Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/KWpKGOLQxKhTemU8HLU3tuUEtTA.roa
File: KWpKGOLQxKhTemU8HLU3tuUEtTA.roa (raw, json)
Hash identifier: Xh3nSxHZx+m/Ugi0Jzqa+GtdOOaCdmLZ5S3qvrGfkAw=
Subject key identifier: 29:6A:4A:18:E2:D0:C4:A8:53:7A:65:3C:1C:B5:37:B6:E5:04:B5:30
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018573220A4A0B59B980CBC6D071A3DDF272
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/KWpKGOLQxKhTemU8HLU3tuUEtTA.roa
Signing time: Mon 02 Jan 2023 15:38:08 +0000
ROA not before: Mon 02 Jan 2023 15:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25437
IP address blocks: 195.20.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:0a:4a:0b:59:b9:80:cb:c6:d0:71:a3:dd:f2:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=296a4a18e2d0c4a8537a653c1cb537b6e504b530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:92:bd:ff:0a:8a:b4:8a:83:6a:6e:ab:34:
22:a3:fa:da:e2:17:dd:0a:f3:4c:98:6e:dd:e5:b3:
4d:3e:da:7e:6f:91:4e:51:57:bf:bf:2f:21:63:22:
51:38:6e:aa:b9:a3:10:2f:98:06:53:27:fe:3f:e7:
ce:d8:91:a4:1d:aa:41:16:c6:53:3c:87:6a:b2:9b:
8d:79:d7:7b:68:80:89:f2:dd:1b:e8:67:e1:52:e0:
a9:86:2d:17:41:6c:0d:95:37:dc:34:ab:d4:d7:0a:
62:87:7b:3f:ff:78:c4:b2:b0:a7:f2:13:51:f1:e0:
6e:4f:f9:68:7e:8f:5e:99:51:5c:60:f8:bf:13:08:
1c:85:07:3b:db:6f:4a:12:0f:5e:88:4a:f1:7f:6f:
4c:7e:89:97:71:3e:69:90:ac:0d:74:72:ac:39:74:
f4:f3:81:ec:5c:6a:34:d2:a5:6c:8e:fc:01:5e:39:
af:4d:79:ed:86:33:83:41:42:45:2d:ba:04:37:da:
4c:88:c2:a8:19:80:67:dc:77:6d:05:3b:f5:6b:aa:
ee:93:79:b1:8c:e5:5a:a3:27:40:6e:c8:16:78:39:
74:da:1f:28:c5:a3:45:ee:0e:c4:61:21:0a:0d:17:
ee:7c:f0:05:b9:26:d1:d4:c4:31:09:02:03:97:52:
55:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6A:4A:18:E2:D0:C4:A8:53:7A:65:3C:1C:B5:37:B6:E5:04:B5:30
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/KWpKGOLQxKhTemU8HLU3tuUEtTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.119.0/24
Signature Algorithm: sha256WithRSAEncryption
06:42:cd:fa:c7:2c:75:81:c5:23:2a:33:c6:d0:36:f9:2d:16:
6c:8e:42:d8:57:26:90:c1:60:83:69:9d:93:74:d8:b2:3d:c4:
e6:6c:2a:68:4d:37:28:d3:43:03:7b:21:bb:4b:5e:ba:ee:5f:
49:e1:0e:5f:5e:65:7c:d4:d6:3b:c5:64:6b:3b:bd:2b:2f:75:
50:33:26:c7:ee:5b:f4:92:b8:e6:0c:1a:78:7e:9c:77:90:9b:
1f:ba:70:65:41:68:28:67:9f:89:f9:a2:9b:27:5f:6f:ac:ea:
f8:27:75:2a:ba:4d:6e:fc:83:3b:49:e8:e4:8d:5e:32:52:c5:
c7:a6:a2:fc:b0:62:aa:9d:6b:de:dd:bd:02:43:2a:94:f0:2c:
0f:af:33:ac:30:a1:ba:82:b8:0a:45:f2:4e:69:6f:d6:64:d3:
b7:35:be:24:cb:65:33:41:0a:64:89:fd:48:6a:82:11:8e:4d:
b8:05:1e:c8:08:5a:44:eb:32:61:c8:32:e8:cc:73:1a:ae:22:
a0:91:5a:dd:a1:1a:25:43:9b:03:47:24:2d:5f:e9:22:3f:20:
fc:b4:23:2b:25:6e:19:54:2c:84:2c:7a:be:07:52:f8:cc:d0:
e1:c3:47:e7:c7:ae:cd:f1:e5:96:bf:ea:77:cc:ea:d1:fa:29:
8e:df:2a:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIgpKC1m5gMvG0HGj3fJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZhNGExOGUyZDBjNGE4NTM3YTY1M2MxY2I1MzdiNmU1MDRiNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAiSvf8KirSKg2puqzQio/ra4hfd
CvNMmG7d5bNNPtp+b5FOUVe/vy8hYyJROG6quaMQL5gGUyf+P+fO2JGkHapBFsZT
PIdqspuNedd7aICJ8t0b6GfhUuCphi0XQWwNlTfcNKvU1wpih3s//3jEsrCn8hNR
8eBuT/lofo9emVFcYPi/EwgchQc7229KEg9eiErxf29MfomXcT5pkKwNdHKsOXT0
84HsXGo00qVsjvwBXjmvTXnthjODQUJFLboEN9pMiMKoGYBn3HdtBTv1a6ruk3mx
jOVaoydAbsgWeDl02h8oxaNF7g7EYSEKDRfufPAFuSbR1MQxCQIDl1JVxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClqShji0MSoU3plPBy1N7blBLUwMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvS1dwS0dPTFF4S2hUZW1VOEhMVTN0dVVFdFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxR3MA0G
CSqGSIb3DQEBCwUAA4IBAQAGQs36xyx1gcUjKjPG0Db5LRZsjkLYVyaQwWCDaZ2T
dNiyPcTmbCpoTTco00MDeyG7S1667l9J4Q5fXmV81NY7xWRrO70rL3VQMybH7lv0
krjmDBp4fpx3kJsfunBlQWgoZ5+J+aKbJ19vrOr4J3Uquk1u/IM7SejkjV4yUsXH
pqL8sGKqnWve3b0CQyqU8CwPrzOsMKG6grgKRfJOaW/WZNO3Nb4ky2UzQQpkif1I
aoIRjk24BR7ICFpE6zJhyDLozHMariKgkVrdoRolQ5sDRyQtX+kiPyD8tCMrJW4Z
VCyELHq+B1L4zNDhw0fnx67N8eWWv+p3zOrR+imO3yo3
Generated at Tue Aug 22 00:01:00 2023 by rpki-client on console-fra.rpki-client.org