Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/caSUug4VEZVxoaXg_uAymqPd-hs.roa
File: caSUug4VEZVxoaXg_uAymqPd-hs.roa (raw, json)
Hash identifier: Fj19CPmTKbarZ1s79kujObyvyIdyKGvs3k9csWB7Dek=
Subject key identifier: 71:A4:94:BA:0E:15:11:95:71:A1:A5:E0:FE:E0:32:9A:A3:DD:FA:1B
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018572B43E59FA36EBD271D15B837C617830
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/caSUug4VEZVxoaXg_uAymqPd-hs.roa
Signing time: Mon 02 Jan 2023 13:38:13 +0000
ROA not before: Mon 02 Jan 2023 13:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210213
IP address blocks: 195.244.146.0/24 maxlen: 24
195.244.152.0/24 maxlen: 24
195.244.153.0/24 maxlen: 24
195.244.156.0/24 maxlen: 24
2a00:1780:dc00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3e:59:fa:36:eb:d2:71:d1:5b:83:7c:61:78:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 2 13:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a494ba0e15119571a1a5e0fee0329aa3ddfa1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:37:b9:ed:45:f4:15:0c:87:1b:04:98:7b:ab:
ac:ae:24:ba:65:2f:1d:73:19:11:3e:06:3c:39:8b:
c4:7c:a0:81:cd:40:24:17:1d:7d:b0:a0:14:14:a1:
52:42:5c:e7:f9:68:ae:24:3b:a1:b8:93:4d:ba:e2:
70:b5:18:b9:13:d0:27:35:6b:35:81:0d:f6:5d:01:
b8:78:30:a8:f4:d5:2d:89:aa:ee:18:0d:bb:1e:75:
75:22:85:d8:fe:2f:4a:08:2a:97:1b:36:e0:c6:cc:
b1:3e:e5:8a:59:40:54:da:7f:04:cb:9d:c8:8f:4e:
02:99:23:8c:cb:4b:8d:cf:8f:cd:57:02:33:f5:31:
95:ec:57:15:79:21:2e:aa:74:29:ac:ec:0e:7f:8e:
91:e8:bf:3d:21:7a:c1:6a:cb:9a:7d:6b:03:3a:02:
fa:dc:45:1d:76:f7:76:c6:cf:d2:e4:9c:e0:93:00:
ed:d8:e0:bf:14:26:60:1a:a4:b5:89:3d:5c:be:60:
95:fb:68:3e:49:14:3e:84:c4:b6:e1:f7:74:df:d1:
48:6f:4d:e3:cd:b0:5c:67:8f:8f:cc:07:26:60:1c:
fc:23:96:04:cf:17:5f:14:02:4a:47:f0:9e:72:f1:
32:e0:46:59:7a:47:cf:f2:5f:72:05:f8:c2:3f:75:
8d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A4:94:BA:0E:15:11:95:71:A1:A5:E0:FE:E0:32:9A:A3:DD:FA:1B
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/caSUug4VEZVxoaXg_uAymqPd-hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.146.0/24
195.244.152.0/23
195.244.156.0/24
IPv6:
2a00:1780:dc00::/40
Signature Algorithm: sha256WithRSAEncryption
62:cf:71:8e:9b:bc:5d:6d:90:2b:e3:0f:6a:c6:48:61:b2:0d:
33:f9:c6:c8:b5:7f:0b:ea:4f:93:73:21:dc:59:6d:35:37:de:
1a:47:00:ed:84:1e:f2:56:f0:76:11:be:d3:4a:c2:b1:a3:05:
7b:8f:2c:a9:12:8c:36:5e:f9:8f:48:2c:15:20:a9:28:f1:54:
4a:2a:d9:8a:d8:08:a2:c5:b7:1b:0d:d9:db:da:e7:cc:14:99:
4e:a3:09:7b:99:9c:d4:b3:9b:be:b7:98:09:2b:59:c3:9b:72:
30:37:22:6f:df:92:5b:53:ed:fb:81:00:18:6a:cc:ab:dd:65:
4c:b3:1b:32:10:98:1c:24:14:12:32:00:c6:e1:22:48:43:dd:
dd:44:7e:67:e7:ab:46:b7:e6:49:67:56:60:0a:4a:5f:a7:b9:
7a:ff:01:4a:7e:d3:b8:f1:19:27:7d:fc:f5:90:fa:93:5b:f3:
e7:f3:e4:7c:51:30:43:98:66:ef:55:a4:5c:d4:c6:cc:2a:25:
ba:f6:ea:8a:24:38:80:14:50:bd:a5:91:21:48:19:14:7b:0c:
b0:18:10:a2:0c:c0:69:3e:25:e3:35:5d:16:76:0a:83:aa:f1:
68:1c:a8:87:60:4d:f7:36:60:d5:60:5f:84:36:a6:8e:97:2e:
e1:ec:08:df
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVytD5Z+jbr0nHRW4N8YXgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjMwMTAyMTMzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE0OTRiYTBlMTUxMTk1NzFhMWE1ZTBmZWUwMzI5YWEzZGRmYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjze57UX0FQyHGwSYe6usriS6ZS8d
cxkRPgY8OYvEfKCBzUAkFx19sKAUFKFSQlzn+WiuJDuhuJNNuuJwtRi5E9AnNWs1
gQ32XQG4eDCo9NUtiaruGA27HnV1IoXY/i9KCCqXGzbgxsyxPuWKWUBU2n8Ey53I
j04CmSOMy0uNz4/NVwIz9TGV7FcVeSEuqnQprOwOf46R6L89IXrBasuafWsDOgL6
3EUddvd2xs/S5JzgkwDt2OC/FCZgGqS1iT1cvmCV+2g+SRQ+hMS24fd039FIb03j
zbBcZ4+PzAcmYBz8I5YEzxdfFAJKR/CecvEy4EZZekfP8l9yBfjCP3WNcQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHGklLoOFRGVcaGl4P7gMpqj3fobMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvY2FTVXVnNFZFWlZ4b2FYZ191QXltcVBkLWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAw/SSAwQB
w/SYAwQAw/ScMA4EAgACMAgDBgAqABeA3DANBgkqhkiG9w0BAQsFAAOCAQEAYs9x
jpu8XW2QK+MPasZIYbINM/nGyLV/C+pPk3Mh3FltNTfeGkcA7YQe8lbwdhG+00rC
saMFe48sqRKMNl75j0gsFSCpKPFUSirZitgIosW3Gw3Z29rnzBSZTqMJe5mc1LOb
vreYCStZw5tyMDcib9+SW1Pt+4EAGGrMq91lTLMbMhCYHCQUEjIAxuEiSEPd3UR+
Z+erRrfmSWdWYApKX6e5ev8BSn7TuPEZJ3389ZD6k1vz5/PkfFEwQ5hm71WkXNTG
zColuvbqiiQ4gBRQvaWRIUgZFHsMsBgQogzAaT4l4zVdFnYKg6rxaByoh2BN9zZg
1WBfhDamjpcu4ewI3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org