Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/d95f15-2a2d-465b-a822-c8ee46648dbf/1/xCqjfrxo7vyUBmWBVm2iic48cu4.roa
File: xCqjfrxo7vyUBmWBVm2iic48cu4.roa (raw, json)
Hash identifier: wUq9RMwZCIgR8XqfvRoWb5TDvOdgB9GSSee2Ow1E/Dg=
Subject key identifier: C4:2A:A3:7E:BC:68:EE:FC:94:06:65:81:56:6D:A2:89:CE:3C:72:EE
Certificate issuer: /CN=976ba6229c459d7695d3529b1207e2c29b0842b1
Certificate serial: 01856F8B87C57FCF293A22D9FDB3125BD0A2
Authority key identifier: 97:6B:A6:22:9C:45:9D:76:95:D3:52:9B:12:07:E2:C2:9B:08:42:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l2umIpxFnXaV01KbEgfiwpsIQrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/d95f15-2a2d-465b-a822-c8ee46648dbf/1/xCqjfrxo7vyUBmWBVm2iic48cu4.roa
Signing time: Sun 01 Jan 2023 22:54:52 +0000
ROA not before: Sun 01 Jan 2023 22:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12516
IP address blocks: 195.54.48.0/23 maxlen: 24
91.216.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:87:c5:7f:cf:29:3a:22:d9:fd:b3:12:5b:d0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=976ba6229c459d7695d3529b1207e2c29b0842b1
Validity
Not Before: Jan 1 22:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42aa37ebc68eefc94066581566da289ce3c72ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:24:af:30:bb:c2:55:8d:9e:97:8f:c7:bc:
e4:11:95:36:80:8c:a9:3e:1e:22:18:ba:42:20:b5:
d4:ec:ed:9f:e8:e7:af:ed:83:18:9c:13:d6:2d:5d:
f6:07:7b:25:ec:e0:76:c6:8f:ad:20:b2:7d:af:bd:
71:fd:cd:87:dd:2a:4d:0d:64:50:5b:eb:13:c6:2b:
2e:b5:a8:7f:11:63:db:68:26:f1:75:10:49:7e:78:
60:2d:42:21:2f:89:4b:e5:34:3f:a1:11:95:dc:d0:
ae:da:54:f1:54:5f:20:59:0b:34:13:04:93:de:41:
bf:6e:5b:9a:d4:7d:46:55:bc:7f:8b:29:99:1a:95:
52:9b:a3:dd:b9:18:03:e3:d4:93:0e:95:ea:24:d6:
e7:b6:d3:ce:76:61:7a:68:56:74:7e:c1:07:c1:5d:
aa:b1:8d:6f:b8:85:9e:d7:39:f3:06:c1:94:fb:13:
eb:72:26:70:9f:4a:e1:22:fd:4a:cf:7d:d8:10:24:
b1:0c:8e:47:8e:64:4a:a8:cc:77:f9:eb:64:56:a1:
64:78:06:30:ec:e6:c0:6d:ad:e5:ad:3a:da:b2:ae:
80:e0:97:f7:f0:27:d2:b2:28:42:32:91:54:d7:96:
32:a4:ef:05:39:fe:9f:4a:26:8a:6c:da:2e:d0:58:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2A:A3:7E:BC:68:EE:FC:94:06:65:81:56:6D:A2:89:CE:3C:72:EE
X509v3 Authority Key Identifier:
keyid:97:6B:A6:22:9C:45:9D:76:95:D3:52:9B:12:07:E2:C2:9B:08:42:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l2umIpxFnXaV01KbEgfiwpsIQrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d95f15-2a2d-465b-a822-c8ee46648dbf/1/xCqjfrxo7vyUBmWBVm2iic48cu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d95f15-2a2d-465b-a822-c8ee46648dbf/1/l2umIpxFnXaV01KbEgfiwpsIQrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.195.0/24
195.54.48.0/23
Signature Algorithm: sha256WithRSAEncryption
88:c3:5b:e4:a3:ec:f2:50:19:54:29:b4:06:a2:bd:56:dc:bf:
f2:80:0d:fb:29:18:64:36:85:71:4c:f4:2b:d2:e0:be:75:db:
e9:87:2f:9f:b2:a3:70:2f:9a:0e:1e:d4:b5:c8:34:22:e4:3e:
a9:59:5e:b2:23:44:0a:e4:34:f1:70:a0:24:2a:8c:13:2b:dc:
8d:81:89:64:1c:25:7d:b0:57:d9:46:96:7f:d2:c2:99:c0:49:
11:db:f8:42:b6:6f:7b:73:cd:9d:4f:8f:88:1b:1d:57:42:99:
23:cc:8d:87:61:94:8b:15:2e:db:0c:7f:e0:24:ec:fe:90:20:
2a:32:a6:cd:d2:8e:94:00:47:62:9d:05:e5:a1:7a:f2:3b:89:
a5:c1:64:71:58:1a:0f:71:3a:eb:90:38:31:d1:14:01:cf:42:
e8:8f:01:a3:ae:36:df:54:c1:3c:63:0d:98:88:61:ef:7e:ef:
69:ce:9e:bc:f2:81:23:7a:2a:02:7a:bc:84:4c:cd:2b:d7:10:
b6:96:4b:08:df:5e:65:31:fd:15:d2:ab:06:b4:ff:e0:ce:f5:
98:5b:46:bb:8a:3c:09:ba:3e:3d:e9:4f:fe:ca:44:62:ab:04:
28:32:47:de:f6:c0:09:42:a8:94:4e:9a:a0:15:f7:2a:81:1f:
54:1c:98:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi4fFf88pOiLZ/bMSW9CiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmJhNjIyOWM0NTlkNzY5NWQzNTI5YjEyMDdlMmMyOWIw
ODQyYjEwHhcNMjMwMTAxMjI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJhYTM3ZWJjNjhlZWZjOTQwNjY1ODE1NjZkYTI4OWNlM2M3MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi8krzC7wlWNnpePx7zkEZU2gIyp
Ph4iGLpCILXU7O2f6Oev7YMYnBPWLV32B3sl7OB2xo+tILJ9r71x/c2H3SpNDWRQ
W+sTxisutah/EWPbaCbxdRBJfnhgLUIhL4lL5TQ/oRGV3NCu2lTxVF8gWQs0EwST
3kG/blua1H1GVbx/iymZGpVSm6PduRgD49STDpXqJNbnttPOdmF6aFZ0fsEHwV2q
sY1vuIWe1znzBsGU+xPrciZwn0rhIv1Kz33YECSxDI5HjmRKqMx3+etkVqFkeAYw
7ObAba3lrTrasq6A4Jf38CfSsihCMpFU15YypO8FOf6fSiaKbNou0Fh/0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMQqo368aO78lAZlgVZtoonOPHLuMB8GA1UdIwQY
MBaAFJdrpiKcRZ12ldNSmxIH4sKbCEKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDJ1bUlweEZuWGFWMDFLYkVnZml3cHNJUXJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9kOTVmMTUtMmEyZC00NjViLWE4MjIt
YzhlZTQ2NjQ4ZGJmLzEveENxamZyeG83dnlVQm1XQlZtMmlpYzQ4Y3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9kOTVmMTUtMmEyZC00NjViLWE4MjItYzhlZTQ2NjQ4ZGJm
LzEvbDJ1bUlweEZuWGFWMDFLYkVnZml3cHNJUXJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9jDAwQB
wzYwMA0GCSqGSIb3DQEBCwUAA4IBAQCIw1vko+zyUBlUKbQGor1W3L/ygA37KRhk
NoVxTPQr0uC+ddvphy+fsqNwL5oOHtS1yDQi5D6pWV6yI0QK5DTxcKAkKowTK9yN
gYlkHCV9sFfZRpZ/0sKZwEkR2/hCtm97c82dT4+IGx1XQpkjzI2HYZSLFS7bDH/g
JOz+kCAqMqbN0o6UAEdinQXloXryO4mlwWRxWBoPcTrrkDgx0RQBz0LojwGjrjbf
VME8Yw2YiGHvfu9pzp688oEjeioCeryETM0r1xC2lksI315lMf0V0qsGtP/gzvWY
W0a7ijwJuj496U/+ykRiqwQoMkfe9sAJQqiUTpqgFfcqgR9UHJhj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:08 2024 by rpki-client on console-fra.rpki-client.org