Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Nh-hRwmg_X8NKj9yu1UuXPu_YOU.roa
File: Nh-hRwmg_X8NKj9yu1UuXPu_YOU.roa (raw, json)
Hash identifier: ES2rFwmv1DKs1LaDN3NdD7Panp3j5R6mj373hbbWDgo=
Subject key identifier: 36:1F:A1:47:09:A0:FD:7F:0D:2A:3F:72:BB:55:2E:5C:FB:BF:60:E5
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB843F50C0B55B0D9CB812A87D94B6A
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Nh-hRwmg_X8NKj9yu1UuXPu_YOU.roa
Signing time: Sun 01 Jan 2023 09:44:53 +0000
ROA not before: Sun 01 Jan 2023 09:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24954
IP address blocks: 195.25.80.0/24 maxlen: 24
195.25.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:43:f5:0c:0b:55:b0:d9:cb:81:2a:87:d9:4b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=361fa14709a0fd7f0d2a3f72bb552e5cfbbf60e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:90:61:3e:84:ad:68:62:9b:13:08:0f:30:
53:b0:aa:5c:51:ec:0a:61:c8:50:7e:d0:e1:24:33:
2b:1e:78:5f:85:d4:ff:75:d0:85:03:45:9c:e5:86:
f7:5f:3d:51:09:bf:52:3b:6c:a4:41:57:1c:b1:f9:
14:b4:72:d8:1d:84:91:90:a6:f9:a8:77:ee:4f:6a:
21:69:26:75:39:64:72:58:57:35:49:5e:0a:39:7f:
a0:40:b5:b7:96:94:62:c1:0e:06:be:f7:8b:af:fb:
47:bd:c0:eb:75:8f:48:0b:36:01:dd:ab:20:18:24:
d1:8c:96:50:a7:4e:4e:cc:d3:a6:2e:94:67:9d:ad:
e4:51:d5:1a:61:d9:8a:0f:49:38:a3:be:0e:53:d7:
e4:ef:13:68:ff:d3:20:5f:95:cb:b5:29:9c:46:da:
95:50:e9:fe:e3:99:c9:7a:3c:a5:50:f1:da:d9:4c:
83:0a:6c:fb:b9:8e:bc:e4:1e:50:0f:a5:ea:c4:d1:
b5:cc:88:51:69:34:f6:e4:32:c9:58:db:71:a2:00:
7b:83:9f:cd:96:be:bc:5a:d7:f6:85:91:80:b8:51:
d8:e5:79:50:7b:9f:d1:7c:b4:4b:5b:13:2a:ae:d5:
5a:45:02:a3:7a:2c:4d:6c:a5:5d:4b:04:43:aa:66:
b1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1F:A1:47:09:A0:FD:7F:0D:2A:3F:72:BB:55:2E:5C:FB:BF:60:E5
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Nh-hRwmg_X8NKj9yu1UuXPu_YOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.25.79.0-195.25.80.255
Signature Algorithm: sha256WithRSAEncryption
69:ac:1d:c3:3c:f2:9e:6e:e5:46:79:96:b3:ac:7d:40:22:a1:
98:13:61:ad:2a:6e:79:b9:03:24:67:0e:6b:0b:32:5b:59:00:
a8:e4:56:ef:16:d3:ad:b7:f1:80:e7:40:23:2a:61:9c:c6:db:
97:06:dd:12:7b:66:d8:06:79:55:9a:df:45:90:59:c8:34:6e:
f7:80:1c:da:9d:8e:2f:08:f0:c4:a6:75:df:fd:6f:de:71:50:
31:2d:dd:75:35:67:0f:51:14:58:16:2b:ca:f5:87:44:04:7c:
15:aa:c3:bd:ed:32:6d:18:ed:39:ba:9a:17:58:86:cf:10:95:
d2:ec:4d:27:27:e7:d4:53:c2:13:49:46:b8:3d:4b:ef:59:43:
df:12:00:57:f6:3a:8b:a4:b6:38:b8:a5:f5:76:8f:48:c2:ca:
dd:60:62:65:0f:c7:9f:f7:29:13:32:48:97:f1:51:61:a0:c1:
ab:a8:29:5f:70:91:e8:96:bb:b9:9d:1b:bd:d6:f8:0f:d6:c8:
68:aa:cb:d4:46:b1:f1:56:94:17:55:67:b9:f5:a7:48:15:bc:
ac:9f:f4:c8:b0:71:5a:30:29:16:63:ce:80:d2:a9:24:ca:fb:
ac:92:3a:af:cd:89:4a:be:45:d1:09:9a:79:25:77:7f:e8:75:
64:e0:e1:5e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsuEP1DAtVsNnLgSqH2UtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFmYTE0NzA5YTBmZDdmMGQyYTNmNzJiYjU1MmU1Y2ZiYmY2MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltuQYT6ErWhimxMIDzBTsKpcUewK
YchQftDhJDMrHnhfhdT/ddCFA0Wc5Yb3Xz1RCb9SO2ykQVccsfkUtHLYHYSRkKb5
qHfuT2ohaSZ1OWRyWFc1SV4KOX+gQLW3lpRiwQ4GvveLr/tHvcDrdY9ICzYB3asg
GCTRjJZQp05OzNOmLpRnna3kUdUaYdmKD0k4o74OU9fk7xNo/9MgX5XLtSmcRtqV
UOn+45nJejylUPHa2UyDCmz7uY685B5QD6XqxNG1zIhRaTT25DLJWNtxogB7g5/N
lr68Wtf2hZGAuFHY5XlQe5/RfLRLWxMqrtVaRQKjeixNbKVdSwRDqmaxuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDYfoUcJoP1/DSo/crtVLlz7v2DlMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvTmgtaFJ3bWdfWDhOS2o5eXUxVXVYUHVfWU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADDGU8D
BADDGVAwDQYJKoZIhvcNAQELBQADggEBAGmsHcM88p5u5UZ5lrOsfUAioZgTYa0q
bnm5AyRnDmsLMltZAKjkVu8W06238YDnQCMqYZzG25cG3RJ7ZtgGeVWa30WQWcg0
bveAHNqdji8I8MSmdd/9b95xUDEt3XU1Zw9RFFgWK8r1h0QEfBWqw73tMm0Y7Tm6
mhdYhs8QldLsTScn59RTwhNJRrg9S+9ZQ98SAFf2Oouktji4pfV2j0jCyt1gYmUP
x5/3KRMySJfxUWGgwauoKV9wkeiWu7mdG73W+A/WyGiqy9RGsfFWlBdVZ7n1p0gV
vKyf9MiwcVowKRZjzoDSqSTK+6ySOq/NiUq+RdEJmnkld3/odWTg4V4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org