Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/MztRw1VgttFeLoCBv5C3tsFuz1E.roa
File: MztRw1VgttFeLoCBv5C3tsFuz1E.roa (raw, json)
Hash identifier: hy5DRa8SjKLsKaVUg4ZDd2wjVikDlHQl3jC9Z1Tk3pw=
Subject key identifier: 33:3B:51:C3:55:60:B6:D1:5E:2E:80:81:BF:90:B7:B6:C1:6E:CF:51
Certificate issuer: /CN=afa474a5ea601c809291ee79bae3918964d0871e
Certificate serial: 018CC2DB01983AE0313CA1B4DA5186EB93D6
Authority key identifier: AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/MztRw1VgttFeLoCBv5C3tsFuz1E.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39803
IP address blocks: 195.189.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:01:98:3a:e0:31:3c:a1:b4:da:51:86:eb:93:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa474a5ea601c809291ee79bae3918964d0871e
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=333b51c35560b6d15e2e8081bf90b7b6c16ecf51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f3:80:1a:4b:2e:0a:6c:a9:c6:af:17:fc:52:
0a:1f:24:67:46:28:f1:a5:a8:5a:00:7b:3c:ce:2b:
5a:80:43:bc:c2:c1:e3:9b:7d:97:f6:37:78:f8:ef:
8a:e8:27:31:85:d8:29:5a:14:04:bc:59:c8:88:b1:
0c:08:ae:9d:9a:47:5c:7b:6d:19:29:a7:4a:b3:0e:
d3:e7:f5:cb:8a:b2:a9:7e:96:61:2a:f7:c8:3e:a2:
73:06:4a:61:e6:d9:6f:9d:db:77:d6:cc:b7:f0:b8:
11:88:e7:87:5a:9f:af:24:97:d8:f8:2d:9e:00:51:
ff:46:a8:1c:5a:cc:70:a1:5b:7f:9d:54:bd:e7:d1:
e2:ab:67:ee:d7:55:99:29:94:a8:f0:82:9e:fc:a0:
10:95:dd:14:4b:19:e9:c5:06:38:1a:1a:2c:30:6c:
d6:1e:34:40:a2:5f:f1:9b:7a:37:5d:28:77:2a:1a:
32:a7:6a:fa:d9:22:aa:e1:04:db:3b:0a:2d:26:b2:
ff:e8:db:a7:fb:4d:05:84:d5:e3:bb:6f:b2:4f:a3:
57:2d:b8:b1:90:3f:b3:12:45:75:f3:76:37:d6:5d:
3a:d9:e0:c5:d5:a2:99:4c:65:6a:fb:f9:d0:3f:fc:
26:53:3f:06:32:09:b3:43:32:00:99:55:31:9b:24:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3B:51:C3:55:60:B6:D1:5E:2E:80:81:BF:90:B7:B6:C1:6E:CF:51
X509v3 Authority Key Identifier:
keyid:AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/MztRw1VgttFeLoCBv5C3tsFuz1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/r6R0pepgHICSke55uuORiWTQhx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.138.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:cb:f1:81:e3:80:d2:79:f3:1a:40:aa:3f:1e:5f:a4:93:88:
73:be:a4:b7:c1:3f:99:16:85:f1:98:23:1e:5a:66:f0:3d:d7:
88:1f:be:e7:6a:1c:a9:2c:97:64:67:b9:e7:10:95:fe:a5:d3:
69:b8:df:5d:bf:b3:2f:fb:96:9b:cd:6e:36:d6:9c:f7:2c:7c:
52:a1:d2:5c:c1:c4:c8:1f:5c:4e:92:7b:01:bf:86:a8:9c:0d:
d8:ee:4f:5f:b0:4e:b3:0a:54:73:45:f5:94:bd:a6:fb:19:b6:
68:66:33:26:a5:3f:0d:3e:eb:82:b2:7a:f1:89:ba:da:59:59:
7b:11:c8:bd:f2:af:f6:86:4e:fb:bd:61:20:39:5b:41:e4:12:
c2:fd:03:15:a8:b1:d7:98:20:bb:d5:82:4b:34:a3:a4:5e:cc:
b7:de:d5:b8:1e:60:bf:10:19:a7:ee:a2:72:51:b0:26:e9:01:
35:1e:46:9d:df:c8:96:b9:a2:59:45:52:f1:3a:b2:b4:f3:4f:
22:9c:98:92:2b:23:b7:73:b0:dd:2d:4b:d0:c4:9b:92:a4:28:
32:70:e1:45:f9:7c:fd:cb:44:0e:12:43:6f:e1:06:e7:b8:31:
cd:34:83:e5:e2:fa:72:77:62:76:a8:3a:55:36:d4:d4:74:30:
40:58:59:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wGYOuAxPKG02lGG65PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTQ3NGE1ZWE2MDFjODA5MjkxZWU3OWJhZTM5MTg5NjRk
MDg3MWUwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNiNTFjMzU1NjBiNmQxNWUyZTgwODFiZjkwYjdiNmMxNmVjZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/OAGksuCmypxq8X/FIKHyRnRijx
pahaAHs8zitagEO8wsHjm32X9jd4+O+K6CcxhdgpWhQEvFnIiLEMCK6dmkdce20Z
KadKsw7T5/XLirKpfpZhKvfIPqJzBkph5tlvndt31sy38LgRiOeHWp+vJJfY+C2e
AFH/RqgcWsxwoVt/nVS959Hiq2fu11WZKZSo8IKe/KAQld0USxnpxQY4GhosMGzW
HjRAol/xm3o3XSh3Khoyp2r62SKq4QTbOwotJrL/6Nun+00FhNXju2+yT6NXLbix
kD+zEkV183Y31l062eDF1aKZTGVq+/nQP/wmUz8GMgmzQzIAmVUxmyQpxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDM7UcNVYLbRXi6Agb+Qt7bBbs9RMB8GA1UdIwQY
MBaAFK+kdKXqYByAkpHuebrjkYlk0IceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDIt
MTkzY2M2MWJjZTYxLzEvTXp0UncxVmd0dEZlTG9DQnY1QzN0c0Z1ejFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDItMTkzY2M2MWJjZTYx
LzEvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw72KMA0G
CSqGSIb3DQEBCwUAA4IBAQCKy/GB44DSefMaQKo/Hl+kk4hzvqS3wT+ZFoXxmCMe
WmbwPdeIH77nahypLJdkZ7nnEJX+pdNpuN9dv7Mv+5abzW421pz3LHxSodJcwcTI
H1xOknsBv4aonA3Y7k9fsE6zClRzRfWUvab7GbZoZjMmpT8NPuuCsnrxibraWVl7
Eci98q/2hk77vWEgOVtB5BLC/QMVqLHXmCC71YJLNKOkXsy33tW4HmC/EBmn7qJy
UbAm6QE1Hkad38iWuaJZRVLxOrK0808inJiSKyO3c7DdLUvQxJuSpCgycOFF+Xz9
y0QOEkNv4QbnuDHNNIPl4vpyd2J2qDpVNtTUdDBAWFn7
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:36 2025 by rpki-client