Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/lI_CCFnP7l3Z3GQGDgECkXD826k.roa
File: lI_CCFnP7l3Z3GQGDgECkXD826k.roa (raw, json)
Hash identifier: jO3tGClHJSmk5hbVIUopgIRMb4HGIomc2yADt/mJ/uc=
Subject key identifier: 94:8F:C2:08:59:CF:EE:5D:D9:DC:64:06:0E:01:02:91:70:FC:DB:A9
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 01926BAED21A0A145EF3AFC19602AE6C9902
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/lI_CCFnP7l3Z3GQGDgECkXD826k.roa
Signing time: Tue 08 Oct 2024 10:31:12 +0000
ROA not before: Tue 08 Oct 2024 10:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25464
IP address blocks: 195.43.45.0/24 maxlen: 24
195.43.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 07:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:ae:d2:1a:0a:14:5e:f3:af:c1:96:02:ae:6c:99:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Oct 8 10:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=948fc20859cfee5dd9dc64060e01029170fcdba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:d4:25:d8:a6:c8:c8:24:64:4a:43:49:d3:
ae:b8:ce:22:b3:91:d8:16:7c:28:d0:af:76:17:72:
05:99:e8:a1:77:9d:3d:fb:77:26:1f:62:ac:00:f4:
39:d4:e8:84:9f:c5:95:92:2b:6e:25:d9:3c:e4:bc:
f4:2d:f0:67:d9:b2:61:a7:1e:b4:cc:4c:68:04:74:
33:b3:e7:4d:06:3e:23:f3:40:38:a6:57:0e:fc:f5:
bd:97:b6:63:4a:23:c0:96:fa:2f:09:9c:e5:81:d8:
6b:d2:65:a7:0f:4d:fb:b7:b9:00:32:12:b1:d8:f9:
15:79:42:23:81:99:df:47:19:44:7d:95:b0:02:03:
10:f8:b9:47:ec:05:16:7c:3a:9c:b6:cb:95:ef:96:
c7:e2:32:98:f2:38:ab:4a:38:f3:6b:a3:8d:cf:cb:
9a:f3:bd:03:f5:ae:7d:97:dc:a8:ae:21:d9:a1:ef:
e0:47:63:a8:9f:e7:ce:86:51:8c:73:0c:3d:95:8d:
1b:1d:35:47:76:91:13:35:be:0c:35:2f:f0:83:f5:
f8:19:eb:23:a7:b4:4a:36:66:14:99:5c:fb:3f:33:
b8:6b:df:c2:42:75:4c:5b:63:bb:c4:a1:9c:c1:55:
c5:ee:cb:1f:7a:f5:b9:c4:f1:36:e2:52:c0:05:87:
db:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8F:C2:08:59:CF:EE:5D:D9:DC:64:06:0E:01:02:91:70:FC:DB:A9
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/lI_CCFnP7l3Z3GQGDgECkXD826k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.45.0-195.43.46.255
Signature Algorithm: sha256WithRSAEncryption
46:ae:d7:1b:6b:67:b4:d3:17:3c:5a:54:8e:67:b1:c1:10:71:
b8:72:2d:fa:66:65:b5:75:7f:cf:a6:ed:e9:84:39:43:d2:d8:
7b:9f:77:86:31:18:e2:90:11:5e:bd:4c:ac:f1:29:32:76:14:
44:25:67:bc:41:57:82:67:c9:d5:b2:f5:37:f4:3a:52:de:c1:
a1:04:a2:bc:4f:43:16:c0:53:82:3b:8b:05:13:10:6e:4c:09:
35:fc:b5:15:d0:9f:ad:81:d9:6d:a0:d2:7f:b4:13:b7:b4:46:
7a:55:ed:1b:8d:6d:aa:1d:14:78:1a:4b:e8:c1:71:b5:f1:06:
f6:4f:2c:66:db:89:02:e4:fd:8c:13:17:4b:da:01:fc:77:50:
b5:80:39:20:e4:47:70:aa:c6:9a:92:63:72:80:05:57:ea:c7:
0a:6f:10:2a:f4:c4:36:1c:4f:fd:5c:fa:c0:7a:30:d8:b0:e2:
3e:c2:b5:10:87:45:e2:cb:2e:59:c3:86:db:51:dd:5c:3a:75:
1e:2c:44:9d:a4:3e:09:0b:69:73:ec:85:d2:9e:8f:81:6b:9a:
a0:ae:06:d7:f9:d0:65:2a:a7:2b:d8:d8:5b:41:7d:5e:14:a2:
26:d1:b5:c3:c9:a9:86:c9:f1:57:c2:54:9f:d2:b5:f1:f3:d1:
b6:1a:3f:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJrrtIaChRe86/BlgKubJkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjQxMDA4MTAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDhmYzIwODU5Y2ZlZTVkZDlkYzY0MDYwZTAxMDI5MTcwZmNkYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshLUJdimyMgkZEpDSdOuuM4is5HY
Fnwo0K92F3IFmeihd509+3cmH2KsAPQ51OiEn8WVkituJdk85Lz0LfBn2bJhpx60
zExoBHQzs+dNBj4j80A4plcO/PW9l7ZjSiPAlvovCZzlgdhr0mWnD037t7kAMhKx
2PkVeUIjgZnfRxlEfZWwAgMQ+LlH7AUWfDqctsuV75bH4jKY8jirSjjza6ONz8ua
870D9a59l9yoriHZoe/gR2Oon+fOhlGMcww9lY0bHTVHdpETNb4MNS/wg/X4Gesj
p7RKNmYUmVz7PzO4a9/CQnVMW2O7xKGcwVXF7ssfevW5xPE24lLABYfbRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJSPwghZz+5d2dxkBg4BApFw/NupMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvbElfQ0NGblA3bDNaM0dRR0RnRUNrWEQ4MjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADDKy0D
BADDKy4wDQYJKoZIhvcNAQELBQADggEBAEau1xtrZ7TTFzxaVI5nscEQcbhyLfpm
ZbV1f8+m7emEOUPS2Hufd4YxGOKQEV69TKzxKTJ2FEQlZ7xBV4JnydWy9Tf0OlLe
waEEorxPQxbAU4I7iwUTEG5MCTX8tRXQn62B2W2g0n+0E7e0RnpV7RuNbaodFHga
S+jBcbXxBvZPLGbbiQLk/YwTF0vaAfx3ULWAOSDkR3CqxpqSY3KABVfqxwpvECr0
xDYcT/1c+sB6MNiw4j7CtRCHReLLLlnDhttR3Vw6dR4sRJ2kPgkLaXPshdKej4Fr
mqCuBtf50GUqpyvY2FtBfV4UoibRtcPJqYbJ8VfCVJ/StfHz0bYaPxE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:09 2025 by rpki-client