Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/0-BIpzqeDOIkmagksAFZP3H7G-Q.roa
File: 0-BIpzqeDOIkmagksAFZP3H7G-Q.roa (raw, json)
Hash identifier: QHG6jpIC9lLc3RprRjif/g02BXwBVtmu9gZ4ahZsT+o=
Subject key identifier: D3:E0:48:A7:3A:9E:0C:E2:24:99:A8:24:B0:01:59:3F:71:FB:1B:E4
Certificate issuer: /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial: 018571D7D9BF78180829F6E9565D20CBDFC7
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/0-BIpzqeDOIkmagksAFZP3H7G-Q.roa
Signing time: Mon 02 Jan 2023 09:37:29 +0000
ROA not before: Mon 02 Jan 2023 09:37:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206394
IP address blocks: 195.150.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d9:bf:78:18:08:29:f6:e9:56:5d:20:cb:df:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Validity
Not Before: Jan 2 09:37:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3e048a73a9e0ce22499a824b001593f71fb1be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:b1:f2:48:ac:4d:b2:86:51:ec:ca:49:14:
f3:48:e9:dd:b7:e9:9e:89:35:e0:c6:1e:61:8d:ba:
74:13:f1:84:bf:73:a2:1e:cc:16:8a:a8:d9:9c:67:
5b:18:6c:39:36:e1:4c:6e:98:61:fc:c5:dd:de:07:
6f:08:bf:3a:ff:16:ec:3d:b1:d1:ed:dc:25:70:55:
f0:be:98:97:60:d0:0f:08:db:3c:5a:c7:de:58:42:
19:60:4e:81:64:6e:dc:71:c9:1e:1c:82:d0:e4:b9:
7d:7f:d8:74:78:ef:bc:18:9f:f5:e3:19:24:3f:e6:
d8:10:a5:b4:f8:02:43:2f:f4:fc:f8:68:cc:d8:3d:
57:80:3b:4f:e5:30:04:c0:20:9c:cc:35:73:74:7b:
44:ee:17:3c:ef:6c:d6:1f:a8:cb:89:f7:7b:62:24:
9c:fc:eb:76:12:4b:97:34:29:4a:3a:c7:ae:10:e5:
c6:7b:67:f2:28:6b:f3:0f:86:ac:2d:bb:ca:6b:22:
bb:4b:5a:78:cf:db:44:20:26:29:c0:c5:44:77:11:
de:52:71:af:55:bc:53:bf:54:e9:50:57:88:9a:b2:
78:a9:c7:05:10:c0:83:99:cc:70:81:bb:b0:63:0a:
dc:cf:5e:4e:6d:4a:c0:1e:61:7b:34:20:0e:0a:ef:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E0:48:A7:3A:9E:0C:E2:24:99:A8:24:B0:01:59:3F:71:FB:1B:E4
X509v3 Authority Key Identifier:
keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/0-BIpzqeDOIkmagksAFZP3H7G-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.150.200.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b0:7a:d6:98:8c:91:3b:68:8b:ca:5e:4f:bb:81:3f:c3:60:
ff:82:0f:ae:a7:e5:51:50:a7:e4:3a:62:99:b4:02:17:ed:65:
64:78:52:66:e2:86:2f:0e:6c:2c:bd:d8:1b:87:70:55:68:e3:
b8:db:13:83:ba:79:e1:4d:00:da:c9:0f:7d:0f:8b:48:51:8a:
cf:d5:9e:b8:12:f7:0e:27:23:b6:20:15:e7:72:dc:8c:69:90:
fe:a0:0d:99:d2:ac:e0:18:c2:57:dc:fd:45:ca:cd:62:2e:82:
de:b1:a8:5d:c7:73:51:11:c3:4f:d9:5f:ac:5d:68:c8:0b:5c:
a6:f4:e2:a0:e5:74:5a:f9:4d:48:3c:00:13:ae:13:9f:7f:a6:
1d:2f:3f:e4:9e:d4:a7:59:78:65:c6:e2:1b:1c:d8:72:8f:b2:
b0:3c:fa:b0:d6:6f:70:03:be:c1:f5:6d:6e:a9:cf:ca:f7:97:
ef:12:dc:c1:e6:11:db:3b:5b:37:5a:6d:56:4d:10:48:34:dc:
54:9b:41:14:7c:8d:26:c6:08:01:db:ba:88:a9:dc:43:9b:a7:
db:c3:0e:59:79:58:ac:35:62:5e:e2:aa:e8:20:1a:91:07:a4:
91:03:88:ea:4c:b8:c7:5e:66:3b:b5:62:b9:99:a6:fb:ad:27:
1b:a1:1a:14
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVx19m/eBgIKfbpVl0gy9/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjE5ZTIyNGM3M2Y4M2M0ZmRkMTk2ZDA2NjA4YWViM2E4
ODE4MDQwHhcNMjMwMTAyMDkzNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2UwNDhhNzNhOWUwY2UyMjQ5OWE4MjRiMDAxNTkzZjcxZmIxYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTax8kisTbKGUezKSRTzSOndt+me
iTXgxh5hjbp0E/GEv3OiHswWiqjZnGdbGGw5NuFMbphh/MXd3gdvCL86/xbsPbHR
7dwlcFXwvpiXYNAPCNs8WsfeWEIZYE6BZG7ccckeHILQ5Ll9f9h0eO+8GJ/14xkk
P+bYEKW0+AJDL/T8+GjM2D1XgDtP5TAEwCCczDVzdHtE7hc872zWH6jLifd7YiSc
/Ot2EkuXNClKOseuEOXGe2fyKGvzD4asLbvKayK7S1p4z9tEICYpwMVEdxHeUnGv
VbxTv1TpUFeImrJ4qccFEMCDmcxwgbuwYwrcz15ObUrAHmF7NCAOCu8iiQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNPgSKc6ngziJJmoJLABWT9x+xvkMB8GA1UdIwQY
MBaAFPjxniJMc/g8T90ZbQZgius6iBgEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QR2VJa3h6LUR4UDNSbHRCbUNLNnpxSUdBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUx
LTE2Y2Q4ZjRmYjRiOS8xLzAtQklwenFlRE9Ja21hZ2tzQUZaUDNIN0ctUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUxLTE2Y2Q4ZjRmYjRi
OS8xLzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDlsgw
DQYJKoZIhvcNAQELBQADggEBADiwetaYjJE7aIvKXk+7gT/DYP+CD66n5VFQp+Q6
Ypm0AhftZWR4Umbihi8ObCy92BuHcFVo47jbE4O6eeFNANrJD30Pi0hRis/VnrgS
9w4nI7YgFedy3IxpkP6gDZnSrOAYwlfc/UXKzWIugt6xqF3Hc1ERw0/ZX6xdaMgL
XKb04qDldFr5TUg8ABOuE59/ph0vP+Se1KdZeGXG4hsc2HKPsrA8+rDWb3ADvsH1
bW6pz8r3l+8S3MHmEds7WzdabVZNEEg03FSbQRR8jSbGCAHbuoip3EObp9vDDll5
WKw1Yl7iquggGpEHpJEDiOpMuMdeZju1YrmZpvutJxuhGhQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:50 2024 by rpki-client on console-fra.rpki-client.org