:44:31:3a:4a:0a:e3:b9:32:91:8b:fc:ac:
7d:85:e6:d3:19:03:3b:ab:e9:4f:97:1b:64:80:96:
6f:07:dc:f8:2a:4e:67:42:c2:ab:c6:da:96:fc:9d:
db:62:6a:6c:51:18:c6:2f:2f:f4:c9:28:d6:fe:e7:
12:44:c8:ee:d9:60:93:c8:d5:bf:20:73:49:c9:6b:
8e:c7:54:c3:43:12:53:69:26:dc:15:b6:89:e8:92:
27:94:b9:a2:63:cb:01:89:bd:4d:60:31:dc:c9:2d:
56:f9:56:a1:f1:c0:1c:de:6d:f3:da:97:13:c3:fd:
37:3b:5d:c8:47:ea:ea:3a:4d:d3:cc:66:9e:44:cf:
f4:74:1d:f2:f0:24:cb:c1:07:90:1f:78:a9:22:56:
d4:d0:e0:51:95:3d:fa:2b:07:1e:c1:18:22:7c:c4:
54:3c:45:2d:7d:d7:ad:dc:e9:c4:ef:bb:a3:28:4d:
0c:bf:7f:80:41:35:e2:98:ff:80:ec:78:4a:2d:4c:
11:c9:0c:b1:7c:05:c5:6b:5a:a8:03:e6:fa:c5:ad:
61:17:3a:f7:e0:8a:ee:0c:2a:cd:3b:0c:0d:11:c2:
29:c5:85:6f:24:cc:0e:5b:45:f0:3b:f3:0f:cd:dc:
f0:2a:98:87:60:f0:f5:bf:72:6e:db:0b:20:f6:18:
c1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7D:2A:77:34:6C:30:FD:98:3E:AA:F3:1C:60:B0:B6:3F:8A:D7:13
X509v3 Authority Key Identifier:
keyid:60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/M30qdzRsMP2YPqrzHGCwtj-K1xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/YNxaADaNiuH7qZVDHwOkExrdipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.100.0/22
Signature Algorithm: sha256WithRSAEncryption
54:70:31:45:59:ea:46:15:3d:67:15:79:fb:68:79:21:9d:ff:
27:9a:a2:8a:27:d3:d7:61:d6:e9:b4:3f:53:7e:53:34:99:38:
b9:1d:0a:ba:78:31:96:40:c6:bf:3c:d0:01:df:6f:d7:df:33:
99:cb:53:69:ca:f8:59:0f:b5:45:52:4b:44:bf:0d:86:a2:4c:
bd:b6:c7:cd:30:4d:3b:46:ff:a7:0d:e6:68:32:c7:89:b7:d7:
ac:9a:d8:d9:78:b5:18:d9:e6:ca:f4:ff:c9:8d:fd:ba:90:22:
5c:bb:aa:fa:3a:ab:f9:5e:20:83:f2:46:1b:2b:3d:d8:3b:6b:
7d:a8:65:ca:d9:34:32:f5:a4:89:f4:af:48:e3:2e:2e:a0:81:
17:5d:7d:92:0d:f9:d0:a3:e1:a7:61:f1:b3:32:76:69:41:dc:
6a:0b:be:45:56:d6:39:da:2d:59:9b:dc:d2:4b:a3:14:0d:09:
e6:8a:0e:04:60:84:1a:12:2e:80:f6:b9:5b:6d:18:9c:c9:27:
c0:7a:f3:23:ac:99:ac:0b:d5:c2:73:87:a5:7a:38:23:a2:0b:
40:aa:c2:bb:19:cf:22:c4:9c:2e:2c:6b:57:1a:93:30:59:2a:
f0:39:87:1a:0e:39:8e:7e:d0:e7:c9:b2:6c:3d:3f:56:e3:38:
dc:17:36:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYplNaBcJBfSiUX6MfVQ6hmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZGM1YTAwMzY4ZDhhZTFmYmE5OTU0MzFmMDNhNDEzMWFk
ZDhhOWEwHhcNMjMwOTA1MTE1ODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdkMmE3NzM0NmMzMGZkOTgzZWFhZjMxYzYwYjBiNjNmOGFkNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHlEMTpKCuO5MpGL/Kx9hebTGQM7
q+lPlxtkgJZvB9z4Kk5nQsKrxtqW/J3bYmpsURjGLy/0ySjW/ucSRMju2WCTyNW/
IHNJyWuOx1TDQxJTaSbcFbaJ6JInlLmiY8sBib1NYDHcyS1W+Vah8cAc3m3z2pcT
w/03O13IR+rqOk3TzGaeRM/0dB3y8CTLwQeQH3ipIlbU0OBRlT36KwcewRgifMRU
PEUtfdet3OnE77ujKE0Mv3+AQTXimP+A7HhKLUwRyQyxfAXFa1qoA+b6xa1hFzr3
4IruDCrNOwwNEcIpxYVvJMwOW0XwO/MPzdzwKpiHYPD1v3Ju2wsg9hjBxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDN9Knc0bDD9mD6q8xxgsLY/itcTMB8GA1UdIwQY
MBaAFGDcWgA2jYrh+6mVQx8DpBMa3YqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYt
ZWJiMzk4MmMyZWIwLzEvTTMwcWR6UnNNUDJZUHFyekhHQ3d0ai1LMXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYtZWJiMzk4MmMyZWIw
LzEvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw71kMA0G
CSqGSIb3DQEBCwUAA4IBAQBUcDFFWepGFT1nFXn7aHkhnf8nmqKKJ9PXYdbptD9T
flM0mTi5HQq6eDGWQMa/PNAB32/X3zOZy1NpyvhZD7VFUktEvw2Goky9tsfNME07
Rv+nDeZoMseJt9esmtjZeLUY2ebK9P/Jjf26kCJcu6r6Oqv5XiCD8kYbKz3YO2t9
qGXK2TQy9aSJ9K9I4y4uoIEXXX2SDfnQo+GnYfGzMnZpQdxqC75FVtY52i1Zm9zS
S6MUDQnmig4EYIQaEi6A9rlbbRicySfAevMjrJmsC9XCc4elejgjogtAqsK7Gc8i
xJwuLGtXGpMwWSrwOYcaDjmOftDnybJsPT9W4zjcFzbb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:34 2024 by rpki-client on console-ams.rpki-client.org