Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2f4c80-6ec0-480a-a809-1ef920875e37/1/2eoTd1zFnFh9ySYUkOZMVkcWavI.roa
File: 2eoTd1zFnFh9ySYUkOZMVkcWavI.roa (raw, json)
Hash identifier: 48ywTsmhE5ChFu3HoDKgrS3CBQ+fm76zOuUgwxYnZog=
Subject key identifier: D9:EA:13:77:5C:C5:9C:58:7D:C9:26:14:90:E6:4C:56:47:16:6A:F2
Certificate issuer: /CN=c075b143b2c78a039db25bb8ee18fe9254fc90f3
Certificate serial: 01856EA68251C5F410CB38FA886D403C2C78
Authority key identifier: C0:75:B1:43:B2:C7:8A:03:9D:B2:5B:B8:EE:18:FE:92:54:FC:90:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHWxQ7LHigOdslu47hj-klT8kPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2f4c80-6ec0-480a-a809-1ef920875e37/1/2eoTd1zFnFh9ySYUkOZMVkcWavI.roa
Signing time: Sun 01 Jan 2023 18:44:44 +0000
ROA not before: Sun 01 Jan 2023 18:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 195.64.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:82:51:c5:f4:10:cb:38:fa:88:6d:40:3c:2c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c075b143b2c78a039db25bb8ee18fe9254fc90f3
Validity
Not Before: Jan 1 18:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9ea13775cc59c587dc9261490e64c5647166af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:6e:6a:92:0d:1e:e5:89:2e:bb:4f:b5:ec:
fb:8a:a3:3b:e9:f6:2a:82:3b:eb:34:dc:14:cb:bf:
8b:b2:a8:e9:43:85:e3:4c:ff:b5:cf:3e:92:56:d9:
89:4e:63:99:17:1f:c0:36:83:5a:f0:99:d9:be:73:
e2:88:c6:5a:0c:d8:7c:68:c7:de:1e:65:a7:69:2f:
7d:04:c8:e4:fa:42:b2:01:23:f2:c4:8a:52:e3:53:
5c:d5:e6:03:11:7a:35:44:20:fc:c0:47:48:54:84:
05:96:47:b5:68:c1:92:2f:9b:52:0f:b9:d2:65:60:
a6:e1:ae:8b:a4:3f:a9:9b:11:09:e1:ef:40:68:e6:
be:ce:9c:81:a9:21:66:92:43:f7:01:c5:20:3c:cb:
f3:e8:e5:a5:d0:14:d1:29:da:66:61:dc:02:d0:b2:
be:c2:04:f4:2d:1f:64:61:0a:0e:a1:5c:e2:32:65:
3f:3f:2b:ed:cb:14:7d:d3:14:91:8d:de:3f:bb:64:
ca:f0:5d:fb:e4:4f:ec:0e:58:04:8b:ad:cc:c3:f0:
87:80:2c:74:cc:ea:e3:46:8b:93:a3:67:56:46:31:
2e:e1:bb:9a:b0:54:45:b5:9b:ae:09:17:49:bd:19:
89:d0:48:e4:ef:b2:9b:8d:69:30:0a:fa:74:13:b8:
da:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EA:13:77:5C:C5:9C:58:7D:C9:26:14:90:E6:4C:56:47:16:6A:F2
X509v3 Authority Key Identifier:
keyid:C0:75:B1:43:B2:C7:8A:03:9D:B2:5B:B8:EE:18:FE:92:54:FC:90:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHWxQ7LHigOdslu47hj-klT8kPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2f4c80-6ec0-480a-a809-1ef920875e37/1/2eoTd1zFnFh9ySYUkOZMVkcWavI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2f4c80-6ec0-480a-a809-1ef920875e37/1/wHWxQ7LHigOdslu47hj-klT8kPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.96.0/24
Signature Algorithm: sha256WithRSAEncryption
46:93:9e:c6:c4:ef:ff:1f:e0:ab:22:77:4e:98:7d:91:38:d9:
ec:69:47:0b:79:43:48:36:80:a2:08:88:2f:30:f3:da:33:76:
a3:ff:7a:59:42:68:01:95:0c:f0:76:1d:83:69:0d:44:26:06:
9a:ae:fc:21:08:66:4c:e2:78:17:ae:9f:22:eb:b0:22:93:61:
8e:22:08:fd:27:02:e1:e9:8c:26:54:37:4b:88:3f:f0:6d:5e:
b1:4f:91:d9:f6:a7:61:22:2e:e1:e7:53:f1:48:36:30:15:00:
3f:7b:d7:27:1b:fd:a5:7e:80:f0:93:be:c6:c5:c2:51:aa:d2:
bd:73:de:5a:50:be:59:99:87:34:8e:fd:1b:cf:14:da:5a:50:
66:71:c3:d8:61:7a:1d:1f:4a:ae:46:b7:8c:63:91:43:b7:6a:
de:a3:ec:e3:18:b3:13:9e:06:d9:bd:c9:fa:ae:6b:6f:81:1b:
4f:6d:dd:78:07:f9:4e:45:ed:5f:f5:e8:26:e2:9a:cb:fb:9b:
f8:7d:cb:6c:59:3c:25:25:02:b0:e3:d3:0e:45:d3:41:58:90:
ee:3c:fc:1e:24:6b:d0:7f:c7:e1:77:f7:05:4e:77:11:2f:64:
24:a6:3b:16:38:50:7b:73:bc:e1:9f:ca:7b:ca:7f:80:94:11:
32:fa:52:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupoJRxfQQyzj6iG1APCx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzViMTQzYjJjNzhhMDM5ZGIyNWJiOGVlMThmZTkyNTRm
YzkwZjMwHhcNMjMwMTAxMTg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWVhMTM3NzVjYzU5YzU4N2RjOTI2MTQ5MGU2NGM1NjQ3MTY2YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx5uapINHuWJLrtPtez7iqM76fYq
gjvrNNwUy7+LsqjpQ4XjTP+1zz6SVtmJTmOZFx/ANoNa8JnZvnPiiMZaDNh8aMfe
HmWnaS99BMjk+kKyASPyxIpS41Nc1eYDEXo1RCD8wEdIVIQFlke1aMGSL5tSD7nS
ZWCm4a6LpD+pmxEJ4e9AaOa+zpyBqSFmkkP3AcUgPMvz6OWl0BTRKdpmYdwC0LK+
wgT0LR9kYQoOoVziMmU/PyvtyxR90xSRjd4/u2TK8F375E/sDlgEi63Mw/CHgCx0
zOrjRouTo2dWRjEu4buasFRFtZuuCRdJvRmJ0Ejk77KbjWkwCvp0E7jaiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnqE3dcxZxYfckmFJDmTFZHFmryMB8GA1UdIwQY
MBaAFMB1sUOyx4oDnbJbuO4Y/pJU/JDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hXeFE3TEhpZ09kc2x1NDdoai1rbFQ4a1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yZjRjODAtNmVjMC00ODBhLWE4MDkt
MWVmOTIwODc1ZTM3LzEvMmVvVGQxekZuRmg5eVNZVWtPWk1Wa2NXYXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yZjRjODAtNmVjMC00ODBhLWE4MDktMWVmOTIwODc1ZTM3
LzEvd0hXeFE3TEhpZ09kc2x1NDdoai1rbFQ4a1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BgMA0G
CSqGSIb3DQEBCwUAA4IBAQBGk57GxO//H+CrIndOmH2RONnsaUcLeUNINoCiCIgv
MPPaM3aj/3pZQmgBlQzwdh2DaQ1EJgaarvwhCGZM4ngXrp8i67Aik2GOIgj9JwLh
6YwmVDdLiD/wbV6xT5HZ9qdhIi7h51PxSDYwFQA/e9cnG/2lfoDwk77GxcJRqtK9
c95aUL5ZmYc0jv0bzxTaWlBmccPYYXodH0quRreMY5FDt2reo+zjGLMTngbZvcn6
rmtvgRtPbd14B/lORe1f9egm4prL+5v4fctsWTwlJQKw49MORdNBWJDuPPweJGvQ
f8fhd/cFTncRL2QkpjsWOFB7c7zhn8p7yn+AlBEy+lIv
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:10 2024 by rpki-client on console-fra.rpki-client.org