Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/lMohC-CW4wsVjMLf0Y38M8s2QU0.roa
File: lMohC-CW4wsVjMLf0Y38M8s2QU0.roa (raw, json)
Hash identifier: ptxa3gKbd7X3EZKQqOqcc049DePraX0fk/jCCzKdPPM=
Subject key identifier: 94:CA:21:0B:E0:96:E3:0B:15:8C:C2:DF:D1:8D:FC:33:CB:36:41:4D
Certificate issuer: /CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Certificate serial: 018C24C1FA85150FF79297350F59038AA16B
Authority key identifier: 9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/lMohC-CW4wsVjMLf0Y38M8s2QU0.roa
Signing time: Fri 01 Dec 2023 09:42:21 +0000
ROA not before: Fri 01 Dec 2023 09:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35067
IP address blocks: 195.16.76.0/24 maxlen: 24
195.16.76.0/22 maxlen: 22
195.16.77.0/24 maxlen: 24
195.16.78.0/24 maxlen: 24
195.16.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 10:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:c1:fa:85:15:0f:f7:92:97:35:0f:59:03:8a:a1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Validity
Not Before: Dec 1 09:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ca210be096e30b158cc2dfd18dfc33cb36414d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:85:e5:87:9c:99:d6:5a:1f:1e:f4:f7:f9:
09:60:20:21:8c:63:d7:ef:44:dc:22:d0:1a:53:72:
1b:a8:b0:8e:67:0e:7f:d5:f1:8b:5b:f3:58:7d:50:
ff:d9:3e:25:f0:f4:5f:89:db:6d:30:78:aa:05:a2:
6e:f7:4e:c9:f1:7b:00:1f:fe:11:60:50:43:43:6a:
6f:e2:20:37:73:45:7c:4d:69:34:00:2f:7e:8e:09:
46:f5:c7:9a:ab:a3:6d:4b:97:18:07:e2:e6:e0:a7:
bd:c4:55:ec:0b:73:dd:a3:a6:eb:a2:68:57:e7:e4:
e0:3a:11:fa:18:e7:a6:24:06:82:54:7a:cf:95:f9:
1f:3d:ef:6f:28:b6:93:5f:08:a2:4d:20:3c:f6:65:
cb:5e:16:a7:4f:30:14:bc:53:3e:57:5c:0d:f2:b7:
25:8b:c0:6c:2f:3a:c6:f1:5e:6d:8a:d3:54:7d:c0:
fe:2a:85:53:de:18:7b:7a:f7:d9:8a:6a:1e:10:38:
78:57:fb:f6:37:3e:14:20:7a:27:5c:00:b7:50:42:
fc:6e:82:d6:1c:b2:34:22:4c:ed:18:5b:b9:f6:93:
b5:14:3a:00:89:81:0d:f2:18:74:df:ef:4a:6c:d9:
6f:e1:e7:7d:a9:62:0c:12:b5:41:91:27:18:0b:36:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CA:21:0B:E0:96:E3:0B:15:8C:C2:DF:D1:8D:FC:33:CB:36:41:4D
X509v3 Authority Key Identifier:
keyid:9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/lMohC-CW4wsVjMLf0Y38M8s2QU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.76.0/22
Signature Algorithm: sha256WithRSAEncryption
59:72:cd:51:fc:0d:b3:17:8e:51:2a:e2:d0:34:04:63:fb:6c:
7c:e2:97:48:0d:7b:e8:21:99:5a:fb:7e:02:cc:f9:1f:bd:ae:
de:cc:21:95:76:10:ec:4b:ea:27:4f:d8:f9:e0:d4:7b:71:65:
27:ad:0d:49:52:30:a4:88:2f:9d:59:85:34:48:4e:bb:47:1f:
b5:b1:cf:c0:c4:c3:05:3c:14:d2:a1:03:35:03:47:02:aa:11:
89:cd:6a:e2:7b:94:1f:ff:da:9c:ff:da:35:0a:64:c9:eb:b8:
75:3d:9c:f8:1e:ac:85:4e:ee:12:3d:73:87:ec:87:8f:08:3c:
88:b9:31:67:70:5b:0e:f4:14:d6:bb:11:37:7a:41:75:af:09:
df:0d:9c:97:9e:24:fd:42:62:2e:75:f8:7b:9c:7d:fd:09:da:
64:fc:d7:87:fa:a0:b1:96:84:b2:81:37:42:c2:ef:00:bc:38:
6d:5c:09:25:e3:5f:bc:bc:f4:e5:f8:d8:d7:fa:9f:bd:7b:f6:
40:74:10:fc:8f:78:5c:90:5d:98:ec:8b:87:b4:ea:6e:b7:28:
55:a8:f6:38:62:27:87:93:99:d6:be:20:e2:8c:ff:a2:d1:df:
81:9d:c5:2c:8a:93:a3:66:35:79:bb:00:73:ae:ff:cc:d5:63:
81:6e:ab:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwkwfqFFQ/3kpc1D1kDiqFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNGIzMDg2NjE0ZjQ3ODM4YTNlODBhM2U2ZTA1MWQzZDhh
NjkyZjkwHhcNMjMxMjAxMDk0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNhMjEwYmUwOTZlMzBiMTU4Y2MyZGZkMThkZmMzM2NiMzY0MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX+F5YecmdZaHx709/kJYCAhjGPX
70TcItAaU3IbqLCOZw5/1fGLW/NYfVD/2T4l8PRfidttMHiqBaJu907J8XsAH/4R
YFBDQ2pv4iA3c0V8TWk0AC9+jglG9ceaq6NtS5cYB+Lm4Ke9xFXsC3Pdo6bromhX
5+TgOhH6GOemJAaCVHrPlfkfPe9vKLaTXwiiTSA89mXLXhanTzAUvFM+V1wN8rcl
i8BsLzrG8V5titNUfcD+KoVT3hh7evfZimoeEDh4V/v2Nz4UIHonXAC3UEL8boLW
HLI0IkztGFu59pO1FDoAiYEN8hh03+9KbNlv4ed9qWIMErVBkScYCzbIywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTKIQvgluMLFYzC39GN/DPLNkFNMB8GA1UdIwQY
MBaAFJxLMIZhT0eDij6Ao+bgUdPYppL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2Et
ODRlZjljYWJiOWI2LzEvbE1vaEMtQ1c0d3NWak1MZjBZMzhNOHMyUVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2EtODRlZjljYWJiOWI2
LzEvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwxBMMA0G
CSqGSIb3DQEBCwUAA4IBAQBZcs1R/A2zF45RKuLQNARj+2x84pdIDXvoIZla+34C
zPkfva7ezCGVdhDsS+onT9j54NR7cWUnrQ1JUjCkiC+dWYU0SE67Rx+1sc/AxMMF
PBTSoQM1A0cCqhGJzWrie5Qf/9qc/9o1CmTJ67h1PZz4HqyFTu4SPXOH7IePCDyI
uTFncFsO9BTWuxE3ekF1rwnfDZyXniT9QmIudfh7nH39Cdpk/NeH+qCxloSygTdC
wu8AvDhtXAkl41+8vPTl+NjX+p+9e/ZAdBD8j3hckF2Y7IuHtOputyhVqPY4YieH
k5nWviDijP+i0d+BncUsipOjZjV5uwBzrv/M1WOBbqvX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org