Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oFTGQsj6gBhtS18ZluB75fLQP1Y.roa
File: oFTGQsj6gBhtS18ZluB75fLQP1Y.roa (raw, json)
Hash identifier: vxTmyXw675h5o0eTYL4ReBvgZvxvWSRBpMI3w52H9vU=
Subject key identifier: A0:54:C6:42:C8:FA:80:18:6D:4B:5F:19:96:E0:7B:E5:F2:D0:3F:56
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 018CC2DADF76B3C7190CFD29B0F354F90567
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oFTGQsj6gBhtS18ZluB75fLQP1Y.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210882
IP address blocks: 195.216.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 07:28:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:76:b3:c7:19:0c:fd:29:b0:f3:54:f9:05:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a054c642c8fa80186d4b5f1996e07be5f2d03f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:ad:42:03:ea:86:da:de:5a:1f:32:9f:92:
8b:e4:7d:62:a1:3e:e3:21:78:86:38:40:e7:19:00:
d1:59:d9:83:16:7a:f9:43:bc:ad:0a:23:3c:2e:03:
5d:88:5c:96:10:77:5b:24:04:95:58:6c:ea:35:3d:
2c:e6:13:fd:4d:1e:70:21:ab:e7:7a:81:6a:f5:a9:
c0:30:71:7a:23:c0:14:01:68:4c:8a:18:7f:8a:17:
ad:ca:09:dd:c3:67:de:8f:39:f9:d4:90:3d:dc:ba:
ee:12:19:62:10:a2:80:44:0c:3d:30:c9:57:ef:3d:
b0:40:8b:a8:51:2c:35:7b:58:d5:b4:dc:92:16:6a:
02:8d:7b:8f:a2:5e:6f:0b:d3:2a:f4:1d:21:2a:da:
54:6f:d5:dc:cc:2a:cd:d9:e7:b9:fa:94:c6:f6:42:
1e:95:8e:66:d3:2b:28:1b:12:b8:99:50:f3:2b:d4:
5e:96:32:b3:da:a3:d7:17:c7:75:79:ce:46:6d:f6:
14:33:77:c1:7e:45:03:f5:9a:26:d5:0a:c3:70:5b:
06:7d:32:7b:94:e4:1e:3d:6c:72:fe:bf:0f:15:12:
75:a0:54:77:76:2f:11:a5:b9:75:0d:09:f4:c1:f5:
62:9e:47:c1:1b:b9:23:0c:0e:13:54:46:4a:c4:0f:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:54:C6:42:C8:FA:80:18:6D:4B:5F:19:96:E0:7B:E5:F2:D0:3F:56
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oFTGQsj6gBhtS18ZluB75fLQP1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.246.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ae:e4:dc:de:ac:62:dc:79:6f:fd:dd:e9:ba:33:2c:dc:34:
da:ae:36:d0:83:a6:bf:d0:61:4f:4b:41:ed:88:5a:58:7a:da:
ab:e9:38:3a:77:e8:72:35:8c:f4:9f:ac:79:49:8e:ec:22:a8:
0b:8d:e4:bf:ac:0a:58:00:f5:fa:92:e5:b9:91:0e:af:88:19:
68:df:68:5d:d9:40:0d:4e:ff:5f:09:c6:5a:87:5a:96:ca:c4:
4f:91:f1:df:2b:8f:ae:9f:5b:e0:c5:d4:17:bd:ff:5a:97:84:
ae:e1:5a:ff:45:18:4e:c8:a2:e1:76:f6:a2:05:a4:98:3b:dd:
eb:8c:e3:6b:00:b6:5a:37:bd:04:3e:d1:9f:62:0f:6e:58:e1:
70:ed:88:6c:8d:cc:db:aa:44:61:84:cb:7c:c5:ad:4d:77:5b:
b8:81:a8:e8:bd:ba:d9:3a:2d:b0:f1:b1:5c:1a:c4:1b:08:bf:
e8:a3:0f:b1:aa:ed:da:45:89:e8:b3:54:09:42:8a:d0:d4:08:
0d:a8:dd:b4:36:c8:bf:e5:81:96:43:96:23:e3:04:fa:ea:2a:
a8:f7:1e:c7:48:4b:60:46:74:5a:60:7a:c5:2f:5b:07:50:c2:
5c:20:0b:e5:ea:0e:05:a2:ab:2b:51:de:8f:55:f5:2b:1b:01:
a5:9b:6b:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2t92s8cZDP0psPNU+QVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU0YzY0MmM4ZmE4MDE4NmQ0YjVmMTk5NmUwN2JlNWYyZDAzZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueutQgPqhtreWh8yn5KL5H1ioT7j
IXiGOEDnGQDRWdmDFnr5Q7ytCiM8LgNdiFyWEHdbJASVWGzqNT0s5hP9TR5wIavn
eoFq9anAMHF6I8AUAWhMihh/ihetygndw2fejzn51JA93LruEhliEKKARAw9MMlX
7z2wQIuoUSw1e1jVtNySFmoCjXuPol5vC9Mq9B0hKtpUb9XczCrN2ee5+pTG9kIe
lY5m0ysoGxK4mVDzK9ReljKz2qPXF8d1ec5GbfYUM3fBfkUD9Zom1QrDcFsGfTJ7
lOQePWxy/r8PFRJ1oFR3di8Rpbl1DQn0wfVinkfBG7kjDA4TVEZKxA9YBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBUxkLI+oAYbUtfGZbge+Xy0D9WMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvb0ZUR1FzajZnQmh0UzE4Wmx1Qjc1ZkxRUDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9j2MA0G
CSqGSIb3DQEBCwUAA4IBAQCtruTc3qxi3Hlv/d3pujMs3DTarjbQg6a/0GFPS0Ht
iFpYetqr6Tg6d+hyNYz0n6x5SY7sIqgLjeS/rApYAPX6kuW5kQ6viBlo32hd2UAN
Tv9fCcZah1qWysRPkfHfK4+un1vgxdQXvf9al4Su4Vr/RRhOyKLhdvaiBaSYO93r
jONrALZaN70EPtGfYg9uWOFw7YhsjczbqkRhhMt8xa1Nd1u4gajovbrZOi2w8bFc
GsQbCL/oow+xqu3aRYnos1QJQorQ1AgNqN20Nsi/5YGWQ5Yj4wT66iqo9x7HSEtg
RnRaYHrFL1sHUMJcIAvl6g4FoqsrUd6PVfUrGwGlm2u4
-----END CERTIFICATE-----
Generated at Thu Aug 29 10:00:51 2024 by rpki-client on console-fra.rpki-client.org