Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/8clc-NYUdgbEX4_C9-INOnUe-rk.roa
File: 8clc-NYUdgbEX4_C9-INOnUe-rk.roa (raw, json)
Hash identifier: 7iZvwgkP95lO44JCB9S73ndYcFAVDW/+vvR6zB3subs=
Subject key identifier: F1:C9:5C:F8:D6:14:76:06:C4:5F:8F:C2:F7:E2:0D:3A:75:1E:FA:B9
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DADA786E1CEBDB522427CC462F3B70
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/8clc-NYUdgbEX4_C9-INOnUe-rk.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198984
IP address blocks: 195.136.172.0/24 maxlen: 24
195.136.175.0/24 maxlen: 24
195.136.184.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:da:78:6e:1c:eb:db:52:24:27:cc:46:2f:3b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1c95cf8d6147606c45f8fc2f7e20d3a751efab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:78:10:83:91:9a:a5:37:b8:b4:f8:4b:f4:f4:
f5:20:44:43:0d:1d:b4:51:12:4f:90:45:48:db:ac:
2c:d3:e5:68:45:23:ab:ea:80:13:97:41:52:0b:56:
09:f4:e4:fb:46:8c:89:62:22:8a:87:32:33:c2:08:
65:5e:1d:e0:9e:d7:07:ce:00:83:10:bf:aa:c4:1e:
9e:2d:32:2b:ea:de:e9:b2:0f:61:01:a4:87:76:90:
6c:b3:8f:91:04:7f:b4:12:da:36:86:83:11:a3:52:
69:1c:02:2e:51:1c:24:f9:f4:ec:51:76:de:9f:e3:
68:ca:47:8d:d2:10:84:c9:28:66:59:b7:81:21:e7:
cf:64:3f:b6:62:ee:59:ec:25:e5:83:ac:ed:16:fe:
df:f7:5b:cb:84:42:43:62:81:49:c8:0b:77:4c:ca:
b4:2a:6b:e9:69:16:bd:2e:0f:b3:6b:eb:3c:e4:15:
1e:2d:c2:fd:07:0e:61:a5:35:f8:0b:14:44:c6:b0:
8b:d9:65:c5:94:4e:96:45:24:66:c6:d8:f4:bc:39:
5b:63:20:f3:5d:1e:5b:08:93:0f:35:fe:a8:6f:bd:
67:82:a6:7f:f3:75:aa:3c:12:2c:1e:9b:41:11:76:
8f:ab:59:a6:4d:7f:c4:06:fc:13:86:b3:6d:ca:d0:
2b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C9:5C:F8:D6:14:76:06:C4:5F:8F:C2:F7:E2:0D:3A:75:1E:FA:B9
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/8clc-NYUdgbEX4_C9-INOnUe-rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.172.0/24
195.136.175.0/24
195.136.184.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:b6:f6:00:e4:34:8a:c5:0a:63:83:67:b6:b4:0c:cc:77:aa:
1e:89:79:a2:f2:fd:55:ff:f8:5a:34:c0:63:df:28:33:bd:5d:
bc:e9:a7:b3:21:e5:4b:27:97:79:b8:f8:62:0b:2a:56:94:4b:
ab:27:fc:72:57:92:be:73:6e:41:18:17:53:e3:1e:c1:4d:70:
78:28:c0:ab:58:53:e7:eb:37:d8:67:ba:df:77:27:f8:2e:8b:
e3:da:8e:6f:1f:90:bd:d3:25:20:a0:e8:2e:c7:1f:61:50:c6:
11:03:9d:b3:f6:65:01:48:f4:93:37:9c:76:dd:bb:2d:e8:8a:
0e:ed:69:2c:f4:1f:29:9a:e5:79:33:a9:45:71:16:f9:35:5e:
8a:9b:cb:de:27:17:e1:08:85:03:4a:95:a8:18:ae:a2:f5:68:
18:47:39:3f:d9:69:5c:80:d6:25:d3:2f:26:ad:4c:cd:d5:09:
a2:5f:df:e7:66:d3:ca:2e:4e:5f:d6:5b:7e:6f:6a:ab:7d:5b:
35:c6:63:78:b2:fd:66:2a:f6:a3:cb:17:61:cb:80:17:6a:cb:
40:39:c4:3a:80:9f:2f:b2:e9:80:0f:4e:c1:de:ac:32:c3:95:
f2:f6:e6:1f:89:a2:d2:00:9f:36:a1:14:57:0f:c1:a6:7d:43:
67:e0:d8:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2tp4bhzr21IkJ8xGLztwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM5NWNmOGQ2MTQ3NjA2YzQ1ZjhmYzJmN2UyMGQzYTc1MWVmYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjngQg5GapTe4tPhL9PT1IERDDR20
URJPkEVI26ws0+VoRSOr6oATl0FSC1YJ9OT7RoyJYiKKhzIzwghlXh3gntcHzgCD
EL+qxB6eLTIr6t7psg9hAaSHdpBss4+RBH+0Eto2hoMRo1JpHAIuURwk+fTsUXbe
n+NoykeN0hCEyShmWbeBIefPZD+2Yu5Z7CXlg6ztFv7f91vLhEJDYoFJyAt3TMq0
KmvpaRa9Lg+za+s85BUeLcL9Bw5hpTX4CxRExrCL2WXFlE6WRSRmxtj0vDlbYyDz
XR5bCJMPNf6ob71ngqZ/83WqPBIsHptBEXaPq1mmTX/EBvwThrNtytArVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPHJXPjWFHYGxF+PwvfiDTp1Hvq5MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvOGNsYy1OWVVkZ2JFWDRfQzktSU5PblVlLXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw4isAwQA
w4ivAwQBw4i4MA0GCSqGSIb3DQEBCwUAA4IBAQC8tvYA5DSKxQpjg2e2tAzMd6oe
iXmi8v1V//haNMBj3ygzvV286aezIeVLJ5d5uPhiCypWlEurJ/xyV5K+c25BGBdT
4x7BTXB4KMCrWFPn6zfYZ7rfdyf4Lovj2o5vH5C90yUgoOguxx9hUMYRA52z9mUB
SPSTN5x23bst6IoO7Wks9B8pmuV5M6lFcRb5NV6Km8veJxfhCIUDSpWoGK6i9WgY
Rzk/2WlcgNYl0y8mrUzN1QmiX9/nZtPKLk5f1lt+b2qrfVs1xmN4sv1mKvajyxdh
y4AXastAOcQ6gJ8vsumAD07B3qwyw5Xy9uYfiaLSAJ82oRRXD8GmfUNn4NhZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:18 2025 by rpki-client