Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/_1AX2V1oMHRqMLMhDlzI513k2LE.roa
File: _1AX2V1oMHRqMLMhDlzI513k2LE.roa (raw, json)
Hash identifier: KTDrRJ69792t4fjiFLhTyRdhxG8hVFxDGSz9EvYMm54=
Subject key identifier: FF:50:17:D9:5D:68:30:74:6A:30:B3:21:0E:5C:C8:E7:5D:E4:D8:B1
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018CC64B293BBB100EFC987BE23185538D11
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/_1AX2V1oMHRqMLMhDlzI513k2LE.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21100
IP address blocks: 195.123.216.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 07 Jun 2024 12:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:29:3b:bb:10:0e:fc:98:7b:e2:31:85:53:8d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff5017d95d6830746a30b3210e5cc8e75de4d8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:09:02:dc:e7:17:c0:5f:91:a1:95:3e:9b:7c:
d2:23:68:5f:2d:ff:ba:df:bc:45:9a:0c:42:cd:6b:
73:3f:2e:fa:e4:0d:35:f0:89:0f:f5:e5:31:cf:e3:
c2:67:2b:6d:a6:c9:55:bf:5b:12:5e:c0:18:83:dd:
b9:dd:92:0c:3e:59:cb:f5:3d:54:60:0a:a4:61:76:
14:f0:64:4b:b6:48:b5:6e:94:b0:9b:32:33:f1:d9:
0d:cf:1f:4c:b6:31:b1:27:f9:0d:8c:30:a2:1f:5d:
8c:73:4b:c9:eb:0e:5c:6c:0d:ff:e6:94:48:b1:2a:
ed:6f:fb:ad:cd:c1:bc:f2:32:56:95:2a:0f:74:8e:
a6:64:9b:41:fb:70:46:53:15:33:b7:16:70:a8:1f:
df:35:71:28:7c:7c:b0:4f:d6:b7:0e:e2:1b:26:48:
07:b2:2e:ee:f6:4f:66:a9:d6:49:72:6b:f9:6a:b3:
63:e6:fe:b7:6e:1c:c9:6f:59:d3:8b:38:e6:80:41:
b8:44:b3:ce:77:2e:2f:ce:96:8f:45:22:c2:5c:51:
59:3b:ea:57:18:98:b9:20:4c:5d:f1:f0:b9:1e:3d:
11:55:2c:29:38:9d:66:a8:11:a0:d9:3c:b0:e4:2c:
3b:df:17:b4:6a:ca:24:d7:5c:be:9d:bf:a5:50:8b:
09:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:50:17:D9:5D:68:30:74:6A:30:B3:21:0E:5C:C8:E7:5D:E4:D8:B1
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/_1AX2V1oMHRqMLMhDlzI513k2LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.216.0/21
Signature Algorithm: sha256WithRSAEncryption
43:9a:8b:01:bd:e1:60:57:4d:e2:ff:30:6f:2c:f2:2d:6d:b3:
22:f5:31:a9:96:41:3a:66:d2:38:ef:4c:7f:92:78:96:04:12:
97:de:82:d8:cc:71:a2:86:88:7f:d4:a3:d1:87:fd:5a:d9:3c:
1b:d7:81:58:f2:9a:b7:f4:19:c8:c2:80:99:68:77:ab:d3:33:
0a:c8:5a:c7:b4:5e:61:6f:6f:2b:36:be:b0:ba:3c:45:43:da:
d4:2d:4c:d8:2e:ef:18:a3:19:a3:e0:4f:5c:4a:63:6c:8a:ff:
c5:14:cb:5b:1e:e7:fc:e3:ac:3d:93:ce:d2:db:d8:71:96:98:
ed:59:0c:d8:6b:f5:31:5f:ac:a2:0e:de:4d:11:cb:6f:d0:0d:
4f:f6:9e:56:76:4b:2c:06:83:e0:0a:c3:90:15:1a:2a:ce:49:
3f:d6:17:6e:c8:ea:63:6a:98:6d:5e:12:6f:0e:46:42:cd:c8:
3c:b2:10:88:d5:96:12:81:ea:7b:16:d5:1d:8f:ca:5a:9b:84:
8c:9a:da:b1:0b:02:bc:74:75:87:51:7e:d7:4a:9a:1d:46:57:
95:e3:a8:5c:54:35:ae:78:ca:eb:2c:1f:37:9a:22:dc:87:c3:
c1:24:21:61:cc:06:cd:91:4b:91:75:19:6c:31:e9:d2:52:25:
14:0a:e7:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyk7uxAO/Jh74jGFU40RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUwMTdkOTVkNjgzMDc0NmEzMGIzMjEwZTVjYzhlNzVkZTRkOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogkC3OcXwF+RoZU+m3zSI2hfLf+6
37xFmgxCzWtzPy765A018IkP9eUxz+PCZyttpslVv1sSXsAYg9253ZIMPlnL9T1U
YAqkYXYU8GRLtki1bpSwmzIz8dkNzx9MtjGxJ/kNjDCiH12Mc0vJ6w5cbA3/5pRI
sSrtb/utzcG88jJWlSoPdI6mZJtB+3BGUxUztxZwqB/fNXEofHywT9a3DuIbJkgH
si7u9k9mqdZJcmv5arNj5v63bhzJb1nTizjmgEG4RLPOdy4vzpaPRSLCXFFZO+pX
GJi5IExd8fC5Hj0RVSwpOJ1mqBGg2Tyw5Cw73xe0asok11y+nb+lUIsJcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9QF9ldaDB0ajCzIQ5cyOdd5NixMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvXzFBWDJWMW9NSFJxTUxNaERsekk1MTNrMkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw3vYMA0G
CSqGSIb3DQEBCwUAA4IBAQBDmosBveFgV03i/zBvLPItbbMi9TGplkE6ZtI470x/
kniWBBKX3oLYzHGihoh/1KPRh/1a2Twb14FY8pq39BnIwoCZaHer0zMKyFrHtF5h
b28rNr6wujxFQ9rULUzYLu8Yoxmj4E9cSmNsiv/FFMtbHuf846w9k87S29hxlpjt
WQzYa/UxX6yiDt5NEctv0A1P9p5WdkssBoPgCsOQFRoqzkk/1hduyOpjaphtXhJv
DkZCzcg8shCI1ZYSgep7FtUdj8pam4SMmtqxCwK8dHWHUX7XSpodRleV46hcVDWu
eMrrLB83miLch8PBJCFhzAbNkUuRdRlsMenSUiUUCuen
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:03:48 2024 by rpki-client on console-fra.rpki-client.org