Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/pCmSl9r0g2soWfB9OG3I2a0fk5Y.roa
File: pCmSl9r0g2soWfB9OG3I2a0fk5Y.roa (raw, json)
Hash identifier: TV7BIGHkeWGgn8JnaKMZgd2Ezkx38ajinOQhUVkvdx8=
Subject key identifier: A4:29:92:97:DA:F4:83:6B:28:59:F0:7D:38:6D:C8:D9:AD:1F:93:96
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DD7B25A61A51B31B61987C1C67BC6
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/pCmSl9r0g2soWfB9OG3I2a0fk5Y.roa
Signing time: Sun 01 Jan 2023 22:04:59 +0000
ROA not before: Sun 01 Jan 2023 22:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30898
IP address blocks: 195.168.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d7:b2:5a:61:a5:1b:31:b6:19:87:c1:c6:7b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4299297daf4836b2859f07d386dc8d9ad1f9396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:f0:d4:0b:e1:b6:af:11:30:43:44:fc:e7:
a3:39:47:eb:7b:63:9c:c7:32:76:8e:7b:86:ca:67:
e4:ff:6e:ed:b0:82:b7:34:a1:cc:b9:85:64:50:34:
37:74:d3:65:bb:00:f2:d0:27:e9:72:7b:09:20:7c:
97:2e:a9:61:41:c5:8a:46:ee:14:e6:a2:ec:30:f5:
0b:11:63:b5:00:c3:5b:57:ac:8d:09:a4:a8:26:e6:
79:d2:22:e4:35:2f:12:9c:f7:3d:e6:48:4b:4b:9d:
bd:6a:9f:24:b9:81:b2:4b:0a:a3:88:0c:ad:94:76:
77:e2:1a:51:24:9a:08:1a:a5:5c:c7:c9:4c:54:31:
27:26:0e:6e:28:58:9b:af:0d:8c:b4:c2:46:26:e8:
3f:dd:e4:c0:93:5c:7a:1f:9e:62:4a:13:b2:0e:b2:
75:98:9c:d3:98:2e:7a:21:3d:57:9c:b9:f1:ea:ee:
a2:57:f4:be:7a:7d:48:03:d3:82:19:00:39:85:bf:
40:f9:5b:20:51:3d:c7:c1:67:b2:83:96:95:a9:b7:
62:44:8d:99:04:e7:6e:b8:26:2b:df:e6:f1:a2:f4:
58:b0:83:61:24:c3:3e:6f:c2:87:25:80:33:80:12:
9b:e1:13:83:9c:83:f2:fa:ec:c0:79:0b:07:18:72:
f6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:29:92:97:DA:F4:83:6B:28:59:F0:7D:38:6D:C8:D9:AD:1F:93:96
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/pCmSl9r0g2soWfB9OG3I2a0fk5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.240.0/24
Signature Algorithm: sha256WithRSAEncryption
08:02:6c:7a:1e:34:58:9e:cf:5a:9e:db:7a:bc:fd:37:4a:39:
4d:c3:4d:80:63:49:69:e1:9e:50:25:19:a3:41:de:59:91:6b:
2f:fa:8d:86:61:a5:5d:7f:89:a6:91:1a:89:e9:15:b2:3a:5f:
2c:9e:8d:57:ed:ea:7c:1f:ed:ea:8a:28:9a:54:4f:a3:cb:8a:
c4:b5:35:f7:f9:bb:9c:a2:2a:89:ad:4a:7c:04:35:a4:34:4f:
7e:88:b0:37:12:5b:f4:5c:85:8b:10:6b:fa:6d:23:2c:27:3e:
9e:6a:86:1d:8e:3a:b4:4f:a7:ce:b0:e2:46:bc:c5:e7:f6:3d:
a1:cb:8e:8f:6d:8b:39:bd:f3:22:96:49:e0:d4:be:7e:27:ed:
ed:35:8f:1d:f6:b5:28:7f:5b:4a:04:58:a4:21:74:b9:ed:52:
de:51:4a:4f:94:54:49:59:49:6f:cc:a8:d6:ac:05:8d:b8:53:
6d:cd:47:7b:e7:8e:d6:b5:6b:35:ec:63:bb:6d:8f:71:81:8d:
8d:62:bd:31:0a:d7:40:12:db:e3:d3:50:54:f3:af:ba:74:f9:
46:aa:8c:79:0d:c9:ac:98:df:e5:f1:4d:d9:14:e9:11:1f:06:
1f:e8:b8:99:0f:ba:4f:2a:fe:6d:11:82:b4:20:d9:ca:c6:d4:
1a:e4:15:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXdeyWmGlGzG2GYfBxnvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI5OTI5N2RhZjQ4MzZiMjg1OWYwN2QzODZkYzhkOWFkMWY5Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpfw1Avhtq8RMENE/OejOUfre2Oc
xzJ2jnuGymfk/27tsIK3NKHMuYVkUDQ3dNNluwDy0CfpcnsJIHyXLqlhQcWKRu4U
5qLsMPULEWO1AMNbV6yNCaSoJuZ50iLkNS8SnPc95khLS529ap8kuYGySwqjiAyt
lHZ34hpRJJoIGqVcx8lMVDEnJg5uKFibrw2MtMJGJug/3eTAk1x6H55iShOyDrJ1
mJzTmC56IT1XnLnx6u6iV/S+en1IA9OCGQA5hb9A+VsgUT3HwWeyg5aVqbdiRI2Z
BOduuCYr3+bxovRYsINhJMM+b8KHJYAzgBKb4RODnIPy+uzAeQsHGHL25QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQpkpfa9INrKFnwfThtyNmtH5OWMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvcENtU2w5cjBnMnNvV2ZCOU9HM0kyYTBmazVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6jwMA0G
CSqGSIb3DQEBCwUAA4IBAQAIAmx6HjRYns9antt6vP03SjlNw02AY0lp4Z5QJRmj
Qd5ZkWsv+o2GYaVdf4mmkRqJ6RWyOl8sno1X7ep8H+3qiiiaVE+jy4rEtTX3+buc
oiqJrUp8BDWkNE9+iLA3Elv0XIWLEGv6bSMsJz6eaoYdjjq0T6fOsOJGvMXn9j2h
y46PbYs5vfMilkng1L5+J+3tNY8d9rUof1tKBFikIXS57VLeUUpPlFRJWUlvzKjW
rAWNuFNtzUd7547WtWs17GO7bY9xgY2NYr0xCtdAEtvj01BU86+6dPlGqox5Dcms
mN/l8U3ZFOkRHwYf6LiZD7pPKv5tEYK0INnKxtQa5BV3
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:18 2024 by rpki-client on console-ams.rpki-client.org