Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0GhUqmNF50rAzUUDWyQ-WtTJ7s0.roa
File: 0GhUqmNF50rAzUUDWyQ-WtTJ7s0.roa (raw, json)
Hash identifier: f+yQ7i1ttExsSx7F+B0pW0Grn5H+h0kIHfeT8E6UUas=
Subject key identifier: D0:68:54:AA:63:45:E7:4A:C0:CD:45:03:5B:24:3E:5A:D4:C9:EE:CD
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018A3A5C44D2DD94915EBD5916ED9ED45092
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0GhUqmNF50rAzUUDWyQ-WtTJ7s0.roa
Signing time: Mon 28 Aug 2023 04:17:19 +0000
ROA not before: Mon 28 Aug 2023 04:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216446
IP address blocks: 195.136.16.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:5c:44:d2:dd:94:91:5e:bd:59:16:ed:9e:d4:50:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Aug 28 04:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d06854aa6345e74ac0cd45035b243e5ad4c9eecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0a:a6:33:81:ec:69:ae:0d:c7:e1:b5:8d:88:
2e:84:20:16:b8:3a:85:e5:3a:44:eb:da:16:d4:19:
53:06:f6:72:c1:8a:47:ff:56:af:5f:7c:8f:95:74:
1b:74:9b:af:6d:ea:2e:98:ff:4e:9d:c6:d4:0c:df:
a6:09:af:cd:8f:e8:be:0b:fa:c6:a9:78:6d:a2:a2:
b0:53:28:04:06:37:84:05:cd:43:63:b7:02:7c:61:
6b:fa:e1:af:b8:61:9c:ec:68:52:27:9c:78:87:53:
a8:1c:26:0d:49:dc:c5:d4:23:de:e0:6c:e6:ea:19:
ef:4c:96:ca:ef:f0:70:dc:83:30:56:52:4a:10:81:
c4:65:d7:45:c3:aa:db:88:d8:18:1a:6d:73:e6:f6:
60:9c:d1:06:a4:95:18:e6:72:64:25:91:21:cd:24:
e4:0a:c3:e8:c4:a4:4d:1a:5f:c3:19:68:00:bf:13:
ff:13:4d:f4:2c:07:49:5e:db:0b:17:fa:60:5c:5f:
0a:d0:c9:9b:bd:77:3c:e1:a8:cc:14:99:04:fd:2e:
2d:57:58:a4:16:ce:9f:51:00:13:63:33:4d:f7:44:
4b:c7:44:67:d0:89:60:47:00:20:e1:b6:c9:a6:28:
a0:f8:79:66:d5:e3:bc:1d:d9:bd:8e:82:9f:2b:67:
e1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:68:54:AA:63:45:E7:4A:C0:CD:45:03:5B:24:3E:5A:D4:C9:EE:CD
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0GhUqmNF50rAzUUDWyQ-WtTJ7s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.16.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:37:8b:e2:76:b4:37:a7:68:ce:a6:92:20:6c:b7:85:a2:a8:
61:75:48:94:8d:b9:77:93:8d:7d:df:d3:52:aa:f5:0f:6e:b9:
07:3b:b8:a7:de:3f:74:11:cd:73:f9:d7:d9:41:14:96:4b:6c:
b5:44:ac:5f:be:32:e0:98:a8:e2:8e:eb:66:f8:69:a1:9f:4c:
01:b4:11:ca:1d:9b:3c:b2:a0:a2:eb:48:43:42:30:47:09:0a:
24:98:34:13:3d:23:a4:d8:52:47:d5:26:fb:7d:5e:d6:9f:b3:
4b:c1:de:52:7a:86:34:1f:74:85:13:7d:96:61:23:ae:c3:f0:
5c:09:28:0c:e4:c8:43:61:40:f5:65:46:c7:78:53:b6:ae:bb:
4d:ad:69:d9:71:81:4b:3e:33:0c:17:df:c0:32:64:36:d8:ba:
75:e2:3a:71:a8:21:66:e6:03:55:42:6c:1d:89:df:bf:d7:f2:
81:2d:7c:b1:b3:01:9c:d8:8f:38:4e:e6:32:de:e6:33:86:74:
e5:9a:ca:69:4c:d8:f0:f6:24:d5:63:e8:fe:44:cf:5b:34:9b:
44:4f:48:1b:ef:ae:34:da:f6:3f:18:8c:e5:08:39:0e:0d:1b:
73:73:f9:d4:73:28:2a:5c:d0:52:70:23:19:53:2d:0c:7a:9e:
d4:36:96:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo6XETS3ZSRXr1ZFu2e1FCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwODI4MDQxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDY4NTRhYTYzNDVlNzRhYzBjZDQ1MDM1YjI0M2U1YWQ0YzllZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigqmM4Hsaa4Nx+G1jYguhCAWuDqF
5TpE69oW1BlTBvZywYpH/1avX3yPlXQbdJuvbeoumP9OncbUDN+mCa/Nj+i+C/rG
qXhtoqKwUygEBjeEBc1DY7cCfGFr+uGvuGGc7GhSJ5x4h1OoHCYNSdzF1CPe4Gzm
6hnvTJbK7/Bw3IMwVlJKEIHEZddFw6rbiNgYGm1z5vZgnNEGpJUY5nJkJZEhzSTk
CsPoxKRNGl/DGWgAvxP/E030LAdJXtsLF/pgXF8K0MmbvXc84ajMFJkE/S4tV1ik
Fs6fUQATYzNN90RLx0Rn0IlgRwAg4bbJpiig+Hlm1eO8Hdm9joKfK2fhrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBoVKpjRedKwM1FA1skPlrUye7NMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMEdoVXFtTkY1MHJBelVVRFd5US1XdFRKN3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4gQMA0G
CSqGSIb3DQEBCwUAA4IBAQDAN4vidrQ3p2jOppIgbLeFoqhhdUiUjbl3k41939NS
qvUPbrkHO7in3j90Ec1z+dfZQRSWS2y1RKxfvjLgmKjijutm+Gmhn0wBtBHKHZs8
sqCi60hDQjBHCQokmDQTPSOk2FJH1Sb7fV7Wn7NLwd5SeoY0H3SFE32WYSOuw/Bc
CSgM5MhDYUD1ZUbHeFO2rrtNrWnZcYFLPjMMF9/AMmQ22Lp14jpxqCFm5gNVQmwd
id+/1/KBLXyxswGc2I84TuYy3uYzhnTlmsppTNjw9iTVY+j+RM9bNJtET0gb7640
2vY/GIzlCDkODRtzc/nUcygqXNBScCMZUy0Mep7UNpaY
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:20 2024 by rpki-client on console-ams.rpki-client.org