Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/GSoXwx3zOBbMwOX-8TZ9A7uojX4.roa
File: GSoXwx3zOBbMwOX-8TZ9A7uojX4.roa (raw, json)
Hash identifier: ebXqsHpMO7Fu6oy4Dus0ACEPJ4l5qI9fRZLfPc7xv0M=
Subject key identifier: 19:2A:17:C3:1D:F3:38:16:CC:C0:E5:FE:F1:36:7D:03:BB:A8:8D:7E
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 01926B97EFBA5F2A2B813BC14380CDAC2C87
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/GSoXwx3zOBbMwOX-8TZ9A7uojX4.roa
Signing time: Tue 08 Oct 2024 10:06:12 +0000
ROA not before: Tue 08 Oct 2024 10:06:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25464
IP address blocks: 195.43.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 10:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:97:ef:ba:5f:2a:2b:81:3b:c1:43:80:cd:ac:2c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Oct 8 10:06:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=192a17c31df33816ccc0e5fef1367d03bba88d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f0:16:92:70:62:0a:69:2f:f3:7a:e9:12:28:
18:66:2a:33:0c:e4:a2:4e:09:dc:5a:3a:97:cc:2a:
ed:8e:c1:a8:f5:a4:fc:c5:48:1b:32:25:d6:6a:af:
f8:80:8b:bd:41:c9:a8:27:e5:71:09:f1:af:1c:ed:
99:f3:97:59:6d:99:36:a4:4f:77:a7:99:9d:00:93:
1d:03:ff:2f:17:f9:74:bb:df:ee:53:41:94:7d:56:
0c:e5:77:11:57:e5:25:84:be:68:8b:fd:de:1c:0f:
1e:7e:01:3b:64:f1:39:c2:ca:db:f1:84:13:7b:95:
93:93:56:94:5a:73:ad:eb:d5:9f:73:a9:21:1b:8c:
21:19:bc:2c:83:30:01:d0:a4:5a:af:a5:97:49:c0:
88:d2:bb:23:0a:f7:46:d3:b1:0f:a1:f3:48:0c:9e:
c7:ac:ea:38:e2:6c:d2:2a:2a:47:8c:d2:43:67:36:
70:c8:3d:e6:2b:39:6e:da:89:82:ed:a0:9d:e5:77:
3a:07:98:ec:d4:8b:b9:b8:a1:ac:85:85:77:6f:9e:
6e:56:40:ac:04:61:85:e3:3b:d5:38:7c:fa:00:95:
69:e6:67:fd:a3:8f:49:db:91:cf:8e:47:03:36:a8:
03:73:4b:43:54:00:79:18:33:2a:26:e7:36:10:56:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2A:17:C3:1D:F3:38:16:CC:C0:E5:FE:F1:36:7D:03:BB:A8:8D:7E
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/GSoXwx3zOBbMwOX-8TZ9A7uojX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.45.0/24
Signature Algorithm: sha256WithRSAEncryption
82:b3:3b:c8:d7:7c:c6:75:71:ad:f2:b4:74:11:6d:6a:64:c1:
4b:45:14:70:3a:47:b1:98:f0:11:19:fc:f8:e3:a1:bd:3a:fd:
4b:09:fd:ce:67:75:24:d8:9d:c7:11:8c:d1:ca:59:e5:02:de:
ae:82:9b:d2:ab:72:e2:78:3d:5e:af:bc:89:f0:4a:61:79:ec:
eb:57:95:1d:53:51:23:ce:b3:11:7b:e3:2e:43:21:ba:dd:3a:
2e:91:92:3d:36:ab:60:a5:ec:ad:55:db:56:b5:0b:18:08:a8:
55:8a:1c:53:29:87:c1:a9:22:24:15:27:6f:ee:50:b6:fa:99:
b2:5f:fe:1c:44:51:a2:a2:f3:52:79:3e:ae:61:5e:c2:77:85:
b4:58:18:6b:7a:49:a1:9b:6d:6a:e0:23:7a:c5:4e:2b:d8:72:
0c:23:44:22:73:42:3f:87:75:d4:93:9b:b0:94:93:61:5a:b8:
d6:25:29:83:7c:52:b4:d2:eb:3c:b5:64:6f:21:4d:53:9a:0a:
8c:cf:8d:31:1a:81:63:0b:23:70:83:4a:64:19:db:27:75:7c:
81:11:1f:7a:fd:91:96:4a:d0:49:a8:c6:95:c7:19:f0:19:e6:
b4:80:80:46:10:15:e3:36:c8:22:a9:0a:4e:5b:c0:bd:ec:71:
fd:18:a1:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJrl++6XyorgTvBQ4DNrCyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjQxMDA4MTAwNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJhMTdjMzFkZjMzODE2Y2NjMGU1ZmVmMTM2N2QwM2JiYTg4ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vAWknBiCmkv83rpEigYZiozDOSi
TgncWjqXzCrtjsGo9aT8xUgbMiXWaq/4gIu9QcmoJ+VxCfGvHO2Z85dZbZk2pE93
p5mdAJMdA/8vF/l0u9/uU0GUfVYM5XcRV+UlhL5oi/3eHA8efgE7ZPE5wsrb8YQT
e5WTk1aUWnOt69Wfc6khG4whGbwsgzAB0KRar6WXScCI0rsjCvdG07EPofNIDJ7H
rOo44mzSKipHjNJDZzZwyD3mKzlu2omC7aCd5Xc6B5js1Iu5uKGshYV3b55uVkCs
BGGF4zvVOHz6AJVp5mf9o49J25HPjkcDNqgDc0tDVAB5GDMqJuc2EFalJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkqF8Md8zgWzMDl/vE2fQO7qI1+MB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvR1NvWHd4M3pPQmJNd09YLThUWjlBN3Vvalg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwystMA0G
CSqGSIb3DQEBCwUAA4IBAQCCszvI13zGdXGt8rR0EW1qZMFLRRRwOkexmPARGfz4
46G9Ov1LCf3OZ3Uk2J3HEYzRylnlAt6ugpvSq3LieD1er7yJ8EpheezrV5UdU1Ej
zrMRe+MuQyG63ToukZI9NqtgpeytVdtWtQsYCKhVihxTKYfBqSIkFSdv7lC2+pmy
X/4cRFGiovNSeT6uYV7Cd4W0WBhrekmhm21q4CN6xU4r2HIMI0Qic0I/h3XUk5uw
lJNhWrjWJSmDfFK00us8tWRvIU1TmgqMz40xGoFjCyNwg0pkGdsndXyBER96/ZGW
StBJqMaVxxnwGea0gIBGEBXjNsgiqQpOW8C97HH9GKG3
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:15:48 2025 by rpki-client