Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/f4J0OVVH8CxgSzgk216MmKlDVdc.roa
File: f4J0OVVH8CxgSzgk216MmKlDVdc.roa (raw, json)
Hash identifier: hOLxjpq+/YU7EeL0WZZBdsHebWYvDu3HmZNYJpaJNRc=
Subject key identifier: 7F:82:74:39:55:47:F0:2C:60:4B:38:24:DB:5E:8C:98:A9:43:55:D7
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 01880AE798F62CF257F89BC5BCD25204D197
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/f4J0OVVH8CxgSzgk216MmKlDVdc.roa
Signing time: Thu 11 May 2023 13:02:10 +0000
ROA not before: Thu 11 May 2023 13:02:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62214
IP address blocks: 195.90.98.0/24 maxlen: 24
195.90.115.0/24 maxlen: 24
2a01:7d80:c000::/40 maxlen: 40
2a01:7d80:2400::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:e7:98:f6:2c:f2:57:f8:9b:c5:bc:d2:52:04:d1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: May 11 13:02:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f8274395547f02c604b3824db5e8c98a94355d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:5e:dd:ef:bb:29:55:3f:11:9a:d9:49:1f:
65:e0:c8:f6:06:87:01:ce:54:a3:46:b3:98:33:21:
a3:d3:d6:db:cd:be:40:eb:31:01:d9:90:3a:dc:3a:
82:7b:24:74:15:d3:4b:33:f7:1f:b2:ba:b7:a3:82:
ad:ea:dc:6e:05:ca:1e:1e:93:c1:3d:39:cf:a1:5a:
c8:20:e3:d3:2d:44:d0:0f:41:0e:1f:82:ff:18:aa:
58:4a:c8:a3:a5:e3:f1:aa:3f:84:c6:28:42:54:d8:
1f:3c:f0:cd:1d:3c:22:f9:09:bb:c6:05:11:51:c4:
b4:91:48:26:02:7b:9d:3d:a3:bf:25:ee:71:4a:1b:
2e:e7:7b:ef:b6:ba:da:20:e7:b0:8c:f5:f0:92:6e:
41:04:e6:93:68:5d:c6:e2:04:e0:a6:56:89:fc:ca:
38:08:65:0a:9a:d8:b3:c7:bb:3c:cb:f8:c7:fe:31:
e9:69:a0:43:54:bf:ce:e7:09:05:54:18:c6:ed:8c:
0a:af:31:cf:e5:1b:f0:b2:28:d3:2d:9b:e9:0f:7b:
69:8f:2c:20:93:0b:a5:7f:52:35:aa:7b:f3:f3:2c:
a5:8c:7c:a8:e9:db:55:d2:1a:61:26:c5:e8:55:23:
b9:43:42:b4:b2:d6:3a:1d:f7:fc:c6:19:72:be:1c:
7a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:82:74:39:55:47:F0:2C:60:4B:38:24:DB:5E:8C:98:A9:43:55:D7
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/f4J0OVVH8CxgSzgk216MmKlDVdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/24
195.90.115.0/24
IPv6:
2a01:7d80:2400::/40
2a01:7d80:c000::/40
Signature Algorithm: sha256WithRSAEncryption
40:08:55:51:f4:a7:33:d9:d9:ee:25:e8:b3:5b:3e:b2:29:8c:
b5:1b:4c:24:f5:9e:07:e2:2f:a1:99:27:1a:02:c8:6e:9d:4a:
16:98:e9:02:ff:05:28:b8:7d:25:82:0f:e0:50:6d:49:d7:cf:
2d:77:78:81:2c:de:f7:3c:ec:10:62:11:82:cc:f9:42:bd:6b:
a9:49:53:5c:9f:90:a1:97:58:e3:c5:77:1f:37:d1:fe:9e:d5:
0b:bb:3c:f8:f7:2f:87:54:99:3d:7b:89:67:f8:46:80:a0:0e:
85:ae:5e:ea:1a:93:2a:ca:a8:16:8d:e0:c4:50:e6:62:98:82:
e1:7c:d9:de:ae:a7:07:bc:6d:64:81:84:2c:a7:31:c3:56:0f:
e7:2e:95:0d:6a:26:d4:d8:6d:ae:dc:a4:e0:62:7d:1a:d0:f5:
ed:8f:05:d1:f6:8d:f5:73:bb:a0:40:b5:35:1f:51:c0:1d:06:
5d:0d:3c:ff:3e:28:29:9d:0d:71:1a:82:74:e7:58:eb:af:82:
21:11:8d:1c:30:76:37:30:7c:2a:af:fc:3e:50:66:84:2a:78:
fb:c9:e0:d3:ae:37:29:17:a4:29:69:d2:23:55:1e:a4:44:7f:
87:2c:67:9a:3d:2e:a2:87:8e:f4:a3:e7:83:93:b2:83:15:bc:
36:a7:80:36
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgK55j2LPJX+JvFvNJSBNGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjMwNTExMTMwMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjgyNzQzOTU1NDdmMDJjNjA0YjM4MjRkYjVlOGM5OGE5NDM1NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviVe3e+7KVU/EZrZSR9l4Mj2BocB
zlSjRrOYMyGj09bbzb5A6zEB2ZA63DqCeyR0FdNLM/cfsrq3o4Kt6txuBcoeHpPB
PTnPoVrIIOPTLUTQD0EOH4L/GKpYSsijpePxqj+ExihCVNgfPPDNHTwi+Qm7xgUR
UcS0kUgmAnudPaO/Je5xShsu53vvtrraIOewjPXwkm5BBOaTaF3G4gTgplaJ/Mo4
CGUKmtizx7s8y/jH/jHpaaBDVL/O5wkFVBjG7YwKrzHP5RvwsijTLZvpD3tpjywg
kwulf1I1qnvz8yyljHyo6dtV0hphJsXoVSO5Q0K0stY6Hff8xhlyvhx6cQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH+CdDlVR/AsYEs4JNtejJipQ1XXMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvZjRKME9WVkg4Q3hnU3pnazIxNk1tS2xEVmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAw1piAwQA
w1pzMBYEAgACMBADBgAqAX2AJAMGACoBfYDAMA0GCSqGSIb3DQEBCwUAA4IBAQBA
CFVR9Kcz2dnuJeizWz6yKYy1G0wk9Z4H4i+hmScaAshunUoWmOkC/wUouH0lgg/g
UG1J188td3iBLN73POwQYhGCzPlCvWupSVNcn5Chl1jjxXcfN9H+ntULuzz49y+H
VJk9e4ln+EaAoA6Frl7qGpMqyqgWjeDEUOZimILhfNnerqcHvG1kgYQspzHDVg/n
LpUNaibU2G2u3KTgYn0a0PXtjwXR9o31c7ugQLU1H1HAHQZdDTz/PigpnQ1xGoJ0
51jrr4IhEY0cMHY3MHwqr/w+UGaEKnj7yeDTrjcpF6QpadIjVR6kRH+HLGeaPS6i
h470o+eDk7KDFbw2p4A2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:43 2024 by rpki-client on console-ams.rpki-client.org